Uploaded image for project: 'Confluence Server and Data Center'
  1. Confluence Server and Data Center
  2. CONFSERVER-63193

Support IMDSv2 for AWS node discovery

    XMLWordPrintable

    Details

    • UIS:
      1
    • Feedback Policy:
      We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      IMDSv2 requires token generation to access metadata: Retrieve instance metadata

      AWS node discovery does not account for this and results in errors like the following:

      2021-04-01 16:56:09,435 ERROR [Catalina-utility-1] [atlassian.confluence.setup.ConfluenceConfigurationListener] contextInitialized An error was encountered while bootstrapping Confluence (see below):
      Unable to lookup role in URI: http://169.254.300.300/latest/meta-data/placement/availability-zone/
      com.hazelcast.config.InvalidConfigurationException: Unable to lookup role in URI: http://169.254.300.300/latest/meta-data/placement/availability-zone/
      at com.hazelcast.aws.utility.MetadataUtil.retrieveMetadataFromURI(MetadataUtil.java:78)
      at com.hazelcast.aws.utility.MetadataUtil$1.call(MetadataUtil.java:109)
      at com.hazelcast.aws.utility.MetadataUtil$1.call(MetadataUtil.java:106)
      at com.hazelcast.aws.utility.RetryUtils.retry(RetryUtils.java:52)
      at com.hazelcast.aws.utility.MetadataUtil.retrieveMetadataFromURI(MetadataUtil.java:106)
      at com.hazelcast.aws.AWSClient.getAvailabilityZone(AWSClient.java:62)
      at com.hazelcast.aws.AwsDiscoveryStrategy.discoverLocalMetadata(AwsDiscoveryStrategy.java:138)
      at com.hazelcast.spi.discovery.impl.DefaultDiscoveryService.discoverLocalMetadata(DefaultDiscoveryService.java:88)
      at com.hazelcast.instance.Node.mergeEnvironmentProvidedMemberMetadata(Node.java:555)
      at com.hazelcast.instance.Node.start(Node.java:401)
      ...
      

      For instances looking for greater security, it would be great to have IMDSv2 function with Confluence Data Center.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            caronson Cole Aronson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: