我一直在遵循 LinuxAcademy 上的教程来设置 VPC 和 EC2 实例。我已正确完成所有操作,并启动了实例,然后通过 ssh 进入实例,然后尝试更新 yum 并收到此错误:
Could not retrieve mirrorlist http://repo.us-east-2.amazonaws.com/latest/main/mirror.list error was
12: Timeout on http://repo.us-east-2.amazonaws.com/latest/main/mirror.list: (28, 'Connection timed out after 5001 milliseconds')
One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Disable the repository, so yum won't use it by default. Yum will then
just ignore the repository until you permanently enable it again or use
--enablerepo for temporary usage:
yum-config-manager --disable <repoid>
4. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true
Cannot find a valid baseurl for repo: amzn-main/latest
因此我再次检查了以下内容:
有公共弹性 IP
IGW 设置
公共子网设置,并且 ACL 允许所有出站流量通过 0.0.0.0/0
安全组允许所有出站流量
最后,当我查看这些设置时,我对该实例感到不满意,现在当我尝试 ssh 重新登录时,它只是超时,而且我也无法远程 ping ip。
我也尝试过重新启动实例,但没有帮助。
编辑:这是我的屏幕截图以及我正在尝试设置的教程中的图表
答案1
您的问题出在您的 NACL 上。您仅允许端口 22/tcp 和 80/tcp 上的入站。
当您建立 Web 连接时,它会在端口 80 或 443 上出站,但会在一个随机的高端口上返回。安全组是一种有状态的连接,将允许返回连接,但不允许网络 ACL。
如果您允许 1024-65535/tcp 您的网络连接应该可以正常工作。