Is there a way when deploying a cluster on AWS to deploy EC2 instances with Instance Metadata Service Version 2 (IMDSv2)? Does Qovery use IMDSv1? I don’t see an option to change this in advanced settings in the cluster. I also don’t want to break something by manually changing it if Qovery uses it for something.
When I deployed a cluster through Qovery, it was deployed using IMDSv1. I just wanted to make sure that changing it to IMDSv2 wouldn’t break anything and also if there was a setting to have Qovery deploy the cluster with IMDSv2.
Sorry I was being imprecise as I’m not super familiar with Kubernetes. I need to disable IMDSv1 for the cluster. Can I do this through Qovery? If not, this Require IMDSv2 shows how to disable it: aws ec2 modify-instance-metadata-options \ --instance-id i-1234567898abcdef0 \ --http-tokens required \ --http-endpoint enabled . Will doing it through AWS CLI allow it to be overwritten in the future?
The way you propose it will work until those EC2 will be replaced (for node maintenance, scale down, EKS nodegroup upgrade…). I just made a quick check to see if we could change /update it on EKS but did not find something yet.
I’m going to open a ticket and see what AWS propose for this.
I think I’ve a solution, I have to perform tests. If it works, it will take around 2 weeks for implementation and validation (ensuring everything works fine as expected). Please let me know if it’s ok for you.
Small update: everything is ready on our side, and the test observability has started. If everything is going well, we’ll make it generally available next week.
Thank you so much! I was able to update the cluster.
P.S. One small thing, it looks like the field may be case sensitive and the docs have it as “Required” and “Optional” instead of “required” and “optional”.