cloudyr / aws.ec2metadata Goto Github PK
View Code? Open in Web Editor NEWAccess to EC2 Instance Metadata
Home Page: https://cran.r-project.org/package=aws.ec2metadata
Access to EC2 Instance Metadata
Home Page: https://cran.r-project.org/package=aws.ec2metadata
Write functions to return metadata described here: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
Then import this package into aws.signature to implement to IAM role functionality of cloudyr/aws.signature#11
I was tracking down why the aws.s3
library was slow to make an initial request, but quick to perform subsequent requests. I traced the delay back to this psuedo call stack:
aws.s3::head_object
aws.s3::s3HTTP
aws.signature:::locate_credentials
ec2metadata:::is_ec2
aws.ec2metadata:::get_instance_metadata
curl::curl_fetch_memory("http://169.254.169.254")
Running the curl call directly on a mac produces:
> curl::curl_fetch_memory("http://169.254.169.254")
Error in curl::curl_fetch_memory("http://169.254.169.254") :
Timeout was reached: Connection timed out after 10001 milliseconds
Since when NOT on ec2 it can't connect to the IP, it times out with a default timeout of 10 seconds. It seems the curl library must be caching the "host unavailable" message for approximately 15 seconds on my system, but I can't find a parameter to control this.
Is it expected that the is_ec2
function produces a 10 second delay when not running on ec2
As a hacky workaround on my system, I just override the is_ec2 function after loading the library, but this obviously won't work as an improvement to this package.:
assignInNamespace("is_ec2", function ( ...) { FALSE }, "aws.ec2metadata")
Potential solutions that this package could implement:
Please specify whether your issue is about:
IMDS v2 requires that a token be requested prior to getting metadata. This should be a fairly simple fix - issue the token request prior to curling for the metadata. Thoughts?
This package is not being actively maintained. If you're interested in contributing or taking over, please express your interest here.
Please specify whether your issue is about:
I have a shiny app running on an ecs fargate task using the rocker:shiny-verse base docker image. I can't read an s3 file
within the initialisation of the shiny app (global.R file). Interestingly it does work when I change the method of serving the app in the docker file.
The docker command that works is:
CMD ["R", "-e", "shiny::runApp('/srv/shiny-server/my_app', 3838, host='0.0.0.0')"]
And the method I want to use but doesn't work:
CMD ["/usr/bin/shiny-server.sh"]
What is the intended method of accessing the permissions granted to the IAM role, how can I read from the s3 bucket within an ecs fargate task?
My global.R file looks like this:
## load package
library(ini)
library("aws.ec2metadata")
Sys.setenv("AWS_DEFAULT_REGION" = "eu-west-2")
if (is_ecs() == T) {
metadata$iam_role("ecsTaskExecutionRole")
}
config = aws.s3::s3read_using(read.ini,
object = 'my_object.ini',
bucket = 'my_bucket')
I can't get the session Info of the Fargate task or any logs but know it's the s3 connection that is failing as removing the
s3_read_using() call allows the app to run as expected. I have also double checked that the ecsTaskExecutionRole has s3 read
permissions required. The bucket also definitely exists and as does the object and it's in the correct region (eu-west-2).
When I wrote the patch for this, it was broken and can't correctly test that an R script is running on ECS.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.