amazon-ssm-agent: aws ssm start-session end with **Cannot perform start session: EOF**
I try to instanciate a vanilla aws ssm start-session on a Github actions Jobs (without SSH).
The session is well instanciated (i can see it on the AWS Session Manager dashboard) but always finish with a Cannot perform start session: EOF
FYI I can instanciated a sesion outside of GH actions (.e.g. on my laptop) with the same account / role / policy / instances (ami-0ea4a063871686f37).
Here’s my job YAML :
name: CI
# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the main branch
push:
branches: [ main ]
pull_request:
branches: [ main ]
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Configure AWS credentials from Test account
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Initialize a Session Manager session
shell : sh
run: aws ssm start-session --target ${{ secrets.TARGET_INSTANCE }}
The results :
Run aws ssm start-session --target ***
aws ssm start-session --target ***
shell: /bin/sh -e {0}
env:
AWS_DEFAULT_REGION: ***
AWS_REGION: ***
AWS_ACCESS_KEY_ID: ***
AWS_SECRET_ACCESS_KEY: ***
Starting session with SessionId: gh-ssm-0d50831b64f0xxxxx
$ Cannot perform start session: EOF
Here are the CLI tools packaged with Ubuntu-latest virtual env (20.04.2 LTS) :
- AWS CLI 2.1.24
- AWS CLI Session manager plugin 1.2.54.0
About this issue
- Original URL
- State: open
- Created 3 years ago
- Reactions: 14
- Comments: 19 (2 by maintainers)
I had similar issue with “aws ecs execute-command …” and it seems it’s related to tty being not available when running in ci
I fixed it with “unbuffer aws ecs execute-command …” to run it with tty available
Yes, I am invoking it from a terminal. I haven’t changed anything about the instances I’m connecting to, they’re launched from an AMI I baked weeks ago. It’s working today, without changing anything in my local environment (same version of
session-manager-plugin, same AMI/instances)ah, I think I get it. When I try the same command from a terminal with an enormous scrollback, it fails with
Cannot perform start session: EOF. Using a new terminal session clears the scrollback, andaws ssm start-sessionworks as expected.More on
unbuffer&expecthttps://stackoverflow.com/questions/66066753/aws-start-session-end-with-cannot-perform-start-session-eofSide note, you can run single commands like so
@olfway You saved my day! I had the exact same issue and
sudo apt-get install expect; aws ecs execute-command ....worked like a charm! Thanks.Session manager plugin has been designed to be invoked from a terminal for shell scenarios so it can interpret control sequences returned by pseudo terminal and display appropriately. When a shell session is started, session manager plugin also fetches terminal size on client machine and sends it to pseudo terminal on target server. We suspect one of these actions might be failing for you. Please let us know if you are invoking session manager plugin from a terminal and still seeing error of
Cannot perform start session: EOF.@alxsbn Can you explain more what you meant by “ssm send-command with remote script execution”? We’re running into the same issue with
I don’t know if this makes a difference, but we’re using ECS with Fargate, not EC2.
Thank you. The command that I tried to execute is what OP tried:
aws ssm start-session --target i-xyz.I added
unbufferto the beginning, same error:unbuffer aws ssm start-session --target i-xyz. My question was, why usingunbufferwould make it work?maybe this command can help
name: Install AWS CLI run: | sudo apt-get update sudo apt-get install -y awscli aws --version
name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
name: Install Session Manager Plugin run: | curl “https://s3.amazonaws.com/session-manager-downloads/plugin/latest/ubuntu_64bit/session-manager-plugin.deb” -o “session-manager-plugin.deb” sudo dpkg -i session-manager-plugin.deb sudo apt-get update sudo apt-get install -y session-manager-plugin sudo apt-get install -y expect session-manager-plugin --version
name: Create Start SSH Session shell : sh run: | aws ssm start-session
–target ${{ secrets.INSTANCE_ID }}
–document-name AWS-StartSSHSession
@emmahsax Our first reflex was to run a ssh command, then the others commands we need (for us it was linked to CD, so rsync a repo then restart a pm2 service). Since we have this tty problem we just write a shell script with our commands an fire him with ssm send-command