Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-13092

Support IMDSv2 for AWS node discovery

    XMLWordPrintable

Details

    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      IMDSv2 requires token generation to access metadata: Retrieve instance metadata

      AWS node discovery does not account for this and results in errors: 

      org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'crowdAliasDao': Unsatisfied dependency expressed through method 'setSessionFactory' parameter 0; nested exception is org.sprin
gframework.beans.factory.BeanCreationException: Error creating bean with name 'hazelcast' defined in class path resource [stash-context.xml]: Invocation of init method failed; nested exception is com.hazelcast.config.Invali
dConfigurationException: Unable to lookup role in URI: http://<IP>/latest/meta-data/placement/availability-zone/
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:723)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:878)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:550)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at java.lang.Thread.run(Thread.java:748)
... 18 frames trimmed
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'hazelcast' defined in class path resource [stash-context.xml]: Invocation of init method failed; nested exception is com.hazelcast.config.InvalidConfigurationException: Unable to lookup role in URI: http://169.254.169.254/latest/meta-data/placement/availability-zone/
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1796)
... 5 common frames omitted
Caused by: com.hazelcast.config.InvalidConfigurationException: Unable to lookup role in URI: http://<IP>/latest/meta-data/placement/availability-zone/
at com.hazelcast.aws.utility.MetadataUtil.retrieveMetadataFromURI(MetadataUtil.java:78)
at com.hazelcast.aws.utility.MetadataUtil$1.call(MetadataUtil.java:109)
at com.hazelcast.aws.utility.MetadataUtil$1.call(MetadataUtil.java:106)
at com.hazelcast.aws.utility.RetryUtils.retry(RetryUtils.java:52)
at com.hazelcast.aws.utility.MetadataUtil.retrieveMetadataFromURI(MetadataUtil.java:106)
at com.hazelcast.aws.AWSClient.getAvailabilityZone(AWSClient.java:62)
at com.hazelcast.aws.AwsDiscoveryStrategy.discoverLocalMetadata(AwsDiscoveryStrategy.java:138)
at com.hazelcast.spi.discovery.impl.DefaultDiscoveryService.discoverLocalMetadata(DefaultDiscoveryService.java:88)
at com.hazelcast.instance.Node.mergeEnvironmentProvidedMemberMetadata(Node.java:589)
at com.hazelcast.instance.Node.start(Node.java:434)
at com.hazelcast.instance.HazelcastInstanceImpl.<init>(HazelcastInstanceImpl.java:136)
at com.hazelcast.instance.HazelcastInstanceFactory.constructHazelcastInstance(HazelcastInstanceFactory.java:229)
at com.hazelcast.instance.HazelcastInstanceFactory.newHazelcastInstance(HazelcastInstanceFactory.java:208)
at com.hazelcast.instance.HazelcastInstanceFactory.newHazelcastInstance(HazelcastInstanceFactory.java:158)
at com.hazelcast.core.Hazelcast.newHazelcastInstance(Hazelcast.java:57)
at com.atlassian.stash.internal.hazelcast.HazelcastFactoryBean.newInstance(HazelcastFactoryBean.java:126)
at com.atlassian.stash.internal.hazelcast.HazelcastFactoryBean.createInstance(HazelcastFactoryBean.java:66)
at com.atlassian.stash.internal.hazelcast.HazelcastFactoryBean.createInstance(HazelcastFactoryBean.java:34)
... 5 common frames omitted
Caused by: java.io.IOException: Server returned HTTP response code: 401 for URL: http://<IP>latest/meta-data/placement/availability-zone/
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1900)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1498)
at com.hazelcast.aws.utility.MetadataUtil.retrieveMetadataFromURI(MetadataUtil.java:70)
... 22 common frames omitted

      It seems that Hazelcast has not implemented this feature yet either, according to this issue report on their project.

      We are raising this request so that Bitbucket implements IMDSv2 , once it is available in Hazelcast

      Attachments

        Issue Links

          is duplicated by

          Suggestion - BSERV-14254 Bitbucket support for AWS IMDSv2 Node DIscovery

          • Closed
          blocks

          ITPLT-637 Loading...

          causes

          PS-126489 Loading...

          mentioned in

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Activity

            People

              744c7388e89a Jemma Zhang
              amarques@atlassian.com Andre Marques (Inactive)
              Votes:
              26 Vote for this issue
              Watchers:
              30 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: