HTTP_PROXY, NO_PROXY settings

[srizzling]

I'm getting the following running ecs-gen on a container.

2017/10/12 04:36:23 found cluster region to be: ap-southeast-2
2017/10/12 04:36:23 found cluster name to be: Test-ECS-Cluster
2017/10/12 04:36:23 updating config
2017/10/12 04:38:59 NoCredentialProviders: no valid providers in chain. Deprecated.

[srizzling]

I think I am affecting by this: https://github.com/aws/aws-sdk-go/issues/1226

[srizzling]

Yeah the container doesn't seem to have a roll attached, but ecs-gen works fine on the instance. If I wanted a similar setup, using a host container how would I go about it?

[codesuki]

Sorry for the late reply. I'll have a look at the above issue. Are you using http_proxy? Even when you run it on the instance?

[srizzling]

yep I setup http_proxy https_proxy and no_proxy. To be honest I get the same error running awscli, so I am a little lost how the container gets credentials.

I have also applied the same role on my instance as my task. :/

[srizzling]

@codesuki Actually, just thinking over the weekend, I think my issue is: https://github.com/aws/amazon-ecs-agent/issues/605. I'm not able to test right now, but will check it on Monday.

I have the no_proxy setup for the metadata service but not the IAM credential service.

[codesuki]

Let me know the results!

[srizzling]

Cool yep that was my issue. I also had to add my own host to the no_proxy list, due to this network call here:

result, err := sendHTTRequest("http://" + host + ":51678/v1/metadata")

which means I have to dynamically modify the no_proxy var. Is there someway we can avoid this call?

[codesuki]

The call we cannot avoid, I think, but I will replace that by localhost. Also If you provide the cluster name via command line this code will not run. https://github.com/codesuki/ecs-gen/blob/master/main.go#L89-L98

[srizzling]

Hmm, I'm not too keen on adding --cluster on the binary because I'll need to bake a new image for every cluster with that setting.

But I see this is possible: https://github.com/codesuki/ecs-gen#using-with-docker

so thats probably my best bet yeah?

[codesuki]

At the moment yes. Although I can't promise it I'll try to change it to localhost today and make a release.

[srizzling]

I don't see how setting the API call to hit localhost will work if it has to hit the host machine (assuming you are using a bridged network)?

[codesuki]

Hahaha, good point! That's why I had to get the IP of the machine in the first place. Well, forgot about that for a minute. Sorry, then, yes please use the environment variables.

[srizzling]

Closing issue, since issue has been resolved!