Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added patch for EC2 IMDSv2 support in Docker #1055

Merged
merged 2 commits into from
Aug 21, 2020
Merged

Added patch for EC2 IMDSv2 support in Docker #1055

merged 2 commits into from
Aug 21, 2020

Conversation

srgothi92
Copy link
Contributor

@srgothi92 srgothi92 commented Aug 20, 2020
edited
Loading

Issue number:
N/A

Description of changes:
Used Look aside cache for caching awslogs_update_aws-sdk-go_to_support_imdsv2.patch
Applied the patch to docker-engine for EC2 IMDSv2 support in Docker

Testing done:

  1. Created an ECS taskDefinition that uses awslogs Log driver.
  2. Ran the task on two instance : 1. With Patch 2. Without Patch . Task Ran Successfully on Both the instance becasue imdsv1 was enabled.
  3. Ran the task on two instances 1. With Patch 2. Without patch, with --metadata-options "HttpEndpoint=enabled,HttpTokens=required" v1 disabled. Task Stopped on 1st instance but ran successfully on 2nd instance.
  4. Verified CloudWatch metric MetadataNoToken to zero for 2nd Instance.

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

tjkirch
tjkirch reviewed Aug 20, 2020
View reviewed changes
packages/docker-engine/.gitignore Outdated Show resolved Hide resolved
packages/docker-engine/docker-engine.spec Outdated Show resolved Hide resolved
@srgothi92 srgothi92 changed the title Added patch for ECS IMDSv2 support in Docker Added patch for EC2 IMDSv2 support in Docker Aug 20, 2020
tjkirch
tjkirch reviewed Aug 20, 2020
View reviewed changes
Copy link
Contributor

@tjkirch tjkirch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good - would you mind splitting this into a commit for the patch and a commit for moving the gitignore?

packages/.gitignore Outdated Show resolved Hide resolved
@srgothi92
Added patch for EC2 IMDSv2 support in Docker
fe10bba 
* Fixed peer review comments
* Changed url paramter to actual patch external URL
@srgothi92
Removed nested .gitignore and moved to packages root
d1ad66e
@srgothi92
Copy link
Contributor Author

Changed the URL parameter in Cargo.toml to actual external patch URL. Retested with the changes.

@srgothi92 srgothi92 merged commit 6fadde5 into bottlerocket-os:develop Aug 21, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tjkirch tjkirch tjkirch approved these changes

@samuelkarp samuelkarp samuelkarp approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@srgothi92 @tjkirch @samuelkarp