ohai 18.1.18 → 19.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +28 -28
- data/LICENSE +201 -201
- data/bin/ohai +25 -25
- data/lib/ohai/application.rb +189 -189
- data/lib/ohai/common/dmi.rb +167 -167
- data/lib/ohai/config.rb +51 -51
- data/lib/ohai/dsl/plugin/versionvii.rb +203 -203
- data/lib/ohai/dsl/plugin.rb +232 -232
- data/lib/ohai/dsl.rb +22 -22
- data/lib/ohai/exception.rb +36 -36
- data/lib/ohai/hints.rb +68 -68
- data/lib/ohai/loader.rb +178 -178
- data/lib/ohai/log.rb +34 -34
- data/lib/ohai/mash.rb +22 -22
- data/lib/ohai/mixin/alibaba_metadata.rb +83 -83
- data/lib/ohai/mixin/azure_metadata.rb +105 -105
- data/lib/ohai/mixin/chef_utils_wiring.rb +52 -52
- data/lib/ohai/mixin/command.rb +4 -4
- data/lib/ohai/mixin/constant_helper.rb +55 -55
- data/lib/ohai/mixin/dmi_decode.rb +54 -54
- data/lib/ohai/mixin/do_metadata.rb +48 -48
- data/lib/ohai/mixin/ec2_metadata.rb +264 -264
- data/lib/ohai/mixin/gce_metadata.rb +79 -79
- data/lib/ohai/mixin/http_helper.rb +64 -64
- data/lib/ohai/mixin/json_helper.rb +36 -36
- data/lib/ohai/mixin/network_helper.rb +92 -92
- data/lib/ohai/mixin/oci_metadata.rb +60 -60
- data/lib/ohai/mixin/os.rb +128 -128
- data/lib/ohai/mixin/scaleway_metadata.rb +51 -51
- data/lib/ohai/mixin/seconds_to_human.rb +52 -52
- data/lib/ohai/mixin/shell_out.rb +51 -51
- data/lib/ohai/mixin/softlayer_metadata.rb +74 -74
- data/lib/ohai/mixin/string.rb +31 -31
- data/lib/ohai/mixin/train_helpers.rb +36 -36
- data/lib/ohai/mixin/which.rb +39 -39
- data/lib/ohai/plugin_config.rb +47 -47
- data/lib/ohai/plugins/aix/kernel.rb +50 -50
- data/lib/ohai/plugins/aix/memory.rb +37 -37
- data/lib/ohai/plugins/aix/network.rb +142 -142
- data/lib/ohai/plugins/aix/platform.rb +30 -30
- data/lib/ohai/plugins/aix/uptime.rb +54 -54
- data/lib/ohai/plugins/aix/virtualization.rb +154 -154
- data/lib/ohai/plugins/alibaba.rb +72 -72
- data/lib/ohai/plugins/azure.rb +154 -154
- data/lib/ohai/plugins/bsd/virtualization.rb +121 -121
- data/lib/ohai/plugins/c.rb +178 -178
- data/lib/ohai/plugins/chef.rb +50 -50
- data/lib/ohai/plugins/cloud.rb +379 -379
- data/lib/ohai/plugins/command.rb +26 -26
- data/lib/ohai/plugins/cpu.rb +642 -635
- data/lib/ohai/plugins/darwin/hardware.rb +99 -99
- data/lib/ohai/plugins/darwin/memory.rb +62 -62
- data/lib/ohai/plugins/darwin/network.rb +207 -207
- data/lib/ohai/plugins/darwin/platform.rb +40 -40
- data/lib/ohai/plugins/darwin/virtualization.rb +104 -104
- data/lib/ohai/plugins/digital_ocean.rb +67 -67
- data/lib/ohai/plugins/dmi.rb +134 -134
- data/lib/ohai/plugins/docker.rb +58 -58
- data/lib/ohai/plugins/dragonflybsd/memory.rb +60 -60
- data/lib/ohai/plugins/dragonflybsd/network.rb +128 -128
- data/lib/ohai/plugins/dragonflybsd/platform.rb +28 -28
- data/lib/ohai/plugins/ec2.rb +148 -148
- data/lib/ohai/plugins/elixir.rb +36 -36
- data/lib/ohai/plugins/erlang.rb +60 -60
- data/lib/ohai/plugins/eucalyptus.rb +86 -86
- data/lib/ohai/plugins/filesystem.rb +753 -751
- data/lib/ohai/plugins/fips.rb +36 -36
- data/lib/ohai/plugins/freebsd/memory.rb +60 -60
- data/lib/ohai/plugins/freebsd/network.rb +128 -128
- data/lib/ohai/plugins/freebsd/platform.rb +28 -28
- data/lib/ohai/plugins/gce.rb +89 -89
- data/lib/ohai/plugins/go.rb +34 -34
- data/lib/ohai/plugins/groovy.rb +38 -38
- data/lib/ohai/plugins/grub2.rb +40 -40
- data/lib/ohai/plugins/habitat.rb +73 -73
- data/lib/ohai/plugins/haskell.rb +96 -96
- data/lib/ohai/plugins/hostname.rb +133 -133
- data/lib/ohai/plugins/init_package.rb +26 -26
- data/lib/ohai/plugins/java.rb +78 -78
- data/lib/ohai/plugins/kernel.rb +292 -292
- data/lib/ohai/plugins/keys.rb +27 -27
- data/lib/ohai/plugins/languages.rb +26 -26
- data/lib/ohai/plugins/libvirt.rb +114 -114
- data/lib/ohai/plugins/linode.rb +73 -73
- data/lib/ohai/plugins/linux/block_device.rb +48 -48
- data/lib/ohai/plugins/linux/hostnamectl.rb +34 -34
- data/lib/ohai/plugins/linux/interrupts.rb +84 -84
- data/lib/ohai/plugins/linux/ipc.rb +52 -52
- data/lib/ohai/plugins/linux/livepatch.rb +38 -38
- data/lib/ohai/plugins/linux/lsb.rb +46 -46
- data/lib/ohai/plugins/linux/lspci.rb +80 -80
- data/lib/ohai/plugins/linux/machineid.rb +36 -36
- data/lib/ohai/plugins/linux/mdadm.rb +120 -120
- data/lib/ohai/plugins/linux/memory.rb +106 -106
- data/lib/ohai/plugins/linux/network.rb +879 -879
- data/lib/ohai/plugins/linux/os_release.rb +38 -38
- data/lib/ohai/plugins/linux/platform.rb +314 -314
- data/lib/ohai/plugins/linux/selinux.rb +69 -69
- data/lib/ohai/plugins/linux/sessions.rb +54 -54
- data/lib/ohai/plugins/linux/sysctl.rb +39 -39
- data/lib/ohai/plugins/linux/systemd_paths.rb +36 -36
- data/lib/ohai/plugins/linux/tc.rb +61 -61
- data/lib/ohai/plugins/linux/virtualization.rb +300 -300
- data/lib/ohai/plugins/lua.rb +39 -39
- data/lib/ohai/plugins/mono.rb +50 -50
- data/lib/ohai/plugins/netbsd/memory.rb +99 -99
- data/lib/ohai/plugins/netbsd/network.rb +122 -122
- data/lib/ohai/plugins/netbsd/platform.rb +28 -28
- data/lib/ohai/plugins/network.rb +186 -186
- data/lib/ohai/plugins/nodejs.rb +40 -40
- data/lib/ohai/plugins/oci.rb +94 -94
- data/lib/ohai/plugins/ohai.rb +29 -29
- data/lib/ohai/plugins/ohai_time.rb +26 -26
- data/lib/ohai/plugins/openbsd/memory.rb +99 -99
- data/lib/ohai/plugins/openbsd/network.rb +122 -122
- data/lib/ohai/plugins/openbsd/platform.rb +28 -28
- data/lib/ohai/plugins/openstack.rb +84 -84
- data/lib/ohai/plugins/os.rb +55 -55
- data/lib/ohai/plugins/packages.rb +234 -234
- data/lib/ohai/plugins/passwd.rb +104 -104
- data/lib/ohai/plugins/perl.rb +45 -45
- data/lib/ohai/plugins/php.rb +52 -52
- data/lib/ohai/plugins/platform.rb +41 -29
- data/lib/ohai/plugins/powershell.rb +82 -82
- data/lib/ohai/plugins/ps.rb +35 -35
- data/lib/ohai/plugins/python.rb +43 -43
- data/lib/ohai/plugins/rackspace.rb +177 -177
- data/lib/ohai/plugins/root_group.rb +41 -41
- data/lib/ohai/plugins/rpm.rb +121 -121
- data/lib/ohai/plugins/ruby.rb +66 -66
- data/lib/ohai/plugins/rust.rb +34 -34
- data/lib/ohai/plugins/scala.rb +38 -38
- data/lib/ohai/plugins/scaleway.rb +58 -58
- data/lib/ohai/plugins/scsi.rb +52 -52
- data/lib/ohai/plugins/shard.rb +142 -142
- data/lib/ohai/plugins/shells.rb +32 -32
- data/lib/ohai/plugins/softlayer.rb +48 -48
- data/lib/ohai/plugins/solaris2/dmi.rb +191 -191
- data/lib/ohai/plugins/solaris2/memory.rb +32 -32
- data/lib/ohai/plugins/solaris2/network.rb +192 -192
- data/lib/ohai/plugins/solaris2/platform.rb +58 -58
- data/lib/ohai/plugins/solaris2/virtualization.rb +90 -90
- data/lib/ohai/plugins/ssh_host_key.rb +84 -84
- data/lib/ohai/plugins/sysconf.rb +46 -46
- data/lib/ohai/plugins/timezone.rb +45 -45
- data/lib/ohai/plugins/train.rb +35 -35
- data/lib/ohai/plugins/uptime.rb +95 -95
- data/lib/ohai/plugins/virtualbox.rb +197 -197
- data/lib/ohai/plugins/vmware.rb +109 -109
- data/lib/ohai/plugins/windows/dmi.rb +95 -95
- data/lib/ohai/plugins/windows/drivers.rb +52 -52
- data/lib/ohai/plugins/windows/memory.rb +39 -39
- data/lib/ohai/plugins/windows/network.rb +222 -222
- data/lib/ohai/plugins/windows/platform.rb +34 -34
- data/lib/ohai/plugins/windows/system_enclosure.rb +29 -29
- data/lib/ohai/plugins/windows/virtualization.rb +45 -45
- data/lib/ohai/plugins/zpools.rb +94 -94
- data/lib/ohai/provides_map.rb +208 -208
- data/lib/ohai/runner.rb +128 -128
- data/lib/ohai/system.rb +258 -258
- data/lib/ohai/train_transport.rb +29 -29
- data/lib/ohai/util/file_helper.rb +6 -6
- data/lib/ohai/util/ip_helper.rb +56 -56
- data/lib/ohai/util/win32.rb +47 -47
- data/lib/ohai/version.rb +23 -23
- data/lib/ohai.rb +23 -23
- data/ohai.gemspec +35 -35
- metadata +10 -10
@@ -1,264 +1,264 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
#
|
3
|
-
# Author:: Tim Dysinger (<tim@dysinger.net>)
|
4
|
-
# Author:: Benjamin Black (<bb@chef.io>)
|
5
|
-
# Author:: Christopher Brown (<cb@chef.io>)
|
6
|
-
# Copyright:: Copyright (c) Chef Software Inc.
|
7
|
-
# License:: Apache License, Version 2.0
|
8
|
-
#
|
9
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
10
|
-
# you may not use this file except in compliance with the License.
|
11
|
-
# You may obtain a copy of the License at
|
12
|
-
#
|
13
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
14
|
-
#
|
15
|
-
# Unless required by applicable law or agreed to in writing, software
|
16
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
17
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
18
|
-
# See the License for the specific language governing permissions and
|
19
|
-
# limitations under the License.
|
20
|
-
|
21
|
-
require "net/http" unless defined?(Net::HTTP)
|
22
|
-
|
23
|
-
require_relative "../mixin/json_helper"
|
24
|
-
include Ohai::Mixin::JsonHelper
|
25
|
-
|
26
|
-
module Ohai
|
27
|
-
module Mixin
|
28
|
-
##
|
29
|
-
# This code parses the EC2 Instance Metadata API to provide details
|
30
|
-
# of the running instance.
|
31
|
-
#
|
32
|
-
# Earlier version of this code assumed a specific version of the
|
33
|
-
# metadata API was available. Unfortunately the API versions
|
34
|
-
# supported by a particular instance are determined at instance
|
35
|
-
# launch and are not extended over the life of the instance. As such
|
36
|
-
# the earlier code would fail depending on the age of the instance.
|
37
|
-
#
|
38
|
-
# The updated code probes the instance metadata endpoint for
|
39
|
-
# available versions, determines the most advanced version known to
|
40
|
-
# work and executes the metadata retrieval using that version.
|
41
|
-
#
|
42
|
-
# If no compatible version is found, an empty hash is returned.
|
43
|
-
#
|
44
|
-
module Ec2Metadata
|
45
|
-
|
46
|
-
EC2_METADATA_ADDR ||= "169.254.169.254"
|
47
|
-
EC2_SUPPORTED_VERSIONS ||= %w{ 1.0
|
48
|
-
2007-01-19
|
49
|
-
2007-03-01
|
50
|
-
2007-08-29
|
51
|
-
2007-10-10
|
52
|
-
2007-12-15
|
53
|
-
2008-02-01
|
54
|
-
2008-09-01
|
55
|
-
2009-04-04
|
56
|
-
2011-01-01
|
57
|
-
2011-05-01
|
58
|
-
2012-01-12
|
59
|
-
2014-02-25
|
60
|
-
2014-11-05
|
61
|
-
2015-10-20
|
62
|
-
2016-04-19
|
63
|
-
2016-06-30
|
64
|
-
2016-09-02
|
65
|
-
2018-03-28
|
66
|
-
2018-08-17
|
67
|
-
2018-09-24
|
68
|
-
2019-10-01
|
69
|
-
2020-10-27
|
70
|
-
2021-01-03
|
71
|
-
2021-03-23
|
72
|
-
2021-07-15 }.freeze
|
73
|
-
EC2_ARRAY_VALUES ||= %w{security-groups local_ipv4s}.freeze
|
74
|
-
EC2_ARRAY_DIR ||= %w{network/interfaces/macs}.freeze
|
75
|
-
EC2_JSON_DIR ||= %w{iam}.freeze
|
76
|
-
|
77
|
-
#
|
78
|
-
# The latest metadata version in EC2_SUPPORTED_VERSIONS that this instance supports
|
79
|
-
# in AWS supported metadata versions are determined at instance start so we need to be
|
80
|
-
# cautious here in case an instance has been running for a long time
|
81
|
-
#
|
82
|
-
# @return [String] the version
|
83
|
-
#
|
84
|
-
def best_api_version
|
85
|
-
@api_version ||= begin
|
86
|
-
logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/ to determine the latest supported metadata release")
|
87
|
-
response = http_client.get("/", { 'X-aws-ec2-metadata-token': v2_token })
|
88
|
-
if response.code == "404"
|
89
|
-
logger.trace("Mixin EC2: Received HTTP 404 from metadata server while determining API version, assuming 'latest'")
|
90
|
-
return "latest"
|
91
|
-
elsif response.code != "200"
|
92
|
-
raise "Mixin EC2: Unable to determine EC2 metadata version (returned #{response.code} response)"
|
93
|
-
end
|
94
|
-
# NOTE: Sorting the list of versions may have unintended consequences in
|
95
|
-
# non-EC2 environments. It appears to be safe in EC2 as of 2013-04-12.
|
96
|
-
versions = response.body.split("\n").sort
|
97
|
-
until versions.empty? || EC2_SUPPORTED_VERSIONS.include?(versions.last)
|
98
|
-
pv = versions.pop
|
99
|
-
logger.trace("Mixin EC2: EC2 lists metadata version: #{pv} not yet supported by Ohai") unless pv == "latest"
|
100
|
-
end
|
101
|
-
logger.trace("Mixin EC2: Latest supported EC2 metadata version: #{versions.last}")
|
102
|
-
if versions.empty?
|
103
|
-
raise "Mixin EC2: Unable to determine EC2 metadata version (no supported entries found)"
|
104
|
-
end
|
105
|
-
|
106
|
-
versions.last
|
107
|
-
end
|
108
|
-
end
|
109
|
-
|
110
|
-
# a net/http client with a timeout of 10s and a keepalive of 10s
|
111
|
-
#
|
112
|
-
# @return [Net::HTTP]
|
113
|
-
def http_client
|
114
|
-
@conn ||= Net::HTTP.start(EC2_METADATA_ADDR).tap do |h|
|
115
|
-
h.read_timeout = 10
|
116
|
-
h.keep_alive_timeout = 10
|
117
|
-
end
|
118
|
-
end
|
119
|
-
|
120
|
-
#
|
121
|
-
# Fetch an API token for use querying AWS IMDSv2 or return nil if no token if found
|
122
|
-
# AWS like systems (think OpenStack) will not respond with a token here
|
123
|
-
#
|
124
|
-
# @return [NilClass, String] API token or nil
|
125
|
-
#
|
126
|
-
def v2_token
|
127
|
-
@v2_token ||= begin
|
128
|
-
request = http_client.put("/latest/api/token", nil, { 'X-aws-ec2-metadata-token-ttl-seconds': "60" })
|
129
|
-
if request.code == "404" # not on AWS
|
130
|
-
nil
|
131
|
-
else
|
132
|
-
request.body
|
133
|
-
end
|
134
|
-
end
|
135
|
-
end
|
136
|
-
|
137
|
-
# Get metadata for a given path and API version
|
138
|
-
#
|
139
|
-
# Typically, a 200 response is expected for valid metadata.
|
140
|
-
# On certain instance types, traversing the provided metadata path
|
141
|
-
# produces a 404 for some unknown reason. In that event, return
|
142
|
-
# `nil` and continue the run instead of failing it.
|
143
|
-
def metadata_get(id, api_version)
|
144
|
-
path = "/#{api_version}/meta-data/#{id}"
|
145
|
-
logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}#{path}")
|
146
|
-
response = http_client.get(path, { 'X-aws-ec2-metadata-token': v2_token })
|
147
|
-
case response.code
|
148
|
-
when "200"
|
149
|
-
response.body
|
150
|
-
when "404"
|
151
|
-
logger.trace("Mixin EC2: Encountered 404 response retrieving EC2 metadata path: #{path} ; continuing.")
|
152
|
-
nil
|
153
|
-
else
|
154
|
-
raise "Mixin EC2: Encountered error retrieving EC2 metadata (#{path} returned #{response.code} response)"
|
155
|
-
end
|
156
|
-
end
|
157
|
-
|
158
|
-
def fetch_metadata(id = "", api_version = nil)
|
159
|
-
metadata = {}
|
160
|
-
retrieved_metadata = metadata_get(id, best_api_version)
|
161
|
-
if retrieved_metadata
|
162
|
-
retrieved_metadata.split("\n").each do |o|
|
163
|
-
key = expand_path("#{id}#{o}")
|
164
|
-
if key[-1..-1] != "/"
|
165
|
-
metadata[metadata_key(key)] =
|
166
|
-
if EC2_ARRAY_VALUES.include? key
|
167
|
-
retr_meta = metadata_get(key, best_api_version)
|
168
|
-
retr_meta ? retr_meta.split("\n") : retr_meta
|
169
|
-
else
|
170
|
-
metadata_get(key, best_api_version)
|
171
|
-
end
|
172
|
-
elsif (!key.eql?(id)) && (!key.eql?("/"))
|
173
|
-
name = key[0..-2]
|
174
|
-
sym = metadata_key(name)
|
175
|
-
if EC2_ARRAY_DIR.include?(name)
|
176
|
-
metadata[sym] = fetch_dir_metadata(key, best_api_version)
|
177
|
-
elsif EC2_JSON_DIR.include?(name)
|
178
|
-
metadata[sym] = fetch_json_dir_metadata(key, best_api_version)
|
179
|
-
else
|
180
|
-
fetch_metadata(key, best_api_version).each { |k, v| metadata[k] = v }
|
181
|
-
end
|
182
|
-
end
|
183
|
-
end
|
184
|
-
metadata
|
185
|
-
end
|
186
|
-
end
|
187
|
-
|
188
|
-
def fetch_dir_metadata(id, api_version)
|
189
|
-
metadata = {}
|
190
|
-
retrieved_metadata = metadata_get(id, api_version)
|
191
|
-
if retrieved_metadata
|
192
|
-
retrieved_metadata.split("\n").each do |o|
|
193
|
-
key = expand_path(o)
|
194
|
-
if key[-1..-1] != "/"
|
195
|
-
retr_meta = metadata_get("#{id}#{key}", api_version)
|
196
|
-
metadata[metadata_key(key)] = retr_meta || ""
|
197
|
-
elsif !key.eql?("/")
|
198
|
-
metadata[key[0..-2]] = fetch_dir_metadata("#{id}#{key}", api_version)
|
199
|
-
end
|
200
|
-
end
|
201
|
-
metadata
|
202
|
-
end
|
203
|
-
end
|
204
|
-
|
205
|
-
def fetch_json_dir_metadata(id, api_version)
|
206
|
-
metadata = {}
|
207
|
-
retrieved_metadata = metadata_get(id, api_version)
|
208
|
-
if retrieved_metadata
|
209
|
-
retrieved_metadata.split("\n").each do |o|
|
210
|
-
key = expand_path(o)
|
211
|
-
if key[-1..-1] != "/"
|
212
|
-
retr_meta = metadata_get("#{id}#{key}", api_version)
|
213
|
-
data = retr_meta || ""
|
214
|
-
json = String(data)
|
215
|
-
parser = FFI_Yajl::Parser.new
|
216
|
-
metadata[metadata_key(key)] = parser.parse(json)
|
217
|
-
elsif !key.eql?("/")
|
218
|
-
metadata[key[0..-2]] = fetch_json_dir_metadata("#{id}#{key}", api_version)
|
219
|
-
end
|
220
|
-
end
|
221
|
-
metadata
|
222
|
-
end
|
223
|
-
end
|
224
|
-
|
225
|
-
def fetch_userdata
|
226
|
-
logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/#{best_api_version}/user-data/")
|
227
|
-
response = http_client.get("/#{best_api_version}/user-data/", { 'X-aws-ec2-metadata-token': v2_token })
|
228
|
-
response.code == "200" ? response.body : nil
|
229
|
-
end
|
230
|
-
|
231
|
-
def fetch_dynamic_data
|
232
|
-
@fetch_dynamic_data ||= begin
|
233
|
-
response = http_client.get("/#{best_api_version}/dynamic/instance-identity/document/", { 'X-aws-ec2-metadata-token': v2_token })
|
234
|
-
|
235
|
-
if response.code == "200"
|
236
|
-
json_data = parse_json(response.body, {})
|
237
|
-
if json_data.nil?
|
238
|
-
logger.warn("Mixin Ec2Metadata: Metadata response is NOT valid JSON")
|
239
|
-
end
|
240
|
-
json_data
|
241
|
-
else
|
242
|
-
logger.warn("Mixin Ec2Metadata: Received response code #{response.code} requesting metadata")
|
243
|
-
{}
|
244
|
-
end
|
245
|
-
end
|
246
|
-
end
|
247
|
-
|
248
|
-
private
|
249
|
-
|
250
|
-
def expand_path(file_name)
|
251
|
-
path = file_name.gsub(/\=.*$/, "/")
|
252
|
-
# ignore "./" and "../"
|
253
|
-
path.gsub(%r{/\.\.?(?:/|$)}, "/")
|
254
|
-
.sub(%r{^\.\.?(?:/|$)}, "")
|
255
|
-
.sub(/^$/, "/")
|
256
|
-
end
|
257
|
-
|
258
|
-
def metadata_key(key)
|
259
|
-
key.gsub(%r{\-|/}, "_")
|
260
|
-
end
|
261
|
-
|
262
|
-
end
|
263
|
-
end
|
264
|
-
end
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
# Author:: Tim Dysinger (<tim@dysinger.net>)
|
4
|
+
# Author:: Benjamin Black (<bb@chef.io>)
|
5
|
+
# Author:: Christopher Brown (<cb@chef.io>)
|
6
|
+
# Copyright:: Copyright (c) Chef Software Inc.
|
7
|
+
# License:: Apache License, Version 2.0
|
8
|
+
#
|
9
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
10
|
+
# you may not use this file except in compliance with the License.
|
11
|
+
# You may obtain a copy of the License at
|
12
|
+
#
|
13
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
14
|
+
#
|
15
|
+
# Unless required by applicable law or agreed to in writing, software
|
16
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
17
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
18
|
+
# See the License for the specific language governing permissions and
|
19
|
+
# limitations under the License.
|
20
|
+
|
21
|
+
require "net/http" unless defined?(Net::HTTP)
|
22
|
+
|
23
|
+
require_relative "../mixin/json_helper"
|
24
|
+
include Ohai::Mixin::JsonHelper
|
25
|
+
|
26
|
+
module Ohai
|
27
|
+
module Mixin
|
28
|
+
##
|
29
|
+
# This code parses the EC2 Instance Metadata API to provide details
|
30
|
+
# of the running instance.
|
31
|
+
#
|
32
|
+
# Earlier version of this code assumed a specific version of the
|
33
|
+
# metadata API was available. Unfortunately the API versions
|
34
|
+
# supported by a particular instance are determined at instance
|
35
|
+
# launch and are not extended over the life of the instance. As such
|
36
|
+
# the earlier code would fail depending on the age of the instance.
|
37
|
+
#
|
38
|
+
# The updated code probes the instance metadata endpoint for
|
39
|
+
# available versions, determines the most advanced version known to
|
40
|
+
# work and executes the metadata retrieval using that version.
|
41
|
+
#
|
42
|
+
# If no compatible version is found, an empty hash is returned.
|
43
|
+
#
|
44
|
+
module Ec2Metadata
|
45
|
+
|
46
|
+
EC2_METADATA_ADDR ||= "169.254.169.254"
|
47
|
+
EC2_SUPPORTED_VERSIONS ||= %w{ 1.0
|
48
|
+
2007-01-19
|
49
|
+
2007-03-01
|
50
|
+
2007-08-29
|
51
|
+
2007-10-10
|
52
|
+
2007-12-15
|
53
|
+
2008-02-01
|
54
|
+
2008-09-01
|
55
|
+
2009-04-04
|
56
|
+
2011-01-01
|
57
|
+
2011-05-01
|
58
|
+
2012-01-12
|
59
|
+
2014-02-25
|
60
|
+
2014-11-05
|
61
|
+
2015-10-20
|
62
|
+
2016-04-19
|
63
|
+
2016-06-30
|
64
|
+
2016-09-02
|
65
|
+
2018-03-28
|
66
|
+
2018-08-17
|
67
|
+
2018-09-24
|
68
|
+
2019-10-01
|
69
|
+
2020-10-27
|
70
|
+
2021-01-03
|
71
|
+
2021-03-23
|
72
|
+
2021-07-15 }.freeze
|
73
|
+
EC2_ARRAY_VALUES ||= %w{security-groups local_ipv4s}.freeze
|
74
|
+
EC2_ARRAY_DIR ||= %w{network/interfaces/macs}.freeze
|
75
|
+
EC2_JSON_DIR ||= %w{iam}.freeze
|
76
|
+
|
77
|
+
#
|
78
|
+
# The latest metadata version in EC2_SUPPORTED_VERSIONS that this instance supports
|
79
|
+
# in AWS supported metadata versions are determined at instance start so we need to be
|
80
|
+
# cautious here in case an instance has been running for a long time
|
81
|
+
#
|
82
|
+
# @return [String] the version
|
83
|
+
#
|
84
|
+
def best_api_version
|
85
|
+
@api_version ||= begin
|
86
|
+
logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/ to determine the latest supported metadata release")
|
87
|
+
response = http_client.get("/", { 'X-aws-ec2-metadata-token': v2_token })
|
88
|
+
if response.code == "404"
|
89
|
+
logger.trace("Mixin EC2: Received HTTP 404 from metadata server while determining API version, assuming 'latest'")
|
90
|
+
return "latest"
|
91
|
+
elsif response.code != "200"
|
92
|
+
raise "Mixin EC2: Unable to determine EC2 metadata version (returned #{response.code} response)"
|
93
|
+
end
|
94
|
+
# NOTE: Sorting the list of versions may have unintended consequences in
|
95
|
+
# non-EC2 environments. It appears to be safe in EC2 as of 2013-04-12.
|
96
|
+
versions = response.body.split("\n").sort
|
97
|
+
until versions.empty? || EC2_SUPPORTED_VERSIONS.include?(versions.last)
|
98
|
+
pv = versions.pop
|
99
|
+
logger.trace("Mixin EC2: EC2 lists metadata version: #{pv} not yet supported by Ohai") unless pv == "latest"
|
100
|
+
end
|
101
|
+
logger.trace("Mixin EC2: Latest supported EC2 metadata version: #{versions.last}")
|
102
|
+
if versions.empty?
|
103
|
+
raise "Mixin EC2: Unable to determine EC2 metadata version (no supported entries found)"
|
104
|
+
end
|
105
|
+
|
106
|
+
versions.last
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
110
|
+
# a net/http client with a timeout of 10s and a keepalive of 10s
|
111
|
+
#
|
112
|
+
# @return [Net::HTTP]
|
113
|
+
def http_client
|
114
|
+
@conn ||= Net::HTTP.start(EC2_METADATA_ADDR).tap do |h|
|
115
|
+
h.read_timeout = 10
|
116
|
+
h.keep_alive_timeout = 10
|
117
|
+
end
|
118
|
+
end
|
119
|
+
|
120
|
+
#
|
121
|
+
# Fetch an API token for use querying AWS IMDSv2 or return nil if no token if found
|
122
|
+
# AWS like systems (think OpenStack) will not respond with a token here
|
123
|
+
#
|
124
|
+
# @return [NilClass, String] API token or nil
|
125
|
+
#
|
126
|
+
def v2_token
|
127
|
+
@v2_token ||= begin
|
128
|
+
request = http_client.put("/latest/api/token", nil, { 'X-aws-ec2-metadata-token-ttl-seconds': "60" })
|
129
|
+
if request.code == "404" # not on AWS
|
130
|
+
nil
|
131
|
+
else
|
132
|
+
request.body
|
133
|
+
end
|
134
|
+
end
|
135
|
+
end
|
136
|
+
|
137
|
+
# Get metadata for a given path and API version
|
138
|
+
#
|
139
|
+
# Typically, a 200 response is expected for valid metadata.
|
140
|
+
# On certain instance types, traversing the provided metadata path
|
141
|
+
# produces a 404 for some unknown reason. In that event, return
|
142
|
+
# `nil` and continue the run instead of failing it.
|
143
|
+
def metadata_get(id, api_version)
|
144
|
+
path = "/#{api_version}/meta-data/#{id}"
|
145
|
+
logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}#{path}")
|
146
|
+
response = http_client.get(path, { 'X-aws-ec2-metadata-token': v2_token })
|
147
|
+
case response.code
|
148
|
+
when "200"
|
149
|
+
response.body
|
150
|
+
when "404"
|
151
|
+
logger.trace("Mixin EC2: Encountered 404 response retrieving EC2 metadata path: #{path} ; continuing.")
|
152
|
+
nil
|
153
|
+
else
|
154
|
+
raise "Mixin EC2: Encountered error retrieving EC2 metadata (#{path} returned #{response.code} response)"
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
def fetch_metadata(id = "", api_version = nil)
|
159
|
+
metadata = {}
|
160
|
+
retrieved_metadata = metadata_get(id, best_api_version)
|
161
|
+
if retrieved_metadata
|
162
|
+
retrieved_metadata.split("\n").each do |o|
|
163
|
+
key = expand_path("#{id}#{o}")
|
164
|
+
if key[-1..-1] != "/"
|
165
|
+
metadata[metadata_key(key)] =
|
166
|
+
if EC2_ARRAY_VALUES.include? key
|
167
|
+
retr_meta = metadata_get(key, best_api_version)
|
168
|
+
retr_meta ? retr_meta.split("\n") : retr_meta
|
169
|
+
else
|
170
|
+
metadata_get(key, best_api_version)
|
171
|
+
end
|
172
|
+
elsif (!key.eql?(id)) && (!key.eql?("/"))
|
173
|
+
name = key[0..-2]
|
174
|
+
sym = metadata_key(name)
|
175
|
+
if EC2_ARRAY_DIR.include?(name)
|
176
|
+
metadata[sym] = fetch_dir_metadata(key, best_api_version)
|
177
|
+
elsif EC2_JSON_DIR.include?(name)
|
178
|
+
metadata[sym] = fetch_json_dir_metadata(key, best_api_version)
|
179
|
+
else
|
180
|
+
fetch_metadata(key, best_api_version).each { |k, v| metadata[k] = v }
|
181
|
+
end
|
182
|
+
end
|
183
|
+
end
|
184
|
+
metadata
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
def fetch_dir_metadata(id, api_version)
|
189
|
+
metadata = {}
|
190
|
+
retrieved_metadata = metadata_get(id, api_version)
|
191
|
+
if retrieved_metadata
|
192
|
+
retrieved_metadata.split("\n").each do |o|
|
193
|
+
key = expand_path(o)
|
194
|
+
if key[-1..-1] != "/"
|
195
|
+
retr_meta = metadata_get("#{id}#{key}", api_version)
|
196
|
+
metadata[metadata_key(key)] = retr_meta || ""
|
197
|
+
elsif !key.eql?("/")
|
198
|
+
metadata[key[0..-2]] = fetch_dir_metadata("#{id}#{key}", api_version)
|
199
|
+
end
|
200
|
+
end
|
201
|
+
metadata
|
202
|
+
end
|
203
|
+
end
|
204
|
+
|
205
|
+
def fetch_json_dir_metadata(id, api_version)
|
206
|
+
metadata = {}
|
207
|
+
retrieved_metadata = metadata_get(id, api_version)
|
208
|
+
if retrieved_metadata
|
209
|
+
retrieved_metadata.split("\n").each do |o|
|
210
|
+
key = expand_path(o)
|
211
|
+
if key[-1..-1] != "/"
|
212
|
+
retr_meta = metadata_get("#{id}#{key}", api_version)
|
213
|
+
data = retr_meta || ""
|
214
|
+
json = String(data)
|
215
|
+
parser = FFI_Yajl::Parser.new
|
216
|
+
metadata[metadata_key(key)] = parser.parse(json)
|
217
|
+
elsif !key.eql?("/")
|
218
|
+
metadata[key[0..-2]] = fetch_json_dir_metadata("#{id}#{key}", api_version)
|
219
|
+
end
|
220
|
+
end
|
221
|
+
metadata
|
222
|
+
end
|
223
|
+
end
|
224
|
+
|
225
|
+
def fetch_userdata
|
226
|
+
logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/#{best_api_version}/user-data/")
|
227
|
+
response = http_client.get("/#{best_api_version}/user-data/", { 'X-aws-ec2-metadata-token': v2_token })
|
228
|
+
response.code == "200" ? response.body : nil
|
229
|
+
end
|
230
|
+
|
231
|
+
def fetch_dynamic_data
|
232
|
+
@fetch_dynamic_data ||= begin
|
233
|
+
response = http_client.get("/#{best_api_version}/dynamic/instance-identity/document/", { 'X-aws-ec2-metadata-token': v2_token })
|
234
|
+
|
235
|
+
if response.code == "200"
|
236
|
+
json_data = parse_json(response.body, {})
|
237
|
+
if json_data.nil?
|
238
|
+
logger.warn("Mixin Ec2Metadata: Metadata response is NOT valid JSON")
|
239
|
+
end
|
240
|
+
json_data
|
241
|
+
else
|
242
|
+
logger.warn("Mixin Ec2Metadata: Received response code #{response.code} requesting metadata")
|
243
|
+
{}
|
244
|
+
end
|
245
|
+
end
|
246
|
+
end
|
247
|
+
|
248
|
+
private
|
249
|
+
|
250
|
+
def expand_path(file_name)
|
251
|
+
path = file_name.gsub(/\=.*$/, "/")
|
252
|
+
# ignore "./" and "../"
|
253
|
+
path.gsub(%r{/\.\.?(?:/|$)}, "/")
|
254
|
+
.sub(%r{^\.\.?(?:/|$)}, "")
|
255
|
+
.sub(/^$/, "/")
|
256
|
+
end
|
257
|
+
|
258
|
+
def metadata_key(key)
|
259
|
+
key.gsub(%r{\-|/}, "_")
|
260
|
+
end
|
261
|
+
|
262
|
+
end
|
263
|
+
end
|
264
|
+
end
|