AWS 实例无法通过 IP 访问元数据服务器

tag-icon tag-icon amazon-web-services windows-server-2016
AWS 实例无法通过 IP 访问元数据服务器

我的 amazon VM 实例(类型 c4.large,Windows Server 2016 数据中心)位于 eu-central-1。我需要获取元数据(主要是为了检查我的软件是否在 AWS 实例上运行),我尝试从http://169.254.169.254

但是 wget 和 tracert 都无法访问该 IP。

我可以从这台虚拟机浏览任何 http 站点。

C:\Users\Administrator>curl --verbose 169.254.169.254/latest/meta-data/
* timeout on name lookup is not supported
*   Trying 169.254.169.254...
* TCP_NODELAY set
* connect to 169.254.169.254 port 80 failed: Timed out
* Failed to connect to 169.254.169.254 port 80: Timed out
* Closing connection 0
curl: (7) Failed to connect to 169.254.169.254 port 80: Timed out

google.com 的工作原理:

C:\Users\Administrator>curl --verbose www.google.com
* Rebuilt URL to: www.google.com/
* timeout on name lookup is not supported
*   Trying 172.217.16.196...
* TCP_NODELAY set
* Connected to www.google.com (172.217.16.196) port 80 (#0)
> GET / HTTP/1.1
> Host: www.google.com
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 302 Found
< Cache-Control: private
< Content-Type: text/html; charset=UTF-8
< Referrer-Policy: no-referrer
< Location: http://www.google.de/?gfe_rd=cr&ei=9pvwWJD5G8jb8Aemn6iABA
< Content-Length: 258
< Date: Fri, 14 Apr 2017 09:52:54 GMT
<
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.google.de/?gfe_rd=cr&amp;ei=9pvwWJD5G8jb8Aemn6iABA">here</A>.
</BODY></HTML>
* Curl_http_done: called premature == 0
* Connection #0 to host www.google.com left intact

答案1

就我而言,此问题是由无效的网络路由(具体来说,是错误的 NextHop)引起的。这是我的补丁实现,灵感来自上面的 @gonzales-gokhan 评论:

$destinationPrefix = '169.254.169.254/32'
$defaultNetIPConfig = @(Get-NetIPConfiguration | Sort-Object -Property 'InterfaceIndex')[0]
try {
  if (@(Get-NetRoute -DestinationPrefix $destinationPrefix -PolicyStore 'ActiveStore').Length) {
    Remove-NetRoute -DestinationPrefix $destinationPrefix -PolicyStore 'ActiveStore' -Confirm:$false -ErrorAction SilentlyContinue
    Write-Host 'network route for instance metadata removed from ActiveStore'
  }
  if (@(Get-NetRoute -DestinationPrefix $destinationPrefix -PolicyStore 'PersistentStore').Length) {
    Remove-NetRoute -DestinationPrefix $destinationPrefix -PolicyStore 'PersistentStore' -Confirm:$false -ErrorAction SilentlyContinue
    Write-Host 'network route for instance metadata removed from PersistentStore'
  }
  New-NetRoute -DestinationPrefix $destinationPrefix -InterfaceIndex $defaultNetIPConfig.InterfaceIndex -NextHop $defaultNetIPConfig.IPv4DefaultGateway.NextHop -RouteMetric 1 -ErrorAction Stop
  Write-Host 'network route for instance metadata added.'
}
catch {
  Write-Host ('failed to add network route for instance metadata. {0}' -f $_.Exception.Message)
}

相关内容