search

F5Networks / f5-aws-cloudformation

CloudFormation Templates for quickly deploying BIG-IP services in Amazon Web Services EC2
112 stars 118 forks source link

S3 Buckets 403 Forbidden at deploy cn-northwest-1 #143

Closed Core-Bore closed 3 years ago

Core-Bore commented 3 years ago

Do you already have an issue opened with F5 support?

No

Description

Trying to use the templates to deploy in cn-northwest-1 will cause the scripts at intial setup to fail. Since S3 buckets located in cn-north-1 is not accessible and give a HTTP 403 Forbidden.

Switching around in the template to use alternative links will work sometimes. The connection outside of China is incredibly slow and can cause connection resets.

2021-01-12 05:21:05,330 [DEBUG] Retrieving contents from https://github.com/F5Networks/f5-cloud-failover-extension/releases/download/v1.6.1/f5-cloud-failover-1.6.1-1.noarch.rpm 2021-01-12 05:27:10,799 [ERROR] Generic IOError Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/cfnbootstrap/util.py", line 162, in _retry return f(*args, **kwargs) File "/usr/lib/python2.7/site-packages/cfnbootstrap/file_tool.py", line 243, in _write_remote_file remote_contents.write_to(dest) File "/usr/lib/python2.7/site-packages/cfnbootstrap/util.py", line 102, in write_to for c in self._response.iter_content(10 * 1024): File "/usr/lib/python2.7/site-packages/cfnbootstrap/packages/requests/models.py", line 656, in generate for chunk in self.raw.stream(chunk_size, decode_content=True): File "/usr/lib/python2.7/site-packages/cfnbootstrap/packages/requests/packages/urllib3/response.py", line 273, in stream data = self.read(amt=amt, decode_content=decode_content) File "/usr/lib/python2.7/site-packages/cfnbootstrap/packages/requests/packages/urllib3/response.py", line 203, in read data = self._fp.read(amt) File "/usr/lib/python2.7/httplib.py", line 602, in read s = self.fp.read(amt) File "/usr/lib/python2.7/socket.py", line 380, in read data = self._sock.recv(left) File "/usr/lib/python2.7/ssl.py", line 759, in recv return self.read(buflen) File "/usr/lib/python2.7/ssl.py", line 653, in read v = self._sslobj.read(len or 1024) error: [Errno 104] Connection reset by peer

Internet access was available during startup: ] ~ # ping 1.1.1.1 PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. 64 bytes from 1.1.1.1: icmp_seq=1 ttl=45 time=213 ms 64 bytes from 1.1.1.1: icmp_seq=2 ttl=45 time=214 ms 64 bytes from 1.1.1.1: icmp_seq=3 ttl=45 time=213 ms

If this requires anything from our part or F5 to make S3 files publicly available in China. Or to update the templates not to use the S3 buckets as default in the templates.

Template

f5-existing-stack-across-az-cluster-byol-3nic-bigip f5-existing-stack-across-az-cluster-byol-2nic-bigip

Severity Level

For bugs, enter the bug severity level. Do not set any labels.

Severity: 5

Severity level definitions:

  1. Severity 1 (Critical) : Defect is causing systems to be offline and/or nonfunctional. immediate attention is required.
  2. Severity 2 (High) : Defect is causing major obstruction of system operations.
  3. Severity 3 (Medium) : Defect is causing intermittent errors in system operations.
  4. Severity 4 (Low) : Defect is causing infrequent interuptions in system operations.
  5. Severity 5 (Trival) : Defect is not causing any interuptions to system operations, but none-the-less is a bug.
shyawnkarim commented 3 years ago

This is a known issue and a fix will be included in the next release. Internal ID ESECLDTPLT-2415.

shyawnkarim commented 3 years ago

Closing.

This issue was resolved with Release 5.11.0.