Add VpcId to TMDE Task Responses #3288
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
singholt
requested changes
Jul 7, 2022
Realmonia
reviewed
Jul 11, 2022
Realmonia
previously approved these changes
Jul 11, 2022
singholt
previously approved these changes
Jul 18, 2022
Realmonia
previously approved these changes
Jul 28, 2022
singholt
reviewed
Jul 28, 2022
singholt
previously approved these changes
Jul 28, 2022
|
Only v4 endpoint's response may be changed. Older versions are considered immutable. Need to limit this change to v4. |
singholt
approved these changes
Aug 26, 2022
Realmonia
approved these changes
Sep 7, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This change is to enhance the
TaskResponsereturned by Task Metadata Endpoint to include VPC ID. This change does not apply to ECS Anywhere instances, so no VPC ID would be returned by Task Metadata Endpoint on ECS Anywhere instances.Implementation details
For agent instances with
TaskENIEnabledsetting set totrueAgent loads the VPC ID of the container instance by querying EC2 Instance Metadata Service (IMDS). So, for TMDE the VPC ID of the container instance is already available in
ecsAgenttype.For agent instances with
TaskENIEnabledsetting set tofalseCurrently the agent does not load the VPC ID of the container instance in this case. This PR includes changes to make the agent load VPC ID (and mac and subnets) of the container instance if the container instance is not external. Doing so shouldn't have any side-effects because these values are not used to drive any logic.
Changes under this PR add some piping to forward the VPC ID value from
ecsAgenttype to Task Metadata Endpoint handlers and change the handlers to include the VPC ID value in all task responses.TaskResponsetype definition is updated to include a newVPCIDfield.Testing
Deployed changed agent source to a test EC2 instance, ran test tasks with
awsvpc,bridge, andhostnetwork modes, and verified thatVpcIdfield is populated in task responses for all cases.Deployed changed agent to a test ECS Anywhere instance, ran a test task with
hostnetwork mode, and verified thatVpcIdfield is not populated and that a successful Task Response is returned.Updated MACIS TMDE functional tests for Linux and Windows and ran them against the agent artifacts for this PR for EC2 Linux and Windows, and ECS-A Linux and Windows platforms.
Updated existing Task Metadata Endpoint unit tests to include
VpcId.New tests cover the changes: Updated existing tests
Description for the changelog
VpcIdfield will be present in task responses from Task Metadata Endpoint for EC2 instances. ECS Anywhere instances are not affected.Licensing
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.