Public Cloud On-Demand Virtual Machines (VM’s) cannot receive updates

This document (7023919) is provided subject to the disclaimer at the end of this document.

Environment

Amazon Web Services (AWS
Microsoft Azure and Google Compute Platform (GCP) on demand  VM for
SUSE Linux Enterprise Server (SLES)
SUSE Linux Enterprise Server for SAP Applications (SLES for SAP)

****************************
This article does not apply to BYOS (Bring your own subscription) images for SUSE Linux Enterprise Server or SUSE Linux Enterprise Server for SAP Applications
*********************************
 

Situation

The SUSE Public Cloud engineering team builds SLES and SLES for SAP images for AWS, Azure and GCP. For each image published, there are two payment options for the image: BYOS and on-demand. The on-demand virtual machines are configured to connect to the SUSE Public Cloud Update Infrastructure which is maintained by the SUSE Public Cloud Engineering team.

There are three major components that enable on-demand virtual machines to receive updates from SUSE Public Cloud Update Infrastructure.


Registration Client: The registration client obtains public cloud specific update server information from the Region Servers and then uses this information to register the guest instance with the regional update server.

  1. zypper se regionServiceClientConfig” will display the available package specific for the distribution and public cloud platform
  2. Region Servers: The Region Server provides the on-demand virtual machine an update server available within its region. The goal of the overall architecture is to always deliver updates from a local region. By providing an on-demand virtual machine with access to an update server within region, high-latency connections from the on-demand instance to the update server should be avoided.

  3. Update Servers: Each region contains at least two Update Servers available. Update Servers are a cache for the package repositories obtained from SCC (SUSE Customer Center).

 

The on-demand vm will not receive updates under the conditions below:

  1. An on-demand vm is launched in a network that does not have Internet access.

  2. An on-demand vm routes traffic through a network device or proxy server that is hosted on-premise or in a different datacenter

  3. An on-demand vm routes traffic through a network device or proxy server that is on a different public cloud platform than itself. Example: A GCP on-demand vm routes traffic through a proxy server hosted on Azure.

 

In the above cases, “zypper” will generate errors similar to the messages below:The registration client will also generate log entries in /var/log/cloudregister similar to the entries below.
 

# zypper up

Refreshing service 'SMT-http_smt-ec2_susecloud_net'.
Problem retrieving the repository index file for service 'SMT-http_smt-ec2_susecloud_net':

Timeout exceeded when accessing 'http://smt-ec2.susecloud.net/repo/repoindex.xml?cookies=0&credentials=SMT-http_smt-ec2_susecloud_net'.

Check if the URI is valid and accessible.
Refreshing service 'cloud_update'.

Timeout exceeded when accessing 'http://smt-ec2.susecloud.net/repo/SUSE/Updates/SLE-Module-Basesystem/15/x86_64/update/repodata/repomd.xml?credentials=SMT-http_smt-ec2_susecloud_net'.

# zypper up

Refreshing service 'cloud_update'.
Loading repository data...
Reading installed packages...
Nothing to do.

# zypper refresh
Refreshing service 'cloud_update'.
Warning: There are no enabled repositories defined.

Use 'zypper addrepo' or 'zypper modifyrepo' commands to add or enable repositories.

2019-05-20 18:24:30,404 ERROR:====================
2019-05-20 18:24:30,404 ERROR:Attempt 3 of 3
2019-05-20 18:24:30,404 ERROR:Server 54.244.114.254 is unreachable
2019-05-20 18:24:30,404  ERROR:[Service] Could not find any available SMT server, repo refresh will fail
2019-05-20 18:28:12,873 INFO:Using API: regionInfo
2019-05-20 18:29:12,949 ERROR: Attempted: ['54.253.118.149', '50.17.208.31', '54.244.244.107', '54.223.148.145', '54.247.166.75']
2019-05-20 18:29:12,949 ERROR:Exiting without registration


Or

2019-05-16 21:24:10,282 ERROR:No response from: 54.247.166.75
2019-05-16 21:24:10,282 ERROR:None of the servers responded
2019-05-16 21:24:10,282 ERROR: Attempted: ['54.244.244.107', '50.17.208.31', '54.223.148.145', '54.253.118.149', '54.247.166.75']
2019-05-16 21:24:10,282 ERROR:Exiting without registration


Resolution

Enable Internet access from the virtual machines to the Public Cloud Update Infrastructure servers. Once the virtual machine has network connectivity to the Public Cloud Update Infrastructure, you can have the on-demand virtual machine register to the SUSE Public Cloud Update Infrastructure by executing the following command as root:

registercloudguest --force-new

Additional Information

The SUSE Public Cloud Engineering team publishes information about the SUSE Public Cloud Update Infrastructure to a REST API. The published information includes server static IP addresses. For customers that have a security policy that allows only external connections to known IP addresses, the published information can be used to create explicit rules for vms to enable SUSE Public Cloud Update Infrastructure communication.

The REST API can be accessed by installing the package python-susepubliccloudinfo (pint).

Below are the command options available for pint:

pint -h

usage: pint -h | --help

pint (amazon|google|microsoft) servers
[ --filter=<filter> ]
[ --json | --xml ]
[ --region=<region> ]
[ --smt | --regionserver ]

pint (amazon|google|microsoft) images
[ --active | --deleted | --deprecated ]
[ --filter=<filter> ]
[ --json | --xml ]
[ --region=<region> ]

pint -v | --version

 

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7023919
  • Creation Date: 06-Jun-2019
  • Modified Date:29-Jun-2020
    • SUSE Cloud Application Platform

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center