I have an ec2 instance running on amazon which has AMI(ami-1b814f72).Its running RedHat 4.4.4-13 version.
I want to install ngnix and gunicorn on with django. According to ngnix http://wiki.nginx.org/Install#Official_Red_Hat.2FCentOS_packages page I need to create a file /etc/yum.repos.d/nginx.repo and paste those line for finding repo.But they also mentioned that :
Due to differences between how CentOS, RHEL, and Scientific Linux
populate the $releasever variable, it is necessary to manually replace
$releasever with either "5" (for 5.x) or "6" (for 6.x), depending upon
your OS version.
But I don't have either 5 or 6 version. I have RedHat 4.4.4-13 version, so what should I do in that case to make it work and get installed ngnix on my ec2 instance.
If I dont change the baseurl and try to install ngnix I got this error:
http://nginx.org/packages/rhel/latest/x86_64/repodata/repomd.xml:
[Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404"
Trying other mirror. Error: Cannot retrieve repository metadata
(repomd.xml) for repository: ngnix. Please verify its path and try
again
Please note: I want to be under AWS free Usage Tier and I don't want to be get charged
I hope someone will help me :(
So I solved my own problem and writing answer to my own QUESTION.Their is no available ngnix package for RHEL 4.4.Either we build from source specifically for RHEL 4.4 or just migrate to an updated version of AMI on amazon.I moved to ubuntu 11.10 which is updated one and currently supported by ubuntu community.
Related
I am having some issues installing Apache 2.4.50 on amazon Linux, originally, I had an Amazon Linux AMI and tried to do Sudo yum update httpd -y
I wanted this to update the Apache version to the latest, but it only went as far as 2.4.48 and said it was the latest version,
while looking into this I saw that the Amazon AMI was now deprecated and was in maintenance mode only.
I decided to spin up a new server using Amazon Apache2 thinking this would solve my issues, but once I installed the LAMP and ran HTTPD -v
it still showed ‘Package httpd-2.4.48-2.amzn2.x86_64 already installed and latest version’
I am aware that there is a critical issue with 2.4.48 CVE-2021-40438 and issue Apache 2.4.49 has a new zero-day critical vulnerability associated with it that can lead to a path traversal attack, so I need to get to 2.4.50.
Any help on how I can update to this version would be gratefully appreciated
Ambari version: 2.2.2.18
HDP stack: 2.4.3
OS: centos 7.3
Issue description:
Ambari-server can't communicate with Ambari agent. I can see below error in the ambari-agent logs:
ERROR 2017-09-18 06:35:34,684 NetUtil.py:84 - [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)
ERROR 2017-09-18 06:35:34,684 NetUtil.py:85 - SSLError: Failed to connect. Please check openssl library versions.
I am facing this issue recently and it appears this can be replicated consistently after the instances are restarted. (I am using EC2 instances).
I am able to register agent nodes successfully, install HDP cluster, run yarn jobs etc.. no problem at all. Once i restart my instances, I see this problem.
There are some solutions already posted for this problem like:
Downgrade the Python from 2.7 to lower. This is a known problem of
Ambari with Python 2.7
Control the certificate verification by disabling it.
Set "verify = disable"; under /etc/python/cert-verification.cfg
I don't want to play with Python as it can disrupt lot many things like Cassandra, yum package manager etc...
Second work around is very much easy and it works well!
Now comes my question :- Is it safe to disable the certificate verification in Python ? i.e. by setting property verify = disable
Generally, it's a bad idea. If somebody has access to port on server that is used for agent-server communication (8443 if I'm not mistaken), he can register as agent and get all your cluster configs&passwords. Or classic man-in-the-middle attack would allow to do the same by reading your unencrypted traffic. A bit more difficult attack would allow to send commands to agents (probably with root permissions).
Your issue sounds like you reprovisioned your ambari-server host, and left old ambari-agent instances running, or maybe your certificates became outdated? At first connection to ambari-server, agents generate certificates and send to server. Server signs these certificates with it's own key, so now server-agent connection is encrypted. Did you try to remove old certificates and restart server&agents as suggested here?
How did we investigate this issue and What solution we adopted:
Investigation Details:
Downgrading to Python 2.6 is not feasible as there are OS dependencies and as per Suggestion from 'Dmitriusan' in the previous comment, it's not a good idea to disable certificate verification in Python.
We use AWS EC2
With Python 2.7, JDK 1.8 and Cent OS 7.2 there is no issue. Everything is smooth.
With Python 2.7, JDK 1.8 and Cent OS 7.3 and Centos 7.4 we are seeing this issue.
Issue which I have reported here, is with respect to Centos 7.3 and with Centos 7.4 Issue is slightly different. Certificate verification fails while adding nodes to the cluster itself.
Downgrading from centos 7.3 to 7.2 is not straight forward. And AWS EC2 market place provides Centos 7.0 Image and when we create instance from this image, it applies security and patch updates resulting in Centos 7.3.
We can create our own Image of Centos 7.2 from existing servers but, It's always good to be with the latest update for the OS for security reasons.
To describe it shortly, we had workarounds but not a solution.
Solution which we adopted:
After series of tests, we decided to upgrade to Centos 7.4, HDP-2.6.3.0, and Ambari 2.6.0.0
With Centos 7.4 and Ambari Version 2.6.0.0, we don't see this issue even though I have 'Python 2.7.5' installed.
So this looks to be an Issue with Ambari
Older version of Ambari (2.4.2) does not recognize the force TLS configuration. We upgraded Ambari to 2.6.2 and heart beat started working.
I have an EC2 Amazon Linux Ami instance running PHP server version 5.6.22, also PostgreSQL 9.4.6 installed.
Doing an echo phpinfo(); it give the following value for PDO_PGSQL library:
PostgreSQL(libpq) Version 8.4.20
This is causing that the app server throws error while trying to connect to the RDS instance with Postgres 9.5 due to the missmatching versions.
I have been looking to make that version to be 9.4 or 9.5. Until now, I had done severals reinstall, trying dealing with repositories, but without results.
EDIT:
The reported version for psql command is: psql (PostgreSQL) 9.4.6
Its very old but I wanted to write.
I had the same issue and thought that error caused by php libpq exactly like you.
I tried million times to reinstall everything, changed OS but no result. Then I found some other setting that can cause the error. That was "Security Groups". You can find it under EC2 page menu. Please switch inbound source "everywhere" for "rds-launch-wizard" group then try to connect again.
It should work, if other every options are O.K.
Good luck.
I installed OpenStack on an ec2 instance running Ubuntu 14.04 LTS via devstack. When I login into the dashboard I get an error "Error: Unable to retrieve usage information"
When I installed it and logged in for the first time, everything was working fine. But after I stopped my ec2 instance and restarted, I am facing this problem.
What might be causing this error?
I used the stable juno version of devstack.
And the AMI for my ec2 instance is Ubuntu Server 14.04 LTS (HVM), SSD Volume Type.
Does restarting the instance might have caused some problem?
cd to devstack and execute ./rejoin-stack
That solved it. I was trying to reboot nova and other services individually.
But since the installation was done using devstack, you need to run the ./rejoin-stack script.
In addition to [akshay1188] answer, you can re-stack your system. Sometimes, rejoin-stack does not work as expected. In that case, you can unstack (unstack.sh) it and stack (stack.sh) again. *This may take much time.
Another observation of mine says this can be an issue with IP address of the system. Try to keep IP address same after reboot.
I have set up an EC2 instance with Ubuntu and able to login via ssh.
Now I have installed Apache, MySQL (worked fine) and Django also tried to configure it to run with apache. I have tried doing so with mod-wsgi but it still shows a apache default page instead of django (Congratulation ! It works) page. Can someone please provide me instructions for how to setup all this after login into EC2 via SSH.
Here is a tutorial provided by Django.
You need to make sure the apache config file is in /etc/apache2/sites-enabled/ or wherever your apache configuration files rest.
Another silly problem and this might be your issue is whenever I start a new instance of EC2 there is always a config called "000-default" already in the apache sites-enabled. This needs to be DELETED or DISABLED for apache to read from your config instead.
Hopefully this helps!
For a example check the Step 2 of this link. yum + git + pip + python requirements