Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permit configuring IMDS client behavior on timeout #1233

Closed
2 tasks done
Mark-Simulacrum opened this issue Jan 6, 2025 · 3 comments
Closed
2 tasks done

Permit configuring IMDS client behavior on timeout #1233

Mark-Simulacrum opened this issue Jan 6, 2025 · 3 comments
Labels
feature-request A feature should be added or improved. pending-release This issue will be fixed by an approved PR that hasn't been released yet.

Comments

@Mark-Simulacrum
Copy link

Describe the feature

The IMDS client in aws-config, both for internal usage (e.g., credential fetching) and as a public-facing client (e.g., to resolve instance metadata in user programs) should support being configured to an "expected to exist" mode where e.g. TCP connects are retried (unlike the current default).

Use Case

On EC2 instances, IMDS is not always 100% available; we periodically see short blips of unavailability in production, like with any other service. Retries avoid these bubbling out as e.g. service launch failures due to inability to provision credentials or discover local identity (instance ID).

Proposed Solution

At minimum, the client should expose a knob to enable retrying TCP failures (connect and read timeouts). Ideally, the solution would allow for us to specify that we do in fact expect a response and so the normal SDK behaviors should happen -- rather than having to chase those over time with more knobs.

The SDK defaults may make less sense for cases where IMDS may not be available, but explicit usage of the IMDS client seems like a good indicator of "I expect it to work" (at least as a default).

We would want to configure this for the implicit IMDS client created within credentials provider chains, but are OK explicitly threading a client into that state if needed.

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

A note for the community

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue, please leave a comment
@Mark-Simulacrum Mark-Simulacrum added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Jan 6, 2025
@ysaito1001 ysaito1001 removed the needs-triage This issue or PR still needs to be triaged. label Jan 15, 2025
@landonxjames landonxjames mentioned this issue Jan 20, 2025
Merged
1 task
github-merge-queue bot pushed a commit to smithy-lang/smithy-rs that referenced this issue Jan 22, 2025
@landonxjames
IMDS retries (#3975)
acb693f 
## Motivation and Context
<!--- Why is this change required? What problem does it solve? -->
<!--- If it fixes an open issue, please link to the issue here -->
Addressing awslabs/aws-sdk-rust#1233

## Description
<!--- Describe your changes in detail -->
Add ability to configure the retry classifier on the IMDS client.

## Testing
<!--- Please describe in detail how you tested your changes -->
<!--- Include details of your testing environment, and the tests you ran
to -->
<!--- see how your change affects other areas of the code, etc. -->
Added new unit test to ensure that a user defined retry classifer is
being used.

## Checklist
<!--- If a checkbox below is not applicable, then please DELETE it
rather than leaving it unchecked -->
- [x] For changes to the smithy-rs codegen or runtime crates, I have
created a changelog entry Markdown file in the `.changelog` directory,
specifying "client," "server," or both in the `applies_to` key.

----

_By submitting this pull request, I confirm that you can use, modify,
copy, and redistribute this contribution, under the terms of your
choice._
@ysaito1001 ysaito1001 added the pending-release This issue will be fixed by an approved PR that hasn't been released yet. label Jan 23, 2025
@landonxjames
Copy link
Contributor

landonxjames commented Jan 23, 2025
edited
Loading

This behavior has now been added in version 1.5.15 of the aws-config crate. See the new retry_classifier method on the IMDS builder. Additionally, so that you don't have to implement the whole retry classifier yourself, we added a with_retry_connect_timeouts method to the ImdsResponseRetryClassifier that you can configure and pass in.

@ysaito1001
Copy link
Collaborator

The fix was released on 2025-01-23

@github-actions GitHub Actions
Copy link

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request A feature should be added or improved. pending-release This issue will be fixed by an approved PR that hasn't been released yet.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Mark-Simulacrum @landonxjames @ysaito1001