Yum 报告 401 未授权错误

Yum 报告 401 未授权错误

我有两个非常相似的 EC2 实例。其中只有一个出现了这个问题。

Yum 在一台服务器上完全按照预期运行,而在另一台服务器上,无论我要求 yum 为我做什么,都会出现 401 错误。

以下是一个例子:

yum repolist -v | grep baseurl

输出:

https://rhui2-cds01.us-west-2.aws.ce.redhat.com/pulp/repos//rhui-client-config/rhel/server/7/x86_64/os/repodata/repomd.xml: [Errno 14] HTTPS Error 401 - Unauthorized
Trying other mirror.
https://rhui2-cds02.us-west-2.aws.ce.redhat.com/pulp/repos//rhui-client-config/rhel/server/7/x86_64/os/repodata/repomd.xml: [Errno 14] HTTPS Error 401 - Unauthorized
Trying other mirror.


 One of the configured repositories failed (Red Hat Update Infrastructure 2.0 Client Configuration Server 7),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

         1. Contact the upstream for the repository and get them to fix the problem.

         2. Reconfigure the baseurl/etc. for the repository, to point to a working
                upstream. This is most often useful if you are using a newer
                distribution release than is supported by the repository (and the
                packages for the previous distribution release still work).

         3. Run the command with the repository temporarily disabled
                        yum --disablerepo=rhui-REGION-client-config-server-7 ...

         4. Disable the repository permanently, so yum won't use it by default. Yum
                will then just ignore the repository until you permanently enable it
                again or use --enablerepo for temporary usage:

                        yum-config-manager --disable rhui-REGION-client-config-server-7
                or
                        subscription-manager repos --disable=rhui-REGION-client-config-server-7

         5. Configure the failing repository to be skipped, if it is unavailable.
                Note that yum will try to contact the repo. when it runs most commands,
                so will have to try and fail each time (and thus. yum will be be much
                slower). If it is a very temporary problem though, this is often a nice
                compromise:

                        yum-config-manager --save --setopt=rhui-REGION-client-config-server-7.skip_if_unavailable=true

failure: repodata/repomd.xml from rhui-REGION-client-config-server-7: [Errno 256] No more mirrors to try.
https://rhui2-cds01.us-west-2.aws.ce.redhat.com/pulp/repos//rhui-client-config/rhel/server/7/x86_64/os/repodata/repomd.xml: [Errno 14] HTTPS Error 401 - Unauthorized
https://rhui2-cds02.us-west-2.aws.ce.redhat.com/pulp/repos//rhui-client-config/rhel/server/7/x86_64/os/repodata/repomd.xml: [Errno 14] HTTPS Error 401 - Unauthorized

而在不同的 EC2 实例上相同的命令输出:

Repo-baseurl : https://rhui2-cds01.us-west-2.aws.ce.redhat.com/pulp/repos//rhui-client-config/rhel/server/7/x86_64/os/
Repo-baseurl : https://rhui2-cds02.us-west-2.aws.ce.redhat.com/pulp/repos//content/dist/rhel/rhui/server/7/7Server/x86_64/os/
Repo-baseurl : https://rhui2-cds02.us-west-2.aws.ce.redhat.com/pulp/repos//content/dist/rhel/rhui/server/7/7Server/x86_64/rh-common/os/

所有提议解决方案在第一个输出中似乎不相关,因为两台机器上的存储库设置相同。

这是 SELinux 配置问题吗?我已在相关机器上禁用它。

我的 /etc/yum.conf 文件在两台机器上是相同的:

[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=3

我该如何解决这个问题并安装新的软件包?

答案1

进一步挖掘后发现AWS 论坛上的一篇文章

这与实例以某种方式丢失有关计费产品信息。您可以使用以下命令进行验证:

curl http://169.254.169.254/latest/dynamic/instance-identity/document | grep billingProducts

工作实例应该显示产品代码,但对于我的有问题的实例,该值是null

AWS 论坛帖子中的建议是:

To workaround the issue please try one of these two options:

1- From the modified instance ( if you still have it ) create an AMI directly. 

2- If the only source that you have is the snapshot then take these steps:

 - Launch a new instance from a good RHEL AMI, stop and detach the root EBS volume.

 - Stop the broken instance, detach all EBS volumes and attach to the new instance and restart ( remembering to associate the broken instance's EIP if applicable )

 - Alternatively you could snap-shot the broken instance's EBS volumes, and attach volumes created from these snapshots to the new instance.

 - Verify billingProducts value is present by running 
curl http://169.254.169.254/latest/dynamic/instance-identity/document

对我来说,第一个选项(直接创建 AMI)没有用,而且我仍然没有计费产品,但遵循第二条建议确实有效。

现在YUM又可以正常运行了。

相关内容