OCPCLOUD-2710: implement extended AWS metadata service options

[RadekManak]

This PR extends the AWS Instance Metadata Service (IMDS) configuration options in Machine API Provider for AWS (MAPA) to achieve parity with Cluster API Provider AWS (CAPA).

What this PR does

Adds support for three new metadata service options when creating AWS instances:

1. HTTPEndpoint - Controls whether the HTTP metadata endpoint is enabled or disabled on EC2 instances

   • Enabled: The metadata endpoint is accessible
   • Disabled: The metadata endpoint is not accessible

2. HTTPPutResponseHopLimit - Configures the desired HTTP PUT response hop limit for instance metadata requests (valid range: 1-64). This is useful for containers and multi-hop network setups where the default hop limit of 1 may be insufficient.

3. InstanceMetadataTags - Controls whether instance tags are accessible from the instance metadata service

   • Enabled: Allows instance tags to be retrieved from IMDS
   • Disabled: Instance tags are not accessible from IMDS

These options are plumbed into the InstanceMetadataOptionsRequest when calling the EC2 RunInstances API.

Why this is needed

CAPA currently supports these metadata service configuration options while MAPA does not. This gap causes issues during CAPI to MAPI conversion when these fields are populated. By implementing these options in MAPA:

• We achieve feature parity with CAPA
• We eliminate conversion errors in CAPI2MAPI when these fields are configured
• We provide users with more granular control over their instance metadata configuration

API PR: openshift/api#2654

[openshift-ci-robot]

@RadekManak: This pull request references OCPCLOUD-2710 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

This PR extends the AWS Instance Metadata Service (IMDS) configuration options in Machine API Provider for AWS (MAPA) to achieve parity with Cluster API Provider AWS (CAPA).

What this PR does

Adds support for three new metadata service options when creating AWS instances:

1. HTTPEndpoint - Controls whether the HTTP metadata endpoint is enabled or disabled on EC2 instances

• Enabled: The metadata endpoint is accessible
• Disabled: The metadata endpoint is not accessible

2. HTTPPutResponseHopLimit - Configures the desired HTTP PUT response hop limit for instance metadata requests (valid range: 1-64). This is useful for containers and multi-hop network setups where the default hop limit of 1 may be insufficient.

3. InstanceMetadataTags - Controls whether instance tags are accessible from the instance metadata service

• Enabled: Allows instance tags to be retrieved from IMDS
• Disabled: Instance tags are not accessible from IMDS

These options are plumbed into the InstanceMetadataOptionsRequest when calling the EC2 RunInstances API.

Why this is needed

CAPA currently supports these metadata service configuration options while MAPA does not. This gap causes issues during CAPI to MAPI conversion when these fields are populated. By implementing these options in MAPA:

• We achieve feature parity with CAPA
• We eliminate conversion errors in CAPI2MAPI when these fields are configured
• We provide users with more granular control over their instance metadata configuration

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign nrb for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

@RadekManak: This pull request references OCPCLOUD-2710 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

This PR extends the AWS Instance Metadata Service (IMDS) configuration options in Machine API Provider for AWS (MAPA) to achieve parity with Cluster API Provider AWS (CAPA).

What this PR does

Adds support for three new metadata service options when creating AWS instances:

1. HTTPEndpoint - Controls whether the HTTP metadata endpoint is enabled or disabled on EC2 instances

• Enabled: The metadata endpoint is accessible
• Disabled: The metadata endpoint is not accessible

2. HTTPPutResponseHopLimit - Configures the desired HTTP PUT response hop limit for instance metadata requests (valid range: 1-64). This is useful for containers and multi-hop network setups where the default hop limit of 1 may be insufficient.

3. InstanceMetadataTags - Controls whether instance tags are accessible from the instance metadata service

• Enabled: Allows instance tags to be retrieved from IMDS
• Disabled: Instance tags are not accessible from IMDS

These options are plumbed into the InstanceMetadataOptionsRequest when calling the EC2 RunInstances API.

Why this is needed

CAPA currently supports these metadata service configuration options while MAPA does not. This gap causes issues during CAPI to MAPI conversion when these fields are populated. By implementing these options in MAPA:

• We achieve feature parity with CAPA
• We eliminate conversion errors in CAPI2MAPI when these fields are configured
• We provide users with more granular control over their instance metadata configuration

API PR: openshift/api#2654

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

@RadekManak: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/verify-deps	6ae4120	link	true	/test verify-deps
ci/prow/e2e-aws	6ae4120	link	true	/test e2e-aws
ci/prow/regression-clusterinfra-aws-ipi-mapi	6ae4120	link	false	/test regression-clusterinfra-aws-ipi-mapi

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.