#!/bin/bash # # Author: Georg Voell - georg.voell@standby.cloud # Version: @(#)get-cloud 3.2.0 11.09.2024 (c)2024 Standby.cloud # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/ # # This script can be used free of charge. Use it as is or customize as needed. It is not guaranteed to be # error free and you will not be reimbursed for any damage it may cause. # #@ Determine cloud platform and get metadata from instance if we are on oracle cloud. #@ #@Usage: get-platform [options] [key] #@ Options: -h, --help : Displays helptext. #@ -v, --version : Displays the version of the script. #@ -o, --output : Output format 'plain, 'keys' or 'json'. # # Possible values for cloud_id: # # ORACLE # ORACLE-OCI # ORACLE-OCI CLOUD-SHELL # ORACLE-OCI C@C # ORACLE-OPC # ORACLE-OPC C@C # MICROSOFT # DTAG # ... # # Update history: # # V 3.0.0 28.04.2020 New version # V 3.0.1 11.06.2020 Using library # V 3.0.2 02.07.2020 Check if we are running in OCI Cloud Shell # V 3.1.0 05.06.2023 New copyright # V 3.1.1 10.09.2023 Get metadata for oci # V 3.2.0 11.09.2024 New minor version # # Find executable bash library and source it lib=`which lib.bash 2>/dev/null | sed 's|^no 'lib.bash' in .*||'` if [ "$lib" != "" ]; then source "$lib" else progdir=`dirname "$0"` if [ -r "${progdir}/lib.bash" ]; then source "${progdir}/lib.bash" else echo "Unexpected error: Unable to locate bash library 'lib.bash'." exit 1 fi fi # Set the Base URL opcurl="http://192.0.0.192" ociurl="http://169.254.169.254" asnurl="https://standby.cloud/cgi-bin/get-asn.pl?param" # Preset param="" cloudid="" asn="" check_c_at_c=0 formatstr="plain" # Check parameters: Loop until all parameters are used up while [ $# -gt 0 ]; do case "$1" in -o | --output) shift if [ "$1" != "" ]; then formatstr=`echo "$1" | tolower` if [ "$formatstr" != "plain" -a "$formatstr" != "keys" -a "$formatstr" != "json" ]; then errstr="Unknown format '$formatstr' after parameter '-o'. Please choose from 'plain', 'keys' or 'json'." fi shift else errstr="Please specify a format ('plain', 'keys' or 'json') after parameter '-o'." fi ;; -v | --version) shift showversion=true ;; -h | --help) shift showhelp=true ;; *) shift paramck=`echo "$pname" | grep '^-'` # Keys don't begin with '-' if [ "$paramck" != "" ]; then errstr="Unknown option '$pname'." else if [ "$param" = "" ]; then # Get the first parameter, squeeze '/' and delete any blanks # We can't lowercase the input because OCI uses mixed lower- and uppercase names param="`echo "$pname" | tr -d ' ' | sed 's|^/*||' | tr -s '/'`" else errstr="Unknown parameter: '$pname'." fi fi esac done # Display help or error message DisplayHelp # Check if curl is in PATH curl=`filecheck -x curl` if [ "$curl" = "" ]; then exitcode=1 errormsg $exitcode "($progstr) No 'curl' in '$PATH'. Please install first e.g. 'sudo yum -y install curl'." else if [ "$param" = "" ]; then # Check if we have internet connection and determine asn asn=`get-ip asn` # Only check asn if we have an result (internet connection) if [ "$asn" != "" ]; then case "$asn" in # Microsoft AS12076 | AS13399 | AS14271 | AS14719 | AS20046 | AS23468 | AS35106 | AS3598 | AS395496 | AS395524 | AS395851 | \ AS396463 | AS45139 | AS52985 | AS5761 | AS6182 | AS6291 | AS6584 | AS8068 | AS8069 | AS8070 | AS8071) cloudid="MICROSOFT" ;; AS2914) # NTT cloudid="NTT" ;; AS1273) # Vodafone cloudid="VODAFONE" ;; AS12956) # Telefonica cloudid="TELEFONICA" ;; AS8560) # 1&1 IONOS cloudid="IONOS" ;; AS3320) # Deutsche Telekom cloudid="DTAG" ;; AS31898 | AS43898) # ORACLE-BMC-31898 cloudid="ORACLE-OCI" ;; # ORACLE-OPC # AS22435 PSFT-INC compute.us1.oraclecloud.com # AS4192 STORTEK-INT compute.us2.oraclecloud.com # AS7160 NETDYNAMICS compute.us6.oraclecloud.com # AS52019 ORCL-EMEA-AS login.em1.oraclecloud.com # AS43898 ORCL-AM-OPC1 compute.em2.oraclecloud.com # AS43894 ORCL-LON-OPC1 compute.gbcom-south-1.oraclecloud.com # AS4192 STORTEK-INT uscom-central-1.storage.oraclecloud.com AS22435 | AS4192 | AS7160 | AS52019 | AS43894 | AS4192) cloudid="ORACLE-OPC" ;; # ORACLE # AS792 ORACLE-ASNBLOCK-ASN oraclecloud.com # AS14506 ORCL-ASHBURN3 # AS63295 ORCL-CHICAGO1 # AS64102 Oracle Corporation # AS33517 DYNDNS AS792 | AS14506 | AS63295 | AS64102 | AS33517) cloudid="ORACLE" ;; *) # ASN lookup info: https://securitytrails.com/blog/asn-lookup # Add to url to get infos - add /prefixes to get all prefixes - add /peers to get all peers # cloudid=`transfer --quiet https://api.bgpview.io/asn/$asn | grep '"name":' | cut -d'"' -f4` cloudid=`transfer --quiet --seconds 5 "${asnurl}=$asn" | grep '\[AS' | cut -d']' -f2 | cut -d',' -f1` cloudid="${cloudid/ /}" esac if [ "$cloudid" = "ORACLE-OCI" -a "$OCI_CLI_CLOUD_SHELL" = "True" -a -f "/etc/bashrc.cloudshell" ]; then # We are in an OCI CloudShell and we can't use Metadata cloudid="ORACLE-OCI CLOUD-SHELL" fi if [ "$cloudid" != "" ]; then if [ "$formatstr" = "json" ]; then printf '{\n "cloud_id": "%s",\n "asn_id": "%s"' "$cloudid" "$asn" else if [ "$formatstr" = "keys" ]; then printf 'cloud_id:%s\nasn_id:%s\n' "$cloudid" "$asn" else printf 'cloud_id\nasn_id\n' fi fi if [ "$cloudid" != "ORACLE-OCI CLOUD-SHELL" ]; then if [ "$cloudid" != "ORACLE-OPC" -a "$cloudid" != "ORACLE-OCI" ]; then # Cloud@Customer with Internet Connection may has an other asn check_c_at_c=1 fi fi fi fi if [ "$cloudid" = "ORACLE-OCI" -o "$asn" = "" -o $check_c_at_c -gt 0 ]; then # curl -m 2 --silent ${ociurl}/openstack/2013-10-17/meta_data.json -o $scratchfile grepres=`transfer --auth --quiet --seconds 5 ${ociurl}/opc/v2/instance/id` stat=$? if [ $stat -eq 0 ]; then result=`echo "$grepres" | head -n 1` if [ "$result" != "" ]; then if [ "$grepres" != "" ]; then cloudid="ORACLE-OCI" if [ "$formatstr" = "json" ]; then if [ "$asn" = "" ]; then printf '{\n "cloud_id": "%s",\n "instance_id": "%s"' "$cloudid" "$grepres" else # We already printed cloudid and asn printf ',\n "instance_id": "%s"' "$grepres" fi else if [ "$formatstr" = "keys" ]; then if [ "$asn" = "" ]; then printf 'cloud_id:%s\ninstance_id:%s\n' "$cloudid" "$grepres" else printf 'instance_id:%s\n' "$grepres" fi else if [ "$asn" = "" ]; then printf 'cloud_id\ninstance_id\n' else printf 'instance_id\n' fi fi fi # We found metadata - Don't check for other Metadata check_c_at_c=0 asn="AS" fi else exitcode=2 fi else exitcode=$stat fi fi if [ "$cloudid" = "ORACLE-OPC" -o "$asn" = "" -o $check_c_at_c -gt 0 ]; then # Check if we have opc metadata available grepres=`transfer --quiet --seconds 5 ${opcurl}/latest/meta-data/instance-id` stat=$? if [ $stat -eq 0 ]; then if [ "$grepres" != "No such metadata item" ]; then cloudid="ORACLE-OPC" if [ "$formatstr" = "json" ]; then if [ "$asn" = "" ]; then printf '{\n "cloud_id": "%s",\n "instance_id": "%s"' "$cloudid" "$grepres" else # We already printed cloudid and asn printf ',\n "instance_id": "%s"' "$grepres" fi else if [ "$formatstr" = "keys" ]; then if [ "$asn" = "" ]; then printf 'cloud_id:%s\ninstance_id:%s\n' "$cloudid" "$grepres" else printf 'instance_id:%s\n' "$grepres" fi else if [ "$asn" = "" ]; then printf 'cloud_id\ninstance-id\n' else printf 'instance-id\n' fi fi fi # We found metadata - Don't check for other Metadata check_c_at_c=0 asn="AS" else exitcode=2 fi else exitcode=$stat fi fi # Check if we are running on a Hypervisor dmesg=`filecheck -x dmesg` if [ "$dmesg" != "" ]; then hv=`$dmesg 2>/dev/null | grep -i ' Hypervisor detected: ' | cut -d':' -f2- | sed 's|^ *||'` if [ "$hv" != "" ]; then mf="" pd="" vs="" filecheck -rm $scratchfile dmidecode=`filecheck -x dmidecode` if [ "$dmidecode" != "" ]; then if [ "$USER" = "root" ]; then $dmidecode -t system > $scratchfile 2>&1 else check-sudo stat=$? if [ $stat -eq 0 ]; then sudo $dmidecode -t system > $scratchfile 2>&1 fi fi fi result=`filecheck -sl $scratchfile` if [ "$result" != "" ]; then mf=`cat $scratchfile | grep 'Manufacturer:' | cut -d':' -f2- | sed 's|^ *||'` pd=`cat $scratchfile | grep 'Product Name:' | cut -d':' -f2- | sed 's|^ *||'` vs=`cat $scratchfile | grep 'Version:' | cut -d':' -f2- | sed 's|^ *||'` fi if [ "$formatstr" = "json" ]; then printf ',\n "hypervisor": "%s"' "$hv" if [ "$mf" != "" ]; then printf ',\n "manufacturer": "%s"' "$mf" printf ',\n "product_name": "%s"' "$pd" printf ',\n "version": "%s"' "$vs" fi else if [ "$formatstr" = "keys" ]; then printf 'hypervisor:%s\n' "$hv" if [ "$mf" != "" ]; then printf 'manufacturer:%s\n' "$mf" printf 'product_name:%s\n' "$pd" printf 'version:%s\n' "$vs" fi else printf 'hypervisor\n' if [ "$mf" != "" ]; then printf 'manufacturer\n' printf 'product_name\n' printf 'version\n' fi fi fi fi fi if [ "$formatstr" = "json" ]; then printf '\n}\n' fi else lparam=`echo $param | cut -d'/' -f1` rparam=`echo $param | cut -d'/' -f2-` if [ "$lparam" = "$rparam" ]; then rparam="" fi # echo "param: '$param'." # echo "lparam: '$lparam'." # echo "rparam: '$rparam'." if [ "$lparam" = "opc" ]; then if [ "$rparam" = "" ]; then transfer --quiet --seconds 5 ${opcurl}/ --export $scratchfile stat=$? if [ $stat -eq 0 -a -f $scratchfile ]; then printf '[\n' while read -r line; do if [ "$line" = "latest" ]; then printf ' "%s"\n' $line else printf ' "%s",\n' $line fi done < $scratchfile printf ']\n' else exitcode=2 fi else echo "OPC check '$rparam'." fi else if [ "$lparam" = "oci" ]; then transfer --auth --quiet --seconds 5 ${ociurl}/opc/v2/instance/ --export $scratchfile stat=$? if [ $stat -eq 0 -a -f $scratchfile ]; then cat $scratchfile | browse-json "$rparam" --raw --select 1 --output $formatstr else exitcode=2 fi else exitcode=3 errormsg $exitcode "($progstr) Unknown cloud type '$lparam'. Start url with 'opc' or 'oci'." fi fi fi fi # Cleanup filecheck -rm $scratchfile exit $exitcode # ToDo: More Cloud Metadata # https://gist.github.com/techgaun/db7c61258bb21839b2832c021a12e368 # ToDo: Certs # metadataBaseURL = `http://169.254.169.254/opc/v2` # metadataFallbackURL = `http://169.254.169.254/opc/v1` # regionPath = `/instance/region` # leafCertificatePath = `/identity/cert.pem` # leafCertificateKeyPath = `/identity/key.pem` # intermediateCertificatePath = `/identity/intermediate.pem` # Set default platform="" # Check if we have curl installed curl=`filecheck -x curl` if [ -x "$curl" ]; then # https://docs.oracle.com/en/cloud/iaas/compute-iaas-cloud/stcsg/retrieving-instance-metadata.html#GUID-12F6344D-2131-49D5-8F1F-C8B4BBFB3E79 answer=`curl -m 2 --silent http://192.0.0.192/latest/meta-data/public-keys/ | grep 'key'` if [ "$answer" != "" ]; then platform="opc" else # https://docs.cloud.oracle.com/iaas/api/#/en/iaas/20160918/datatypes/LaunchInstanceDetails # answer=`curl -m 10 --silent http://169.254.169.254/opc/v1/instance/` answer=`curl -m 2 --silent http://169.254.169.254/openstack/latest/meta_data.json | grep 'uuid'` if [ "$answer" != "" ]; then platform="oci" else platform="local" fi fi fi exit mdtype=${1} mdvar=${2} # Check if we could use curl if [ -x "$curl" ]; then if [ "$mdtype" = "" ]; then errormsg 2 "($progstr) Please specify metadata type: meta or user." exit 2 else curl -m 10 --silent http://169.254.169.254/opc/v1/identity/cert.pem curl -m 10 --silent http://169.254.169.254/opc/v1/instance/region curl -m 10 --silent http://169.254.169.254/opc/v1/instance/metadata/ curl -m 10 --silent http://169.254.169.254/opc/v1/instance/ curl -m 10 --silent http://169.254.169.254/opc/v1/instance/shape curl -m 10 --silent http://169.254.169.254/openstack/latest/meta_data.json curl -m 10 --silent -H "Authorization: Bearer Oracle" http://169.254.169.254/opc/v2/instance/ curl -m 10 --silent -H "Authorization: Bearer Oracle" http://169.254.169.254/opc/v2/instance/shape curl -m 10 --silent -H "Authorization: Bearer Oracle" http://169.254.169.254/opc/v2/instance/regionInfo/realmKey curl -m 10 --silent -H "Authorization: Bearer Oracle" http://169.254.169.254/opc/v2/instance/metadata/ curl -m 10 --silent -H "Authorization: Bearer Oracle" http://169.254.169.254/opc/v2/instance/metadata/quake_bot_level curl -m 10 --silent http://169.254.169.254/opc/v1/instance/ | grep '^ "' | cut -d'"' -f2 curl -m 10 --silent http://169.254.169.254/opc/v1/instance/ | jq -M .metadata { "ssh_authorized_keys": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCryUIzZYc+etv4lZ4iuX5jiP5oHTDlpYI1NMnMyt+v/Lg5Y/+cydyhON0zhU9GXeuUA2pUc6OiCKuBJt3UAI4TvMZWTv2HKxBe4xxBQ+pTmFGBmAEXkvUB4UF+UkGn/MmGMqoy8ZUvDOvQ2er7SUPl9McNtblG0wKHprV+mWyOQsLUX0s+VPHLbkGq2agsiXr7zRcM1qH8mgc0uI5ZisKuGBacZX75XhRA9AfsmLzCV8pkow33i4e3pVRmSFmxKKdVUiG1HN7UXCNeZ2+Z2JZm07ju2vjggdMVimrUltgh1eTK4wcxbERCpS3Fb+J2NTVTKf4wIy+PQVUp87eUy5V7 eoncloud" } curl -m 10 --silent http://169.254.169.254/opc/v1/instance/ | jq -M .metadata.ssh_authorized_keys "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCryUIzZYc+etv4lZ4iuX5jiP5oHTDlpYI1NMnMyt+v/Lg5Y/+cydyhON0zhU9GXeuUA2pUc6OiCKuBJt3UAI4TvMZWTv2HKxBe4xxBQ+pTmFGBmAEXkvUB4UF+UkGn/MmGMqoy8ZUvDOvQ2er7SUPl9McNtblG0wKHprV+mWyOQsLUX0s+VPHLbkGq2agsiXr7zRcM1qH8mgc0uI5ZisKuGBacZX75XhRA9AfsmLzCV8pkow33i4e3pVRmSFmxKKdVUiG1HN7UXCNeZ2+Z2JZm07ju2vjggdMVimrUltgh1eTK4wcxbERCpS3Fb+J2NTVTKf4wIy+PQVUp87eUy5V7 eoncloud" exit # https://docs.oracle.com/en/cloud/iaas/compute-iaas-cloud/stcsg/retrieving-instance-metadata.html#GUID-12F6344D-2131-49D5-8F1F-C8B4BBFB3E79 # get metadata versions: curl http://192.0.0.192 # Versions: # latest # 1.0 # 2007-01-19 # 2007-03-01 # 2007-08-29 # 2007-10-10 # 2007-12-15 # 2008-02-01 # 2009-04-04 urlbase="http://192.0.0.192/latest/${mdtype}-data" if [ "$mdvar" = "" ]; then curl -m 10 --silent "$urlbase" else result=`curl -m 10 --silent "$urlbase/$mdvar"` if [ "$result" = "No such metadata item" ]; then exit 3 else echo "$result" fi fi fi else errormsg 1 "($progstr) No 'cURL' installed. Please install first." exit 1 fi