Check if python script is running on an aws instance

Question

I'm trying to set up a python logger to send error emails when it logs an error iff the instance has a tag set. I then quickly run into the problem of local dev computers that aren't on aws. Is there an easy and fast way to check if the script is being run on aws?

I was loading the instance data with:

import boto.utils
from boto.ec2.connection import EC2Connection
metadata = boto.utils.get_instance_metadata()
conn = EC2Connection()
instance = conn.get_only_instances(instance_ids=metadata['instance-id'])[0]

I can of course use a timeout on get_instance_metadata, but there is then a tension between now long to make developers wait vs the possibility of not sending an error email in production.

Can anyone think of a nice solution?

Yaakov Bressler · Answer 1 · 2020-07-21T02:23:17.460

14

Alternatively, you can check if your environment contains any AWS environmental variables:

is_aws = True if os.environ.get("AWS_DEFAULT_REGION") else False

I chose to inspect if my user name is an ec2 instance: (Not a great solution, but it works)

my_user = os.environ.get("USER")
is_aws = True if "ec2" in my_user else False

edited Jul 21 '20 at 02:23

answered Jul 21 '20 at 02:15

Yaakov Bressler

9,056
2
45
69

score 6 · Answer 2 · answered Jan 28 '19 at 03:47

6

Similar to @cgseller, assuming python3, one could do something like:

from urllib.request import urlopen

def is_ec2_instance():
    """Check if an instance is running on AWS."""
    result = False
    meta = 'http://169.254.169.254/latest/meta-data/public-ipv4'
    try:
        result = urlopen(meta).status == 200
    except ConnectionError:
        return result
    return result

answered Jan 28 '19 at 03:47

sedeh

7,083
6
48
65

An EC2 instance does not necessarily have a public IP – Paolo Nov 08 '22 at 10:43
This take long time on non instance, as urlopen will block. Better to add `urlopen(meta, timeout=1)` or something similar. – Marcin Jan 03 '23 at 23:04
@Foo You can use `private-ip`. – Marcin Jan 03 '23 at 23:06
@Marcin yeah, but this source code only uses `public-ipv4` – Paolo Jan 04 '23 at 09:14

score 5 · Answer 3 · edited Jul 11 '16 at 18:13

AWS instances have metadata, so you could make a call to the metadata service and get a response, if the response is valid, you are @ AWS, otherwise you are not.

for example:

import urllib2
meta = 'http://169.254.169.254/latest/meta-data/ami-id'
req = urllib2.Request(meta)
try:
    response = urllib2.urlopen(req).read()
    if 'ami' in response:
        _msg = 'I am in AWS running on {}'.format(response)
    else:
        _msg = 'I am in dev - no AWS AMI'
except Exception as nometa:
    _msg = 'no metadata, not in AWS'

print _msg

This is just a stab - there are likely better checks but this one will get you the feel for it and you can improve upon it as you see fit. IF you are using OpenStack or another cloud service locally you of course will get a metadata response, so you will have to adjust your check accordingly...

(you could also do this with cloud-init stuff if you are using some kind of launch tool or manager like chef, puppet, homegrown, etc. Drop an /ec2 file in the file system if it's in AWS, or better yet if local drop a /DEV on the box)

This takes long time on non instance, as urlopen will block. Better to add `urlopen(meta, timeout=1)` or something similar. — Marcin, Jan 03 '23 at 23:05

score 2 · Answer 4 · answered Nov 23 '21 at 10:50

A simple solution would be to check the contents of the file /var/lib/cloud/instance/datasource, which on an Ec2 instance contains DataSourceEc2Local: DataSourceEc2Local:

$ sudo cat /var/lib/cloud/instance/datasource
DataSourceEc2Local: DataSourceEc2Local

so in Python:

datasource_file = "/var/lib/cloud/instance/datasource"
try:
    with open(datasource_file) as f:
        line = f.readlines()
        if "DataSourceEc2Local" in line[0]:
            print("I'm running on EC2!")
except FileNotFoundError:
        print(f"{datasource_file} not found")

score 1 · Answer 5 · edited May 23 '17 at 12:32

1

I don't think this is really a boto issue. EC2 (and boto in turn) don't care or know anything about what scripts you're running on your servers.

If your script has a particular signature -- e.g. listening on a port -- that would be the best way to check, but shy of that, you can just look for its signature in the OS -- its process.

Use the subprocess module and your preferred bash magic to check if it's running:

command = ["ssh", "{user}@{server}", "pgrep", "-fl", "{scriptname}"]
try:
    is_running = bool(subprocess.check_output(command))
except subprocess.CalledProcessError:
    log.exception("Checking for script failed")
    is_running = False

edited May 23 '17 at 12:32

Community

1
1

answered Apr 11 '15 at 01:50

jwilner

6,348
6
35
47

Yep your right, its not really a boto issue. I like Nathan Binkert answer to this post. http://stackoverflow.com/questions/10907418/how-to-check-application-runs-in-aws-ec2-instance – TristanMatthews Apr 11 '15 at 01:54
Oooh, I get your question now. Why don't you just have dev computers set an environment variable and check for that environment variable in the script? Seems simplest. – jwilner Apr 11 '15 at 02:01
We talked about that, but I'd rather avoid a solution that requires doing something like that on all dev or all production machines. – TristanMatthews Apr 11 '15 at 02:15

Check if python script is running on an aws instance

5 Answers5

Linked