NetBSD Problem Report #46306

From jschauma@netmeister.org  Sat Apr  7 17:19:09 2012
Return-Path: <jschauma@netmeister.org>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	by www.NetBSD.org (Postfix) with ESMTP id A4CA463B946
	for <gnats-bugs@gnats.NetBSD.org>; Sat,  7 Apr 2012 17:19:09 +0000 (UTC)
Message-Id: <20120407171921.5EE22356A73@panix.netmeister.org>
Date: Sat,  7 Apr 2012 13:19:21 -0400 (EDT)
From: jschauma@netmeister.org
Reply-To: jschauma@netmeister.org
To: gnats-bugs@gnats.NetBSD.org
Subject: AMI ami-820fddeb does not allow ssh connections
X-Send-Pr-Version: 3.95

>Number:         46306
>Category:       misc
>Synopsis:       AMI ami-820fddeb does not allow ssh connections
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    riz
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Apr 07 17:20:00 +0000 2012
>Closed-Date:    Fri Oct 05 18:21:07 +0000 2012
>Last-Modified:  Fri Oct 05 18:21:07 +0000 2012
>Originator:     Jan Schaumann
>Release:        NetBSD 6.0_BETA
>Organization:

>Environment:


Architecture: i386
Machine: i386
>Description:

http://wiki.netbsd.org/amazon_ec2/amis/ lists a number of AMIs, including ami-820fddeb
for NetBSD 6.0_BETA on i386.

Starting instances using this AMI yields virtual machines that do not seem to accept
SSH connections (despite network firewall rules being open).

Note that AMI ami-230fdf4a appears to work just fine:

ec2-describe-instances
RESERVATION     r-25512046      393287865111    stevens
INSTANCE        i-111dcc76      ami-820fddeb    ec2-75-101-242-215.compute-1.amazonaws.com      domU-12-31-39-0B-09-46.compute-1.internal   running stevens 0               m1.small        2012-04-07T17:07:26+0000    us-east-1d      aki-805ea7e9                    monitoring-disabled     75.101.242.215      10.214.14.180                   ebs                                     paravirtual     xensg-f95d9b90      default
BLOCKDEVICE     /dev/sda1       vol-929f66fd    2012-04-07T17:07:51.000Z
BLOCKDEVICE     /dev/sda2       vol-909f66ff    2012-04-07T17:07:51.000Z
RESERVATION     r-bf5425dc      393287865111    stevens
INSTANCE        i-d503d2b2      ami-230fdf4a    ec2-23-20-172-196.compute-1.amazonaws.com       domU-12-31-39-06-69-29.compute-1.internal   running stevens 0               m1.small        2012-04-07T17:13:46+0000    us-east-1d      aki-805ea7e9                    monitoring-disabled     23.20.172.196       10.208.110.215                  ebs                                     paravirtual     xensg-f95d9b90      default
BLOCKDEVICE     /dev/sda1       vol-92936afd    2012-04-07T17:14:14.000Z
BLOCKDEVICE     /dev/sda2       vol-6c926b03    2012-04-07T17:14:14.000Z


ssh ec2-23-20-172-196.compute-1.amazonaws.com
Warning: Permanently added 'ec2-23-20-172-196.compute-1.amazonaws.com,23.20.172.196' (RSA) to the list of known hosts.
NetBSD 5.1.2 (XEN3PAE_DOMU) #0: Thu Feb 2 17:18:36 UTC 2012
Welcome to NetBSD - Amazon EC2 image!

 ssh -v ec2-75-101-242-215.compute-1.amazonaws.com
 OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009
 debug1: Reading configuration data /home/jschauma/.ssh/config
 debug1: Applying options for *.amazonaws.com
 debug1: Reading configuration data /etc/ssh/ssh_config
 debug1: Applying options for *
 debug1: Connecting to ec2-75-101-242-215.compute-1.amazonaws.com [75.101.242.215] port 22.
 debug1: connect to address 75.101.242.215 port 22: Connection timed out
 ssh: connect to host ec2-75-101-242-215.compute-1.amazonaws.com port 22: Connection timed out


>How-To-Repeat:

ec2-run-instances ami-820fddeb
ssh <hostname>

>Fix:


>Release-Note:

>Audit-Trail:
From: Jeff Rizzo <riz@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: misc/46306: AMI ami-820fddeb does not allow ssh connections
Date: Sat, 07 Apr 2012 11:32:21 -0700

 On 4/7/12 10:20 AM, jschauma@netmeister.org wrote:
 > http://wiki.netbsd.org/amazon_ec2/amis/ lists a number of AMIs, including ami-820fddeb
 > for NetBSD 6.0_BETA on i386.
 >
 > Starting instances using this AMI yields virtual machines that do not seem to accept
 > SSH connections (despite network firewall rules being open).
 >

 I just successfully launched an AMI using ami-820fddeb, and used ssh to 
 log into it.

 My suspicion is that when you have trouble, the instance is crashing 
 before you can log in.  Can you get the console output when this 
 happens?  (ec2-get-console-output <instance-id>)

 Specifically, I'm interested in the hypervisor version, because amazon 
 runs some old ones:

 hypervisor0 at mainbus0: Xen version 3.4

 Unfortunately, this particular AMI doesn't show the teeny version (later 
 AMIs do), but the problems I've seen have been when it lands on a 3.1.2 
 or early hypervisor.

From: Jan Schaumann <jschauma@netmeister.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: misc/46306: AMI ami-820fddeb does not allow ssh connections
Date: Sat, 7 Apr 2012 15:39:19 -0400

 --BHMq0+oGliEfCAkH
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable

 Jeff Rizzo <riz@netbsd.org> wrote:
  =20
 >  I just successfully launched an AMI using ami-820fddeb, and used ssh to=
 =20
 >  log into it.

 Hmm, weird.

 >  My suspicion is that when you have trouble, the instance is crashing=20
 >  before you can log in.  Can you get the console output when this=20
 >  happens?  (ec2-get-console-output <instance-id>)

 It's been running for 25 minutes now, and still nada on the console:

 $ ec2-describe-instances i-bb9848dc
 RESERVATION     r-7ff4851c      393287865111    stevens
 INSTANCE        i-bb9848dc      ami-820fddeb
 ec2-107-21-197-12.compute-1.amazonaws.com
 domU-12-31-39-00-A2-31.compute-1.internal   running stevens 0
 m1.small        2012-04-07T19:07:58+0000    us-east-1d      aki-805ea7e9
 monitoring-disabled     107.21.197.12       10.254.165.187
 ebs                                     paravirtual     xensg-f95d9b90
 default
 BLOCKDEVICE     /dev/sda1       vol-d0c831bf    2012-04-07T19:08:29.000Z
 BLOCKDEVICE     /dev/sda2       vol-aec831c1    2012-04-07T19:08:29.000Z
 $  ec2-get-console-output i-bb9848dc
 i-bb9848dc
 2012-04-07T19:26:48+0000

 $=20

 Amazon's EC2 dashboard in the browser shows failed 'system reachability
 check' and failed 'instance reachability check'.

 So I'm afraid I can't get any additional information from this instance.

 By the way, ami-820fddeb comes up fine for me with instance type
 t1.micro and m1.medium, as well as if I explicitly specify m1.small, but
 not if I do not specify an instance type (in which case I thought it
 would default to m1.small).

 -Jan

 --BHMq0+oGliEfCAkH
 Content-Type: application/pgp-signature
 Content-Disposition: inline

 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.9 (NetBSD)

 iQEVAwUBT4CX52bOT+lva9PXAQL4pAgA0xNLS9b/yBm5nbvmPvYlm1R0RH7tEEl2
 Ou3/qMBo4IEb4F0zYFE6BlUy6kvE8Je+K87U6nxojYDDC76xbtNYBdJQFSb8XHtf
 gaoQZYNOoyAZiNKg1PmUaEAI1QDXKksXO8Z+3jN74NGQGXfJVdat0XAcQXN1GVfc
 mqnB2cnG1gaOC1gcBDud9ePuXgGiT0QniiEKUixS2hAQrFBYRl12Nco4bO8Wz/MH
 n8pavpM+rW/HN0R5JsxCICdNaL03Ip/x7xsP8h/u0F4fTeaNCl4uWIufM9fZbxR2
 T+PoodGrjefQzOny/k1mNX3NmX9071+NuKX8r3PXlHMb+xPAZFt2aA==
 =je4a
 -----END PGP SIGNATURE-----

 --BHMq0+oGliEfCAkH--

Responsible-Changed-From-To: misc-bug-people->riz
Responsible-Changed-By: riz@NetBSD.org
Responsible-Changed-When: Sun, 15 Apr 2012 20:17:11 +0000
Responsible-Changed-Why:
Mine


State-Changed-From-To: open->closed
State-Changed-By: riz@NetBSD.org
State-Changed-When: Fri, 05 Oct 2012 18:21:07 +0000
State-Changed-Why:
AMI no longer exists, plus the actual problem is that old hypervisors can
cause the NetBSD kernel to crash.


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.