我正在尝试调试未将我的用户数据正确注入 Windows EC2 实例的 Spinnaker 管道。为了进行测试,我启动了一个简单的 base64 编码用户数据脚本,如下所示:
<powershell>
write-output "Running userdata-test script"
</powershell>
在我查询 userdata HTTP 端点时从实例中返回:
PS C:\> Invoke-RestMethod -Headers @{"X-aws-ec2-metadata-token" = $token} -Method GET -Uri http://169.254.169.254/latest/user-data
powershell
----------
...
但是,日志文件显示它确实运行了我的脚本。
2023/04/08 01:49:27Z: Begin user data script process.
2023/04/08 01:49:27Z: Unable to parse <persist> tags. This can happen when tags are unmatched or poorly formed.
2023/04/08 01:49:27Z: Sending telemetry bool: IsUserDataScheduledPerBoot
2023/04/08 01:49:27Z: Unregister the scheduled task to persist user data.
2023/04/08 01:49:31Z: Unable to parse <runAsLocalSystem> tags. This can happen when tags are unmatched or poorly formed.
2023/04/08 01:49:31Z: Unable to parse <script> tags. This can happen when tags are unmatched or poorly formed.
2023/04/08 01:49:31Z: Unable to parse <powershellArguments> tags. This can happen when tags are unmatched or poorly formed.
2023/04/08 01:49:31Z: <powershell> tag was provided.. running powershell content
2023/04/08 01:49:35Z: Message: The output from user data script: Running userdata-test script
2023/04/08 01:49:35Z: User data script completed.
这是 HTTP 端点中的错误吗?有没有其他可靠的方法来查看真实的用户数据?
Amazon EC2 实例元数据服务有两个版本。
版本 1 允许您直接访问元数据:
Invoke-RestMethod -Method GET -Uri http://169.254.169.254/latest/meta-data/
Version 2 需要先获取token,然后调用元数据服务:
PS C:\> [string]$token = Invoke-RestMethod -Headers @{"X-aws-ec2-metadata-token-ttl-seconds" = "21600"} -Method PUT -Uri http://169.254.169.254/latest/api/token
PS C:\> Invoke-RestMethod -Headers @{"X-aws-ec2-metadata-token" = $token} -Method GET -Uri http://169.254.169.254/latest/meta-data/
将此与您的问题进行比较,您的代码似乎缺少设置
$token
变量值的第一行。