aws ec2 run-instances:忽略base64编码的用户数据blob

时间:2022-09-23 17:39:25

My base64 encoded user-data is ignored while running aws ec2 run-instances command.

运行aws ec2 run-instances命令时,将忽略我的base64编码用户数据。

Here is my user data:

这是我的用户数据:

$ cat user-data.sh 
#!/bin/bash
cat >> /var/tmp/user-data-testing <<EOF
this is test line added at $(date)
EOF

here is base64 blob of above script:

这是上面脚本的base64 blob:

IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg==

Now, My below command does read the user-data fine:

现在,我的下面的命令确实读取了用户数据:

aws ec2 run-instances --image-id ami-8635a9b6 --instance-type t1.micro --placement AvailabilityZone=us-west-2a --security-groups quicklaunch-1 --key-name devops --user-data file://user-data.sh

I do see that file /var/tmp/user-data-testing is created.

我确实看到创建了文件/ var / tmp / user-data-testing。

However, when I try to pass-in user-data as a base64 encoded blob as below, then it gets ignored:

但是,当我尝试将用户数据作为base64编码的blob传递,如下所示,则会被忽略:

aws ec2 run-instances --image-id ami-8635a9b6 --instance-type t1.micro --placement AvailabilityZone=us-west-2a --security-groups quicklaunch-1 --key-name devops --user-data IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg==

Now, I do not see the file /var/tmp/user-data-testing created.

现在,我没有看到创建的文件/ var / tmp / user-data-testing。

Also, I know that my base64 blob is healthy as I can decode it fine:

此外,我知道我的base64 blob是健康的,因为我可以解码它:

$ base64 --decode <<< IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg==
#!/bin/bash
cat >> /var/tmp/user-data-testing <<EOF
this is test line added at $(date)
EOF

However, I do see that instance metadata has my user data in base64 format:

但是,我确实看到实例元数据具有base64格式的用户数据:

$ curl -L http://169.254.169.254/latest/user-data/
IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg==

So, what am I doing wrong in using base64 user-data blob?

那么,在使用base64用户数据blob时我做错了什么?

My instance meta-data is aware of it but seems like it is not really being executed (or decoded and executed) at the time of instance launch.

我的实例元数据意识到它,但似乎在实例启动时它并没有真正被执行(或解码和执行)。

UPDATE:

更新:

If I pass the same base64 blob via AWS Console while launching the instance, It works. So seems like something is wrong in the way I am using it along with AWS-CLI.

如果我在启动实例时通过AWS控制台传递相同的base64 blob,它可以工作。因此,我和AWS-CLI一起使用它的方式似乎有些不对劲。

UPDATE:

更新:

I just tried the same base64 blob with my ruby code as below and it worked as well:

我刚刚使用我的ruby代码尝试了相同的base64 blob,如下所示,它也运行良好:

ec2 = Aws::EC2.new
resp = ec2.run_instances(
    min_count: 1,
    max_count: 1,
    image_id: 'ami-8635a9b6',
    instance_type: 't1.micro',
    placement: {
      availability_zone: 'us-west-2a'
    },
    security_groups: ['quicklaunch-1'],
    key_name: 'devops',
    user_data: 'IyEvYmluL2Jhc2gKY2F0ID4+IC92YXIvdG1wL3VzZXItZGF0YS10ZXN0aW5nIDw8RU9GCnRoaXMgaXMgdGVzdCBsaW5lIGFkZGVkIGF0ICQoZGF0ZSkKRU9GCg=='
)

So, then WTF is wrong my implementation of AWS-CLI ?

那么,WTF在我的AWS-CLI实现上是错误的吗?

3 个解决方案

#1


19  

It seems like awscli does the base64 encoding for you, so you should pass unencoded text to --user-data.

似乎awscli为您执行base64编码,因此您应该将未编码的文本传递给--user-data。

Apparently the documentation is not very clear on this. Check this link.

显然文档对此不太清楚。检查此链接。

This syntax should then be:

那么这个语法应该是:

aws ec2 run-instances --image-id ami-8635a9b6 --user-data "echo TEST"

or

要么

aws ec2 run-instances --image-id ami-8635a9b6 --user-data file://path/to/file

#2


1  

Had the same issue, very frustrating to track down the problem, finally got it working. did not base64 encode did put script in file.

有同样的问题,追查问题非常令人沮丧,最终得到了它的工作。没有base64编码确实把脚本放在文件中。

placing seems to be important worked for me only when --user-data file://path is placed at the end

只有当--user-data file:// path放在最后时,放置似乎对我很重要

This format worked obviously change the some data to yours

这种格式明显改变了一些数据

aws ec2 run-instances --image-id amisomthing --count 1 --instance-type t1.micro --key-name keysomthing --security-group-ids somegroup --subnet-id somesubnetid --associate-public-ip-address --user-data file://someuserdata

#3


0  

According to the docs http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html, the base64 is only for API calls and not the CLI

根据文档http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html,base64仅用于API调用而不是CLI

#1


19  

It seems like awscli does the base64 encoding for you, so you should pass unencoded text to --user-data.

似乎awscli为您执行base64编码,因此您应该将未编码的文本传递给--user-data。

Apparently the documentation is not very clear on this. Check this link.

显然文档对此不太清楚。检查此链接。

This syntax should then be:

那么这个语法应该是:

aws ec2 run-instances --image-id ami-8635a9b6 --user-data "echo TEST"

or

要么

aws ec2 run-instances --image-id ami-8635a9b6 --user-data file://path/to/file

#2


1  

Had the same issue, very frustrating to track down the problem, finally got it working. did not base64 encode did put script in file.

有同样的问题,追查问题非常令人沮丧,最终得到了它的工作。没有base64编码确实把脚本放在文件中。

placing seems to be important worked for me only when --user-data file://path is placed at the end

只有当--user-data file:// path放在最后时,放置似乎对我很重要

This format worked obviously change the some data to yours

这种格式明显改变了一些数据

aws ec2 run-instances --image-id amisomthing --count 1 --instance-type t1.micro --key-name keysomthing --security-group-ids somegroup --subnet-id somesubnetid --associate-public-ip-address --user-data file://someuserdata

#3


0  

According to the docs http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html, the base64 is only for API calls and not the CLI

根据文档http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html,base64仅用于API调用而不是CLI