No Server found in my AWS Server (Cloud Management)

William Lee · ‎02-12-2020

Began experimenting and exploring the capabilities of Cloud Management. I followed the tutorial video found on the ServiceNow Youtube channel for the initial set up using AWS, and everything seemed to work, but a colleague stated that there was a lack of a server found in the Discovery results. Doubled check the hardware for the cloud and he was right, no server found. Did I screw up the setup? How do I fix this? Wanted to speak to anyone who had run into a similar issue and could provide some guidance.

The AWS instance I am running is an EC2 instance, type t2.micro. Thanks in advance and appreciate the help.

christianmalone · ‎02-12-2020

were you looking in the virtual machine instance table? That’s where API cloud discovery will populate. Now running IP based discovery will discover the Linux and Windows servers running on ec2 and all the additional info you can’t get from AWS hypervisor. The new cloud discovery quick start homepage allows you to autorun IP discovery automatically after doing cloud discovery. You might be missing OS creds.

View solution in original post

chuckm · ‎05-08-2020

calebc - the Object ID from ServiceNow Windows Server and Virtual Machine Instance correlates to the Instance ID in AWS as shown.

To get the Instance ID from the AWS Windows server, open a browser on the server and run the command:

http://169.254.169.254/latest/meta-data/instance-id

Is this what you were looking for?

calebc · ‎05-12-2020

Thanks for the generous reply. That's a great deal of information. I believe it's leading to an answer. I looked up that url and found this helpful article "Retrieving instance metadata" that IP seams to be a specific to AWS. It's currently not accessible from my EC2 instance. Before I open a firewall rule, do you know how discovery knows to use that url to get the object_id/instance_id value? I found no ServiceNow documentation referencing that url.

I ask because, the object_id on my AWS windows Server CI record is not being populated and I'd like to understand why.

chuckm · ‎05-12-2020

The URL (http://169.254.169.254/latest/meta-data/instance-id) shows how you can manually get the InstanceID for a AWS Windows Server - I use only for troubleshooting. This URL can be run from a browser from a user logged on locally (RDP'd) to the AWS Windows Server.

Even though it isn't documented on the ServiceNow DOCs site, the same IP address (169.254.169.254) with a different AWS metadata category Instance metadata categories is used by Discovery to retrieve the object_id/instance_id value. Its a little lengthy, but below I explain how the Instance ID is retrieved and assigned to the Object ID attribute.

How Discovery Retrieves the object_id/instance id Value
ServiceNow Discovery retrieves the Instance ID and assigns the returned value to the Object ID in the Windows OS - Servers pattern. Pattern step 39.1.1 retrieves the Instance ID and step 40 assigns the Instanced ID to the Object ID.

Retrieve the InstanceID (Step 39.1.1. Get EC2 server details)
The Instanced ID is retrieved during step 39.1.1. During this step, the PowerShell command (below) is run to retrieve several AWS values that includes the instance_id (notice the IP Address 169.254.169.254 in the PowerShell command with the instance-identity/document metatdata category).

"powershell -command \"&{Try{(New-Object System.Net.WebClient).DownloadString('http://169.254.169.254/latest/dynamic/instance-identity/document')} Catch {}}\""

The Instance ID is parsed out of the returned string and assigned to the instance_id in the awsData Temporary Variable table:

Set the Object ID (Step 40. If AWS, set AWS object_id on host)
The Object ID [objec_id] is set in Step 40. The instance_id Temporary Variable is copied into to the CI Attribute object_id in this step:

Troubleshooting
To troubleshoot, I suggest first checking the Horizontal Discovery Log. In the example I have been using, looking at the IF AWS, set AWS object_id on host step in the Horizontal Discovery Log to determine if the object_id was successfully retrieved and set. In this example, the object_id was successfully retrieved and assigned:

If the Horizontal Discovery log does not show the object_id being set, then I suggest troubleshooting the Windows OS - Servers pattern using the Pattern Designer.

chuckm · ‎05-12-2020

calebc
I wanted to follow-up with one other observation. I found KB article KB0815873 Windows - AWS Relationship probe might be identified as Malware Ops (Malops) in customer's infrastru... where it is possible that security policies on your network may be affecting access to 169.254.169.254. This may be related to why the object_id is not being populated and why the relationship isn't being created between the Windows server and Virtual machine instance.

In my previous comment, I documented how the InstanceID is retrieved for the Windows pattern for Pattern-based discovery. If you are using Probe-based discovery, then the Windows - AWS Relationship probe is what retrieves the Instanced ID to create the relationship using http://169.254.169.254/latest/dynamic/instance-identity/document.

calebc · ‎05-14-2020

Thanks again for the verbose response. It was exactly what I needed. I was able to use the Patern Desiger's debug tool for the "Windows OS - Server" pattern and found that it was failing on step "39.1.1. Get EC2 server details" with the following command

"powershell -command \"&{Try{(New-Object System.Net.WebClient).DownloadString('http://169.254.169.254/latest/dynamic/instance-identity/document')} Catch {}}\""

Since the catch doesn't return the error, there was no output. I then RDP'd to the box and ran the command locally with powershell and a browser and ans you suspected the page was blocked. I'll be submitting a firewall request today.