Questions tagged with Amazon Linux
Content language: English
Sort by most recent
As mentioned in https://docs.aws.amazon.com/systems-manager/latest/userguide/managed-instances-default-host-management.html, SSM Agent version 3.2.582.0 or above have to be used in order to make use of Default Host Management Configuration. However, the latest version on Amazon Linux 2 is 3.1.1732.0 when I use yum update. Do we need to build from source code in order to use it at this moment? Thanks.
Amazon Linux 1 maintenance support will end on December 31, 2023. As per FAQ we should be able to launch instances using this AMI after the maintenance support window end but question is till how long ?
asked a month ago
We recently switched to using Corretto Java 11 and I noticed that something called log4j-cve-2021-44228-hotpatch gets installed as a dependency. This package executes a script that appears to be modifying the Java runtime to install an agent that will somehow patch vulnerable versions of log4j. Looking at journalctl, I see this script runs every 30 minutes.
We don't use log4j and we don't have it installed on our EC2 instances. We have over 100 EC2 instances. Is there an easy way to permanently remove this tool or do we have to switch to the OpenJDK Java release?
We have a handful of apps for users to consume in AppStream 2 that are running on Amazon Linux 2. I'd love to be able to offer users a persistent home folder similar to our Windows applications. Is this possible?
Subject says it all: What are my options on getting headless Chromium installed onto Amazon Linux 2 aarch64? If you can point me to directions, that'd be awesome.
Is it possible to patch latest AMI without updating the AMI Id
We have a couple of Beanstalk applications with multiple environments. The beanstalk applications are based on **Docker running on 64bit Amazon Linux 2/3.5.4 and runs Django** inside docker. Most of the environment uses a **t2.micro EC2** which if perfect for our scenario.
Lately we have been seeing a multiple **random** (not event without a config/code change) elastic **beanstalk deployment failure** where the deployment runs for over 10 minutes and fails with log below:
Upon investigation, it was found that every time there is a deployment failure, we see unprecedented rise in **CPU usage, usually up to 100%** (begins to rise after deployment initiation). Our baseline CPU usage is generally about 30% and this happens even if it's a dry deployment with no any config or code change. The problem **is resolved on itself after 30–40 minutes**. If we try to redeploy before that same issue is seen even after EC2/service restart.
**Syslog of EC2 gives me following errors in CloudFormation, possibly during deployment).**
```
[eb-cfn-init]: 2023-02-20 10:07:51,762 [INFO] -----------------------Build complete-----------------------
[eb-cfn-init]: [2023-02-20T10:09:24.623Z] Tailing /var/log/cfn-hup.log
[eb-cfn-init]: ******************* cfn-hup taillog *******************
[eb-cfn-init]: File "/usr/lib64/python3.7/http/client.py", line 1036, in _send_output
[eb-cfn-init]: self.send(msg)
[eb-cfn-init]: File "/usr/lib64/python3.7/http/client.py", line 976, in send
[eb-cfn-init]: self.connect()
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/packages/urllib3/connection.py", line 200, in connect
[eb-cfn-init]: conn = self._new_conn()
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/packages/urllib3/connection.py", line 182, in _new_conn
[eb-cfn-init]: self, "Failed to establish a new connection: %s" % e
[eb-cfn-init]: cfnbootstrap.packages.requests.packages.urllib3.exceptions.NewConnectionError: <cfnbootstrap.packages.requests.packages.urllib3.connection.HTTPConnection object at 0x7f7b60e24990>: Failed to establish a new connection: [Errno 101] Network is unreachable
[eb-cfn-init]: During handling of the above exception, another exception occurred:
[eb-cfn-init]: Traceback (most recent call last):
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/adapters.py", line 499, in send
[eb-cfn-init]: timeout=timeout,
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/packages/urllib3/connectionpool.py", line 756, in urlopen
[eb-cfn-init]: method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/packages/urllib3/util/retry.py", line 573, in increment
[eb-cfn-init]: raise MaxRetryError(_pool, url, error or ResponseError(cause))
[eb-cfn-init]: cfnbootstrap.packages.requests.packages.urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='169.254.169.254', port=80): Max retries exceeded with url: /latest/api/token (Caused by NewConnectionError('<cfnbootstrap.packages.requests.packages.urllib3.connection.HTTPConnection object at 0x7f7b60e24990>: Failed to establish a new connection: [Errno 101] Network is unreachable'))
[eb-cfn-init]: During handling of the above exception, another exception occurred:
[eb-cfn-init]: Traceback (most recent call last):
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/util.py", line 193, in _retry
[eb-cfn-init]: return f(*args, **kwargs)
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/util.py", line 329, in _fetch_instance_id
[eb-cfn-init]: token = _get_session_token()
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/util.py", line 293, in _get_session_token
[eb-cfn-init]: timeout=REQUEST_TIMEOUT)
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/api.py", line 130, in put
[eb-cfn-init]: return request("put", url, data=data, **kwargs)
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/api.py", line 59, in request
[eb-cfn-init]: return session.request(method=method, url=url, **kwargs)
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/sessions.py", line 586, in request
[eb-cfn-init]: resp = self.send(prep, **send_kwargs)
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/sessions.py", line 700, in send
[eb-cfn-init]: r = adapter.send(request, **kwargs)
[eb-cfn-init]: File "/usr/lib/python3.7/site-packages/cfnbootstrap/packages/requests/adapters.py", line 565, in send
[eb-cfn-init]: raise ConnectionError(e, request=request)
[eb-cfn-init]: cfnbootstrap.packages.requests.exceptions.ConnectionError: HTTPConnectionPool(host='169.254.169.254', port=80): Max retries exceeded with url: /latest/api/token (Caused by NewConnectionError('<cfnbootstrap.packages.requests.packages.urllib3.connection.HTTPConnection object at 0x7f7b60e24990>: Failed to establish a new connection: [Errno 101] Network is unreachable'))
[eb-cfn-init]: 2023-02-20 10:07:15,409 [DEBUG] Sleeping for 2.047560 seconds before retrying
```
**My take on the issue.**
**Sometime during the deployment (internally CloudFormation is doing the work) the egress network (public internet) becomes unavailable, mostly during the IMDS (metadata service) polling phase, and internally CloudFormation keeps on retrying to get the metadata resulting in a spike in CPU usage. Thus, the EC2 becomes unresponsive due to 100% CPU usage caused due to retry (maybe) and deployment fails. The main culprit here is the network availability which is a total weird because this resolves on its own the networking is configured correctly.**
Our website is developed in dotnet 4.5 version. I am not able to launch this website on amazon Linux2. I am trying to launch it via nginx server.
I am trying to set up a Cloud9 instance backed by an **g4dn.xlarge** instance and need install NVIDIA drivers. I have been attempting to follow the guidance here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/install-nvidia-driver.html ut have been hitting various roadblocks.
I see a couple of possible routes to this goal:
1) Download public drivers from https://www.nvidia.com/Download/Find.aspx The problem here is that "Amazon Linux 2" is not among the dropdown list choices for operating system. Would one of the supplied RHEL versions work?
2) Use a preconfigured AMI (e.g., https://aws.amazon.com/marketplace/pp/prodview-64e4rx3h733ru?sr=0-1&ref_=beagle&applicationId=AWS-EC2-Console). I was not able to see a route to using an arbitrary AMI with Cloud9 except in the case of the option to use existing compute infrastructure.
I created several EC2 instances running Amazon Linux 2 a few weeks ago, all with SSH access. A few days ago, one instance stopped allowing SSH access with the message `ec2-user@10.0.145.93: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).` - an error message I'd expect to see if my SSH keys were invalid.
The instance is still running, and the cron jobs I configured on it are still running as normal. I don't have serial console to the instance but I was able to create an AMI and then a VMDK from the instance in its current state and mount the filesystem to attempt to figure out what's wrong. As far as I can tell all the SSH configuration is still as I configured it: all the correct keys are still present in `~/.ssh/authorized_keys` and the contents of `/etc/ssh/` are identical to a clean AL2 install.
The security groups haven't changed (they still allow SSH access) and the SSHD config is the same, so what is going on?
Hello
I am trying to start an ec2 gpu instance in us-east-1. I have tried both Amazon Linux g4ad.xlarge, and g5g.2xlarge instances and receive the following message.
```
Instance launch failed
Your request for accessing resources in this region is being validated, and you will not be able to launch additional resources in this region until the validation is complete. We will notify you by email once your request has been validated. While normally resolved within minutes, please allow up to 4 hours for this process to complete. If the issue still persists, please let us know by writing to aws-verification@amazon.com for further assistance.
```
I have emailed aws-verficiation@amazon.com, twice, with no reply. I have been waiting for over 48 hours and am totally blocked. What can I do?
Is there a public timeline for adding PHP 8.2 support to AL2's amazon-linux-extras?
PHP 8.1 active support ends in 9 months.