Unanswered Questions tagged with Amazon EC2
Content language: English
Sort by most recent
Has anyone ever recovered a randomly-assigned non-Elastic IP address?
I had a terrible thing happen this evening. One of my EC2 instances that had a randomly-assigned non-Elastic IP address was retired due to a hardware issue, and therefore I lost access to that IP address. Unfortunately that IP was a critical IP to my organization. I run an email platform and that IP was used in our customers' email campaigns to track link clicks. I should have never architected it this way -- my mistake -- but I'm now pleading with AWS support to give me that IP back. Wondering if anyone has ever been in a similar situation and gotten this resolved.
Debian-11 build process has lost its ethernet interfaces
We are using Yocto build-system (kirkstone) to compile images for i.MX8 based development board and we are trying to move the build process to AWS EC2 based environment for CI integration. We are currently using Debian (AMI: debian-11-amd64-20220503-998, type: t3.2xlarge) EC2 image from AWS marketplace. We have configured the EC2 machine with one external interface that binds to public IP and the machine is able to communicate with the outside world. This is the output of the `ip addr` from the login shell ``` admin@ip-XXX-XXX-XXX-XXX:~$ ip a show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000 link/ether XX:XX:XX:XX brd ff:ff:ff:ff:ff:ff altname enp0s5 inet XXX-XXX-XXX-XXX/20 brd XXX.XXX.XXX.XXX scope global dynamic ens5 valid_lft 2992sec preferred_lft 2992sec inet6 XXXX::XXXX:XXXX:XXXX:XXXX/64 scope link valid_lft forever preferred_lft forever ``` But, after we try to compile our Yocto project we get several build errors due to fetch failing as some of our recipes fail to fetch sources from outside world. If I launch a development shell with `bitbake -c devshell my-app` it will no longer see the ethernet devices but only the local interface which is in down state and has no IP attached to it ``` admin@ip-XXX-XXX-XXX-XXX:~/yocto/build/tmp/work/x86_64-linux/my-app/1.0.0-r0/my-app-1.0.0$ ip a show 1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:200:00:00:00 ``` and I can also see that resolving outside connections no longer work ``` admin@ip-XXX-XXX-XXX-XXX:~/yocto/build/tmp/work/x86_64-linux/my-app/1.0.0-r0/my-app-1.0.0$ traceroute6 www.google.com www.google.com: Temporary failure in name resolution Cannot handle "host" cmdline arg `www.google.com' on position 1 (argc 1) ``` This is the output from process tree ``` admin@ip-XXX-XXX-XXX-XXX:~/yocto/build/tmp/work/x86_64-linux/my-app/1.0.0-r0/my-app-1.0.0$ ps f PID TTY STAT TIME COMMAND 943 pts/1 Ss 0:00 /bin/bash 994 pts/1 R+ 0:00 \_ ps f 758 pts/0 Ss 0:00 -bash 830 pts/0 Sl+ 0:01 \_ python3 /home/admin/yocto/sources/poky/bitbake/bin/bitbake my-app -c devshell 941 pts/0 S+ 0:00 \_ sh -c screen -r devshell_939 942 pts/0 S+ 0:00 \_ screen -r devshell_939 ``` Another thing that seems off is that the build process has somehow lost all its groups and there is a group `nogroup` added ``` admin@ip-XXX-XXX-XXX-XXX:~/yocto/build/tmp/work/x86_64-linux/my-app/1.0.0-r0/my-app-1.0.0$ groups admin nogroup ``` When running the `groups` from the login shell the user has `admin adm dialout cdrom floppy sudo audio dip video plugdev netdev` that seem to be lost when launching the development shell. We are using the build system in multiple local development environments (based on Debian-11) and the build system is able to connect to outside world just fine so this relates to the AWS EC2 Debian image that we are using. Why are the interfaces not displayed and how can we work-around this issue so that the build process can access the source repositories from the build environment?
VirtualBox localhost "Login incorrect"
I am new to virtual machines, Linux and amazon so please bare with me. I have installed the virtual machine according to amazon's instructions listed [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/amazon-linux-2-virtual-machine.html). I am able to boot in VirtualBox, but I am stuck on a sign in page that asks for: ``` localhost login: ``` rather than: ``` amazon login: ``` as I've seen others report. Now I have not made changes to the *meta-data *file in the ISO image, so all it says is: ``` local-hostname: amazon ``` with some additional commented lines regarding 'network-interfaces' that I am unfamiliar with. The server goes to "localhost" as a direct result of this, I guess? but I do not know the login for localhost and the users and passwords set in the *user-data* file do not work. If someone could point me in the right direction to set the proper network configuration or help with the credentials that would be greatly appreciated.
Got regional data transfer usage between Lightsail and EC2 within the same region
Hi: I'm using VPC peering to connect my EC2 and Lightsail instance within the same region and AZ. The EC2 has no public IP address, but from the usage report, I found the EC2 somehow has regional data transfer usage with public IP. VPC log also shows no transfer to anywhere outside of the AZ, is there any possibility that some other AWS service could cause this issue? Thanks. ![EC2 instance](/media/postImages/original/IMXLRIKkwASqOyT388Y9FLjw) ![usage](/media/postImages/original/IM2oit7osLRSK_qpSjDEDM4A)
SSM Agency Amazon running CPU high load near 100%
I just started a t3a.nano instance it's normal at stat up but it's not stable later. The ssm agent service ran as cron and made my server crashed almost. Right now I can not connect to SSH. I have tried Stop and Start also, nothing help to solve it up to now. Anyone meet this issue? P/s: I have tried read old topic and wait 1-2 hours to ssm update but no change. For AWS Support you can check my instance i-0d8bcd6234b2d9ac6
Confidential Compute AMD SEV SNP remote attestation
Hi, I'm a university student and I am doing some research regarding AMD SEV-SNP remote attestation. I want to host a VM on AWS with an AMD SEV-SNP processor and perform a remote attestation of the CPU/VM. Does AWS offer an API or another kind of interface, where I can do it? I would like to get the measurements of the VM to validate against AMD. Thank you for any help you can offer.
Windows faster launch fails - SSM is not enabled, user script is not executed
IHAC who is using windows faster launch feature is seeing issues with the launch once out of 5 launches. When the AMI launch fails, SSM service is not activated and User data scripts are not executed. They are not able to find out the reason for AMI launch failure. Customer is also having challenges as with SSM service not coming up they can’t log into the EC2 instance (RDP is locked down due to the InfoSec security requirements) to download log files. Is there any other option to offload the logs
AmazonLinux 2022 32-Bit
I have Amazonlinux 2022 (64-bit) with docker, but I have software that I want to install that requires 32 bit support. How do I enable 32-bit support? yum install glibc.i686 e.g. fails: ``` bash-5.1# yum -y install glibc.i686 Amazon Linux 2022 repository 40 MB/s | 10 MB 00:00 Last metadata expiration check: 0:00:02 ago on Sat Nov 12 07:40:31 2022. No match for argument: glibc.i686 Error: Unable to find a match: glibc.i686 ``` Many thanks.
Python Flask Server send_file fails when SSH terminal disconnected
I think this would be a useful question to others too. I have a flask server running (on an EC2) and delivers attachments via python send_file as a request. Works great. It also provides a list of the files available. (Using your browser). The process is I SSH to the terminal start the python3 minflask.py & I exit the SSH. All commands work for the minflask.py accept the send_file which says server error. I know the process is running. I can SSH again and see the process is running. So instead (what works) the process is SSH for the terminal tmux new -s mywindow python3 minflask.py and all works. I close the SSH terminal and all works fine. Later I can tmux a -t mywindow and see my Flask server output information. So what is the real issue HERE? I have tried send_file with an fp=open and send_from_directory and so on. No difference. I know I can open files.
a4-25.smtp-out.eu-west-1.amazonses.com / Client host blocked using cbl.abuseat.org
Some of my customers on either EC2 or Lightsail with their own (validated and secure) email servers are experiencing this problem, which started yesterday:- ``` An error occurred while trying to deliver the mail to the following recipients: email@example.com Reporting-MTA: dns; a4-25.smtp-out.eu-west-1.amazonses.com Action: failed Final-Recipient: rfc822; firstname.lastname@example.org Diagnostic-Code: smtp; 554 5.7.1 Service unavailable; Client host [184.108.40.206] blocked using cbl.abuseat.org Status: 5.7.1 ``` The email servers have SPF, DKIM, DMARC and MTA-STS set up and have been fine for many years. The IP address 220.127.116.11 is ofcourse one of AWS' SES servers. I have sent a tweet to AWS and they redirected me here. Can anyone help? Regards, Paul Littlefield