Unable to load credentials from Amazon EC2 metadata service on local Tomcat

[Ricardo Sobral]

When running tomcat on local machine I get the following:

2014-11-05 02:09:37,441 [localhost-startStop-1] INFO  BootStrap  - Starting ice...

com.amazonaws.AmazonClientException: Unable to load credentials from Amazon EC2 metadata service

        at com.amazonaws.auth.InstanceProfileCredentialsProvider.loadCredentials(InstanceProfileCredentialsProvider.java:109)

        at com.amazonaws.auth.InstanceProfileCredentialsProvider.getCredentials(InstanceProfileCredentialsProvider.java:39)

I have made sure that the credentials are on ice.properties. Is there anything that I am missing? Spent a lot of time looking at this.

ice.s3AccessKeyId=thisiscorrect

ice.s3SecretKet=ThisIsCorrect

# whether or not to start processor

ice.processor=true

# whether or not to start reader/UI

ice.reader=false

# whether or not to start reservation capacity poller

ice.reservationCapacityPoller=false

# default reservation period, possible values are oneyear, threeyear

ice.reservationPeriod=oneyear

# default reservation utilization, possible values are LIGHT, MEDIUM, HEAVY. If you have both (LIGHT or MEDIUM) and HEAVY RIs, make sure you do not put HEAVY here.

ice.reservationUtilization=LIGHT

# the highstock url; host it somewhere else and change this if you need HTTPS

ice.highstockUrl=http://code.highcharts.com/stock/highstock.js

# url prefix, e.g. http://ice.netflix.com/. Will be used in alert emails.

ice.urlPrefix=

# from email address

ice.fromEmail=

# ec2 ondemand hourly cost threshold to send alert email. The alert email will be sent at most once per day.

ice.ondemandCostAlertThreshold=250

# ec2 ondemand hourly cost alert emails, separated by ","

ice.ondemandCostAlertEmails=

# modify the following 5 properties according to your billing files configuration. if you have multiple payer accounts, you will need to specify multiple values for each property.

# s3 bucket name where the billing files are. multiple bucket names are delimited by ",". Ice must have read access to billing s3 bucket.

ice.billing_s3bucketname=nameprivatebilling

# prefix of the billing files. multiple prefixes are delimited by ","

ice.billing_s3bucketprefix=,

# specify your payer account id here if across-accounts IAM role access is used. multiple account ids are delimited by ",". "ice.billing_payerAccountId=,222222222222" means assumed role access is only used for the second bucket.

#ice.billing_payerAccountId=,123456789012

# specify the assumed role name here if you use IAM role access to read from billing s3 bucket. multiple role names are delimited by ",". "ice.billing_accessRoleName=,ice" means assumed role access is only used for the second bucket.

#ice.billing_accessRoleName=,ice

# specify external id here if it is used. multiple external ids are delimited by ",". if you don't use external id, you can leave this property unset.

#ice.billing_accessExternalId=

# specify your custom tags here. Multiple tags are delimited by ",". If specified, BasicResourceService will be used to generate resource groups for you.

# PLEASE MAKE SURE you have limited number (e.g. < 100) of unique value combinations from your custom tags, otherwise Ice performance will be greatly affected.

#ice.customTags=tag1,tag2

# start date in millis from when you want to start processing the billing files

ice.startmillis=1364774400000

# you company name. it will be used by UI

ice.companyName=Your Company Name

# s3 bucket name where Ice can store output files. Ice must have read and write access to billing s3 bucket.

ice.work_s3bucketname=nameprivatebilling

# prefix of Ice output files

ice.work_s3bucketprefix=

# local directory for Ice processor. the directory must exist.

ice.processor.localDir=/mnt/ice_processor

# local directory for Ice reader. the directory must exist.

ice.reader.localDir=/mnt/ice_reader

# monthly data cache size for Ice reader.

ice.monthlycachesize=12

# change the follow account settings

ice.account.account1=813174733243

# set reservation owner accounts. "ice.owneraccount.account2=account3,account4" means reservations in account2 can be shared by account3 and account4

# if reservation capacity poller is enabled, the poller will try to poll reservation capacity through ec2 API (desribeReservedInstances) for each reservation owner account.

ice.owneraccount.account1=813174733243

# if reservation capacity poller needs to use IAM role to access ec2 API, set the assumed role here for each reservation owner account

#ice.owneraccount.account1.role=

#ice.owneraccount.account2.role=

#ice.owneraccount.account5.role=

# if reservation capacity poller needs to use IAM role to access ec2 API and external id is used, set the external id here for each reservation owner account. otherwise you can leave it unset.

#ice.owneraccount.account1.externalId=

#ice.owneraccount.account2.externalId=

#ice.owneraccount.account5.externalId=

[alex...@gmail.com]

On Wednesday, November 5, 2014 2:12:26 AM UTC, Ricardo Sobral wrote:
> When running tomcat on local machine I get the following:
>
> 2014-11-05 02:09:37,441 [localhost-startStop-1] INFO  BootStrap  - Starting ice...
> com.amazonaws.AmazonClientException: Unable to load credentials from Amazon EC2 metadata service

> [...]

>
> I have made sure that the credentials are on ice.properties. Is there anything that I am missing? Spent a lot of time looking at this.
>
> ice.s3AccessKeyId=thisiscorrect
> ice.s3SecretKet=ThisIsCorrect

See https://github.com/Netflix/ice/issues/49 - you can't specify these credentials in ice.properties.

They have to be specified as runtime parameters (i.e. -Dice.s3AccessKeyId=AKXXXXXXXXXXXXXXXXXX -Dice.s3SecretKey=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX).

Alex