Querying Instance Metadata

Last updated: 2021-06-21 15:29:20

    Instance metadata refers to data relevant to an instance. It can be used for configuring or managing a running instance.

    Note:

    Although instance metadata can only be accessed after login, the data has not been encrypted. Anyone who accesses the instance can view its metadata. Therefore, you should take proper actions to protect sensitive data.

    Overview

    Tencent Cloud provides the following metadata:

    Name Description Version
    instance-id Instance ID 1.0
    instance-name Instance name 1.0
    uuid Unique instance ID 1.0
    local-ipv4 Instance private IP address 1.0
    public-ipv4 Instance public IP address 1.0
    mac MAC address of the instance's eth0 device 1.0
    placement/region Instance region 2017-09-19
    placement/zone Instance availability zone 2017-09-19
    network/interfaces/macs/${mac}/mac MAC address of the instance’s network interface 1.0
    network/interfaces/macs/${mac}/primary-local-ipv4 Primary private IP of the instance’s network interface 1.0
    network/interfaces/macs/${mac}/public-ipv4s Public IP address of the instance’s network interface 1.0
    network/interfaces/macs/${mac}/vpc-id VPC ID of the instance’s network interface 2017-09-19
    network/interfaces/macs/${mac}/subnet-id Subnet ID of the instance’s network interface 2017-09-19
    network/interfaces/macs/${mac}/local-ipv4s/${local-ipv4}/gateway Gateway address of the instance’s network interface 1.0
    network/interfaces/macs/${mac}/local-ipv4s/${local-ipv4}/local-ipv4 Private IP address of the instance’s network interface 1.0
    network/interfaces/macs/${mac}/local-ipv4s/${local-ipv4}/public-ipv4 Public IP address of the instance’s network interface 1.0
    network/interfaces/macs/${mac}/local-ipv4s/${local-ipv4}/public-ipv4-mode Public network mode of the instance’s network interface 1.0
    network/interfaces/macs/${mac}/local-ipv4s/${local-ipv4}/subnet-mask Subnet mask of the instance’s network interface 1.0
    payment/charge-type Instance billing plan 2017-09-19
    payment/create-time Instance creation time 2017-09-19
    payment/termination-time Instance termination time 2017-09-19
    app-id AppID of the instance owner 2017-09-19
    as-group-id Auto scaling group ID of the instance 2017-09-19
    spot/termination-time Spot instance termination time 2017-09-19
    /meta-data/instance/instance-type Instance type 2017-09-19
    /instance/image-id Instance image ID 2017-09-19
    /instance/security-group Information of the security group bound to the instance 2017-09-19
    /instance/bandwidth-limit-egress Instance private network outbound bandwidth limit, in Kbit/s 2019-09-29
    /instance/bandwidth-limit-ingress Instance private network inbound bandwidth limit, in Kbit/s 2019-09-29
    /cam/security-credentials/${role-name} Temporary credential generated by the CAM role policy, which can be obtained only when the instance is associated with the CAM role. Change `${role-name}` to the actual CAM role name; otherwise, `404` will be returned 2019-12-11
    Note:

    • Fields ${mac} and ${local-ipv4} in the above table indicate the MAC address and private IP address of the network interface specified for the instance, respectively.
    • The destination URL address of the request is case-sensitive. You must construct the destination URL address of a new request according to the returned result of the request.
    • The returned data of placement is changed in the new version. To use data in the previous version, specify the previous version path or leave the version path empty to access the data of version 1.0. For more information on the returned data of placement, see Regions and Availability Zones.

    Querying Instance Metadata

    After logging in to an instance, you can access the metadata such as its local IP address and public IP address to manage connections with external applications.
    To view all the instance metadata within a running instance, use the following URI:

    http://metadata.tencentyun.com/latest/meta-data/
    

    You can access the metadata by using the cURL tool or an HTTP GET request, for example:

    curl http://metadata.tencentyun.com/latest/meta-data/
    
    • For resources that do not exist, the HTTP error code "404 - Not Found" will be returned.
    • To operate on the instance metadata, please first log in to the instance. For more information, see [Logging in to Windows Instance Using RDP (Recommended)(https://intl.cloud.tencent.com/document/product/213/5435) and Logging in to Linux Instance Using Standard Login Method.

    Sample metadata query

    The following example shows how to obtain the metadata version.

    Note:

    When Tencent Cloud modifies the metadata access path or returned data, a new metadata version is released. If your application or script depends on the structure or returned data of the previous version, you can access metadata using the specified previous version. If no version is specified, version 1.0 is accessed by default.

    [qcloud-user]# curl http://metadata.tencentyun.com/
    1.0
    2017-09-19
    latest
    meta-data
    

    The following example shows how to view the metadata root directory. The lines ending with / represent directories and other lines represent the accessed data. For the description of accessed data, see the Overview section described above.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/
    instance-id
    instance-name
    local-ipv4
    mac
    network/
    placement/
    public-ipv4
    uuid
    

    The following example shows how to obtain the physical location information of an instance. For the relationship between the returned data and the physical location, see Regions and Availability Zones.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/placement/region
    ap-guangzhou
    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/placement/zone
    ap-guangzhou-3
    

    The following example shows how to obtain the private IP address of an instance. If an instance has multiple ENIs, the network address of the eth0 device is returned.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/local-ipv4
    10.104.13.59
    

    The following example shows how to obtain the public IP address of an instance.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/public-ipv4
    139.199.11.29
    

    The following example shows how to obtain an instance ID. The instance ID is used to uniquely identify an instance.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/instance-id
    ins-3g445roi
    

    The following example shows how to query the instance UUID. The instance UUID can also be used as the unique identifier of an instance, but we recommend that you use instance ID to identify instances.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/uuid
    cfac763a-7094-446b-a8a9-b995e638471a
    

    The following example shows how to obtain the MAC address of an instance's eth0 device.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/mac
    52:54:00:BF:B3:51
    

    The following example shows how to obtain the ENI information of an instance. In case of multiple ENIs, multiple lines of data are returned, with each line indicating the data directory of an ENI.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/
    52:54:00:BF:B3:51/
    

    The following example shows how to obtain the information of a specified ENI.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/52:54:00:BF:B3:51/
    local-ipv4s/
    mac
    vpc-id
    subnet-id
    owner-id
    primary-local-ipv4
    public-ipv4s
    local-ipv4s/
    

    The following example shows how to obtain the VPC information of a specified ENI.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/52:54:00:BF:B3:51/vpc-id
    vpc-ja82n9op
    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/52:54:00:BF:B3:51/subnet-id
    subnet-ja82n9op
    

    The following example shows how to obtain the list of private IP addresses bound to the specified ENI. If the ENI is bound with multiple private IP addresses, multiple lines of data are returned.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/52:54:00:BF:B3:51/local-ipv4s/
    10.104.13.59/
    

    The following example shows how to obtain the information of a private IP address.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/52:54:00:BF:B3:51/local-ipv4s/10.104.13.59
    gateway
    local-ipv4
    public-ipv4
    public-ipv4-mode
    subnet-mask
    

    The following example shows how to obtain the gateway of a private IP address. This data is only available for VPC-based CVM models. For more information, please see Virtual Private Cloud (VPC).

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/52:54:00:BF:B3:51/local-ipv4s/10.104.13.59/gateway
    10.15.1.1
    

    The following example shows how to obtain the access mode used by a private IP address to access the public network. This data can be queried only for VPC-based CVMs. A classic network-based CVM accesses the public network through the public gateway.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/52:54:00:BF:B3:51/local-ipv4s/10.104.13.59/public-ipv4-mode
    NAT
    

    The following example shows how to obtain the public IP address bound to a private IP address.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/52:54:00:BF:B3:51/local-ipv4s/10.104.13.59/public-ipv4
    139.199.11.29
    

    The following example shows how to obtain the subnet mask of a private IP address.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/network/interfaces/macs/52:54:00:BF:B3:51/local-ipv4s/10.104.13.59/subnet-mask
    255.255.192.0
    

    The following example shows how to obtain the billing type of an instance.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/payment/charge-type
    POSTPAID_BY_HOUR
    

    The following example shows how to obtain the creation time of an instance.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/payment/create-time
    2018-09-18 11:27:33
    

    The following example shows how to obtain the termination time for spot instances.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/spot/termination-time
    2018-08-18 12:05:33
    

    The following example shows how to obtain the account AppId to which the CVM belongs.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/app-id
    123456789
    

    The following example shows how to obtain the temporary credential generated by the CAM role to which the instance belongs. In this example, the role name is CVMas.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/meta-data/cam/security-credentials/CVMas
    {
     "TmpSecretId": "AKIDoQMxF8OPg0gA7pyZIA6cW447p225cIt9NW8dhA1dwl5UvxxxxxxxxxUqRlEb5_",
     "TmpSecretKey": "Q9z24VucjF4xQQNV64qwF6uWY71PEsH3exxxxxxxxxgA=",
     "ExpiredTime": 1615590047,
     "Expiration": "2021-03-12T23:00:47Z",
     "Token": "xxxxxxxxxxx",
     "Code": "Success"
    }
    

    Querying Instance User Data

    You can specify instance user data when creating an instance. CVM instances having cloud-init configured can access the data.

    Searching user data

    After login, you can access user data by using the following method.

    [qcloud-user]# curl http://metadata.tencentyun.com/latest/user-data
    179, client, shanghai