NETWAYS/check_cloud_aws

Default-Credentials funktionieren nicht mehr

Closed this issue · 3 comments

aheinhold commented

Hi Philipp,

bisher haben folgende Aufrufe funktioniert:

./check_cloud_aws_s3_cloudfront cloudfront
OK - Found 1 Distributions - critical 0 - warning 0
| xxx=Deployed

./check_cloud_aws_s3_cloudfront s3 bucket
OK - Found 1 buckets - critical 0 - warning 0
[OK] xxx: 4B | xxx=0MB;10240;20480

mit dem neuen Check v0.2.0-rc1 geht das in der Form nicht mehr:

./check_cloud_aws_0.2.0-rc1_Linux_x86_64 cloudfront
UNKNOWN - could not load all distributions: NoCredentialProviders: no valid providers in chain
caused by: EnvAccessKeyNotFound: failed to find credentials in the environment.
SharedCredsLoad: failed to load profile, default.
EC2RoleRequestError: no EC2 instance role found
caused by: EC2MetadataError: failed to make EC2Metadata request
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 404 </title>
</head>
<body>
<h2>HTTP ERROR: 404</h2>
<p>Problem accessing /latest/meta-data/iam/security-credentials/. Reason:
<pre>    GET http://openstack.adm.netways.de:8775/latest/meta-data/iam/security-credentials/ returned a response status of 404 Not Found</pre></p>
<hr /><a href="[http://eclipse.org/jetty">Powered](http://eclipse.org/jetty%22%3EPowered) by Jetty:// 9.3.z-SNAPSHOT</a><hr/>
</body>
</html
        status code: 404, request id:  (*fmt.wrapError)

./check_cloud_aws_0.2.0-rc1_Linux_x86_64 s3 bucket
UNKNOWN - could not load all buckets: NoCredentialProviders: no valid providers in chain
caused by: EnvAccessKeyNotFound: failed to find credentials in the environment.
SharedCredsLoad: failed to load profile, default.
EC2RoleRequestError: no EC2 instance role found
caused by: EC2MetadataError: failed to make EC2Metadata request
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 404 </title>
</head>
<body>
<h2>HTTP ERROR: 404</h2>
<p>Problem accessing /latest/meta-data/iam/security-credentials/. Reason:
<pre>    GET http://openstack.adm.netways.de:8775/latest/meta-data/iam/security-credentials/ returned a response status of 404 Not Found</pre></p>
<hr /><a href="[http://eclipse.org/jetty">Powered](http://eclipse.org/jetty%22%3EPowered) by Jetty:// 9.3.z-SNAPSHOT</a><hr/>
</body>
</html>

        status code: 404, request id:  (*fmt.wrapError)

Ob das jetzt ein gewünschtes Verhalten ist, weiß ich nicht...

Gebe ich dem Aufruf den Parameter -C oder und -P mit, funktioniert das Plugin:

./check_cloud_aws_0.2.0-rc1_Linux_x86_64 -C ~/.aws/credentials s3 bucket
OK - 1 Buckets: 0 Critical - 0 Warning - 1 Ok
\_[OK] xxx - value: 4B | xxx=0MB;10240;20480



./check_cloud_aws_0.2.0-rc1_Linux_x86_64 -C ~/.aws/credentials cloudfront
OK - 1 Distributions: 0 Disabled - 0 InProgress - 1 Enabled
\_[OK] xxx status=Deployed enabled=true
| xxx=enabled

Verwende ich nur den Parameter -P funktioniert das Plugin nicht:

./check_cloud_aws_0.2.0-rc1_Linux_x86_64 -P xxx s3 object --prefix 'x'
UNKNOWN - could not load all buckets: NoCredentialProviders: no valid providers in chain
caused by: EnvAccessKeyNotFound: failed to find credentials in the environment.
SharedCredsLoad: failed to load profile, DatevMon.
EC2RoleRequestError: no EC2 instance role found
caused by: EC2MetadataError: failed to make EC2Metadata request
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 404 </title>
</head>
<body>
<h2>HTTP ERROR: 404</h2>
<p>Problem accessing /latest/meta-data/iam/security-credentials/. Reason:
<pre>    GET http://openstack.adm.netways.de:8775/latest/meta-data/iam/security-credentials/ returned a response status of 404 Not Found</pre></p>
<hr /><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.3.z-SNAPSHOT</a><hr/>
</body>
</html>

        status code: 404, request id:  (*fmt.wrapError)


./check_cloud_aws_0.2.0-rc1_Linux_x86_64 -P xxx cloudfront
UNKNOWN - could not load all distributions: NoCredentialProviders: no valid providers in chain
caused by: EnvAccessKeyNotFound: failed to find credentials in the environment.
SharedCredsLoad: failed to load profile, DatevMon.
EC2RoleRequestError: no EC2 instance role found
caused by: EC2MetadataError: failed to make EC2Metadata request
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 404 </title>
</head>
<body>
<h2>HTTP ERROR: 404</h2>
<p>Problem accessing /latest/meta-data/iam/security-credentials/. Reason:
<pre>    GET http://openstack.adm.netways.de:8775/latest/meta-data/iam/security-credentials/ returned a response status of 404 Not Found</pre></p>
<hr /><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.3.z-SNAPSHOT</a><hr/>
</body>
</html>

        status code: 404, request id:  (*fmt.wrapError)

Gruß,
Alex

martialblog commented

Hallo, Danke für den Hinweis.

Wir haben beim Testen auch gemerkt, dass der Default Wert des --credentials-file Flag noch nicht ganz funktioniert. Wir arbeiten an einer Lösung.

Grüße

martialblog commented

Sollte nun gefixt sein. Wir laden gegen Ende der Woche eine neue Version hoch.

martialblog commented

Ein rc2 wurde eben erstellt.