Add a "local interface IP mode" to the AWS cloud provider. #518
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
One of my customers uses
gostatsd
in a configuration where each EC2 instance has agostatsd
instance colocated with a single application instance. The application instance andgostatsd
communicate with each other via UDP over the loopback interface. In this scenario, the destination IP of the UDP datagram packets is127.0.0.1
.The current implementation of the AWS cloud provider looks up EC2 instance tags by using the destination addresses from the inbound UDP datagrams in the
private-ip-address
attribute of the filter on theDescribeInstances
operation. This approach breaks if the UDP datagram packets are not the private IP addresses of EC2 instances, particularly if they are local interface IP addresses like127.0.0.1
.This PR adds support for a "local interface IP mode". It can be enabled by setting the
local_ip_mode
toallow
in the cloud provider configuration. In this mode, the AWS cloud provider will check the inbound IP addresses against a local IP "whitelist". IP addresses which match will cause the cloud provider to locate instances by settingthe
instance-id
in theDescribeInstances
filter to the instance ID returnedby the EC2 instance identity document.