search

aws / amazon-gamelift-agent

GameLiftAgent is a Java application that is used to launch game server processes on Amazon GameLift fleets.
https://aws.amazon.com/gamelift/
Apache License 2.0
13 stars 5 forks source link

Agent accessing EC2 instance metadata on ECS task #13

Open hyundonk opened 1 month ago

hyundonk commented 1 month ago

Description

Bug

When running gamelift agent on a ECS task, following runtime exceptions happen.

  1. When EnvironmentHelper.logEC2Metadata() is called and it tries to retrieve Amazon EC2 instance metadata by calling getHostInfoFromEC2Metadata() causing below exception on ECS tasks.

  2. com.amazonaws.SdkClientException: Failed to connect to service endpoint: 
at com.amazonaws.internal.EC2ResourceFetcher.doReadResource(EC2ResourceFetcher.java:119)
at com.amazonaws.internal.InstanceMetadataServiceResourceFetcher.getToken(InstanceMetadataServiceResourceFetcher.java:106)
at com.amazonaws.internal.InstanceMetadataServiceResourceFetcher.readResource(InstanceMetadataServiceResourceFetcher.java:77)
at com.amazonaws.internal.EC2ResourceFetcher.readResource(EC2ResourceFetcher.java:66)
at com.amazonaws.util.EC2MetadataUtils.getItems(EC2MetadataUtils.java:405)
at com.amazonaws.util.EC2MetadataUtils.getData(EC2MetadataUtils.java:374)
at com.amazonaws.util.EC2MetadataUtils.getData(EC2MetadataUtils.java:370)
at com.amazonaws.util.EC2MetadataUtils.fetchData(EC2MetadataUtils.java:424)
at com.amazonaws.util.EC2MetadataUtils.fetchData(EC2MetadataUtils.java:418)
at com.amazonaws.util.EC2MetadataUtils.getInstanceId(EC2MetadataUtils.java:138)
at com.amazon.gamelift.agent.utils.EnvironmentHelper.getHostInfoFromEC2Metadata(EnvironmentHelper.java:32)
at com.amazon.gamelift.agent.utils.EnvironmentHelper.logEC2Metadata(EnvironmentHelper.java:45)
at com.amazon.gamelift.agent.Agent.start(Agent.java:65)
at com.amazon.gamelift.agent.Application.main(Application.java:63)

  3. When provideGameLiftCredentials() is called, it tries to return provider from InstanceProfileCredentialsProvider causing below exception on ECS task.

com.amazonaws.SdkClientException: Failed to connect to service endpoint: 
at com.amazonaws.internal.EC2ResourceFetcher.doReadResource(EC2ResourceFetcher.java:119)
at com.amazonaws.internal.InstanceMetadataServiceResourceFetcher.getToken(InstanceMetadataServiceResourceFetcher.java:106)
at com.amazonaws.internal.InstanceMetadataServiceResourceFetcher.readResource(InstanceMetadataServiceResourceFetcher.java:77)
at com.amazonaws.internal.EC2ResourceFetcher.readResource(EC2ResourceFetcher.java:66)
at com.amazonaws.auth.InstanceMetadataServiceCredentialsFetcher.getCredentialsEndpoint(InstanceMetadataServiceCredentialsFetcher.java:61)
at com.amazonaws.auth.InstanceMetadataServiceCredentialsFetcher.getCredentialsResponse(InstanceMetadataServiceCredentialsFetcher.java:49)
at com.amazonaws.auth.BaseCredentialsFetcher.fetchCredentials(BaseCredentialsFetcher.java:154)
at com.amazonaws.auth.BaseCredentialsFetcher.getCredentials(BaseCredentialsFetcher.java:96)
at com.amazonaws.auth.InstanceProfileCredentialsProvider.getCredentials(InstanceProfileCredentialsProvider.java:174)
at com.amazon.gamelift.agent.module.ConfigModule.provideGameLiftCredentials(ConfigModule.java:243)
at com.amazon.gamelift.agent.module.ConfigModule_ProvideGameLiftCredentialsFactory.provideGameLiftCredentials(ConfigModule_ProvideGameLiftCredentialsFactory.java:35)
at com.amazon.gamelift.agent.module.ConfigModule_ProvideGameLiftCredentialsFactory.get(ConfigModule_ProvideGameLiftCredentialsFactory.java:27)
at com.amazon.gamelift.agent.module.ConfigModule_ProvideGameLiftCredentialsFactory.get(ConfigModule_ProvideGameLiftCredentialsFactory.java:9)
at dagger.internal.DoubleCheck.get(DoubleCheck.java:47)
at com.amazon.gamelift.agent.module.ClientModule_ProvideAmazonGameLiftFactory.get(ClientModule_ProvideAmazonGameLiftFactory.java:40)
at com.amazon.gamelift.agent.module.ClientModule_ProvideAmazonGameLiftFactory.get(ClientModule_ProvideAmazonGameLiftFactory.java:11)
at com.amazon.gamelift.agent.client.AmazonGameLiftClientWrapper_Factory.get(AmazonGameLiftClientWrapper_Factory.java:27)
at com.amazon.gamelift.agent.client.AmazonGameLiftClientWrapper_Factory.get(AmazonGameLiftClientWrapper_Factory.java:9)
at com.amazon.gamelift.agent.websocket.WebSocketConnectionManager_Factory.get(WebSocketConnectionManager_Factory.java:91)
at com.amazon.gamelift.agent.websocket.WebSocketConnectionManager_Factory.get(WebSocketConnectionManager_Factory.java:15)
at dagger.internal.DoubleCheck.get(DoubleCheck.java:47)
at dagger.internal.DelegateFactory.get(DelegateFactory.java:36)
at com.amazon.gamelift.agent.component.DaggerGameLiftAgentComponent.buildGameLiftAgent(DaggerGameLiftAgentComponent.java:346)
at com.amazon.gamelift.agent.Application.main(Application.java:55)
hyundonk commented 1 month ago

Created a PR to fix this issue. https://github.com/aws/amazon-gamelift-agent/pull/14