Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(python, rust): remove imds calls from profile auth and region #2442

Merged
merged 5 commits into from
Apr 23, 2024
Merged

fix(python, rust): remove imds calls from profile auth and region #2442

merged 5 commits into from
Apr 23, 2024

Conversation

mightyshazam
Copy link
Contributor

Description

The AWS SDK uses EC2 instance metadata in the default provider chain, the profile chain and the region provider

Related Issue(s)

Documentation

@github-actions github-actions bot added the binding/rust Issues for the Rust crate label Apr 22, 2024
@ion-elgreco
Copy link
Collaborator

ion-elgreco commented Apr 23, 2024
edited
Loading

Hey @mightyshazam, I am seeing also a lot of warnings with our latest release regarding this IMDS region:

[2024-04-23T06:13:29Z WARN  aws_config::imds::region] failed to load region from IMDS ...
[2024-04-23T06:13:29Z WARN  aws_config::imds::region] failed to load region from IMDS ...

Would it make sense to have this IMDS region disabled by default? A lot of users including me don't use AWS s3 but other variants

Right, so this PR makes it not the default anymore or you still need to manually pass disable_EC2_metadata everytime? (sorry just woke up : ) )

@mightyshazam
Copy link
Contributor Author

This PR means you have to pass it. I am tempted to make disabling ec2 metadata default behavior for the sake of backwards compatibility, though.

@ion-elgreco
Copy link
Collaborator

@mightyshazam let's go for putting it disabled by default. Then for EC2 instance users they should enable it.

ion-elgreco
ion-elgreco previously approved these changes Apr 23, 2024
View reviewed changes
Copy link
Collaborator

@ion-elgreco ion-elgreco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @mightyshazam!

@ion-elgreco ion-elgreco enabled auto-merge (squash) April 23, 2024 14:38
auto-merge was automatically disabled April 23, 2024 15:39

Head branch was pushed to by a user without write access

@ion-elgreco ion-elgreco enabled auto-merge (squash) April 23, 2024 15:42
@mightyshazam mightyshazam mentioned this pull request Apr 23, 2024
Closed
@ion-elgreco ion-elgreco merged commit dd358ef into delta-io:main Apr 23, 2024
20 checks passed
@ion-elgreco
Copy link
Collaborator

@mightyshazam I checked today, but I am still seeing some warnings. So it seems to be not fully disabled yet?

[2024-04-24T07:55:28Z WARN  aws_config::imds::region] failed to load region from IMDS err=failed to load IMDS session token: dispatch failure: io error: error trying to connect: tcp connect error: No route to host (os error 113): tcp connect error: No route to host (os error 113): No route to host (os error 113) (FailedToLoadToken(FailedToLoadToken { source: DispatchFailure(DispatchFailure { source: ConnectorError { kind: Io, source: hyper::Error(Connect, ConnectError("tcp connect error", Os { code: 113, kind: HostUnreachable, message: "No route to host" })), connection: Unknown } }) }))
[2024-04-24T07:55:29Z WARN  aws_config::imds::region] failed to load region from IMDS err=failed to load IMDS session token: dispatch failure: timeout: error trying to connect: HTTP connect timeout occurred after 1s: HTTP connect timeout occurred after 1s: timed out (FailedToLoadToken(FailedToLoadToken { source: DispatchFailure(DispatchFailure { source: ConnectorError { kind: Timeout, source: hyper::Error(Connect, HttpTimeoutError { kind: "HTTP connect", duration: 1s }), connection: Unknown } }) }))

@mightyshazam
Copy link
Contributor Author

@ion-elgreco I don't see this when running with default settings. I also don't see it when setting AWS_EC2_METADATA_DISABLED to false. However, I was able to reproduce it by setting the environment variable AWS_EC2_METADATA_DISABLED set to false. Can you check your environment variables?

@ion-elgreco
Copy link
Collaborator

Only when setting the env variable AWS_EC2_METADATA_DISABLED=true will stop trying to use that region provider. If I don't set any environment variables, the warnings will pop up again during a connection

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ion-elgreco ion-elgreco ion-elgreco approved these changes

@wjones127 wjones127 Awaiting requested review from wjones127 wjones127 is a code owner

@roeap roeap Awaiting requested review from roeap roeap is a code owner

@rtyler rtyler Awaiting requested review from rtyler rtyler is a code owner

Assignees
No one assigned
Labels
binding/rust Issues for the Rust crate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Very slow s3 connection after 0.16.1
2 participants
@mightyshazam @ion-elgreco