[Tip] Amazon EC2 다양한 Error 상황 알아보기

안녕하세요 서후아빠입니다. ^_^

이번 세션은 EC2에서 발생하는 다양한 Error에 대해서 필요한 정보들을 정리해 보았습니다.

이 세션은 앞으로도 계속 업데이트 할 예정입니다.

---

DNS 설정이 안되어 있어 yum (or apt) 명령어 실패되는 경우?

# yum 명령어 실행 시 아래처럼 error 발생 
yum install -y httpd
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Could not retrieve mirrorlist https://amazonlinux-2-repos-ap-northeast-2.s3.dualstack.ap-northeast-2.amazonaws.com/2/core/latest/x86_64/mirror.list error was
14: curl#6 - "Could not resolve host: amazonlinux-2-repos-ap-northeast-2.s3.dualstack.ap-northeast-2.amazonaws.com"


 One of the configured repositories failed (Unknown),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=<repoid> ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable <repoid>
        or
            subscription-manager repos --disable=<repoid>

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true


# 수동으로 DNS 설정하고, 서비스 재구동하니 설정값이 자동 삭제됨
vi /etc/resolv.conf
nameserver 8.8.8.8

cat /etc/resolv.conf
nameserver 8.8.8.8

systemctl restart network

cat /etc/resolv.conf

# URL로 ping 시도하면 당연히 DNS 없다고 알려줌
ping google.com
ping: google.com: Name or service not known

해결방법 : VPC > Your VPCs > VPC 선택 > Actions > Edit DHCP option set > DHCP options set(dopt-* 선택) > Save changes

EC2에서 Outbound SMTP 차단에 대한 해결 방법?

설명 : AWS에서는 EC2에서 무작위로 발송하는 Mail을 차단하기 위해 SMTP 차단이 되어 있습니다. 

해결 방법 : root 계정으로 https://support.console.aws.amazon.com/support/contacts#/rdns-limits 접속하여 해제 요청합니다.

2023.03.09 - [Other Service] - [Tip] Amazon EC2 또는 Lambda 함수에서 SMTP 포트 25 해제 프로세스

[Tip] Amazon EC2 또는 Lambda 함수에서 SMTP 포트 25 해제 프로세스

Linux에서 EC2를 SSH 접속 시 차단에 대한 해결 방법?

설명 : pem키의 권한 문제로 접근 차단

해결 방법 : chmod 600 [pem키]

# 에러 메시지 
$ ssh -i key.pem ubuntu@10.150.1.7
The authenticity of host '10.150.1.7 (10.150.1.7)' can't be established.
ECDSA key fingerprint is SHA256:9ZmrrhcU3WNFjG//6QSzvglZ3WWcv/uTTSCkWb3c.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.150.1.7' (ECDSA) to the list of known hosts.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for 'key.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "key.pem": bad permissions
ubuntu@10.150.1.7: Permission denied (publickey).

# 해결 방법 
$ chmod 600 medibloc-key.pem
$ ssh -i key.pem ubuntu@10.150.1.7
Welcome to Ubuntu 20.04.5 LTS (GNU/Linux 5.15.0-1019-aws x86_64)
...생략...

EC2에 서비스 포트는 정상 Listen(SSH, HTTP/S 등)이나 접속이 잘 안되는 경우

# OOM(Out Of Memory) Killer 동작 확인 : 메모리가 부족할 경우 특정 프로세스를 강제로 종료하도록 동작
cat dmesg-support.txt | grep "Out of"
  [Thu Mar 23 15:39:38 2023] Out of memory: Killed process 30712 (isc_gs) total-vm:10250708kB, anon-rss:8275464kB, file-rss:0kB, shmem-rss:0kB, UID:1004 pgtables:17064kB oom_score_adj:0
 
# 해결 방법 : 해당 프로세스 종료하고 재시작