Problem description
Unreachable network errors may occur when you attempt to create VPC-type instances from custom images.
Causes
This problem can occur due to a variety of causes. The CentOS 7 operating system is used as an example here.
- After the GATEWAY parameter is configured in the
/etc/sysconfig/network
profile of the custom image, an ECS instance created from this image inherits the GATEWAY value. Although the ECS instance obtains an IP address through DHCP, its default route is not valid and the network will be unreachable. - Network rules are defined in the
/etc/udev/rules.d/70-persistent-net.rules
profile of the custom image. For example, if the following rule is defined, the ECS instance created from this image cannot obtain the IP address of the eth0 NIC after the ECS instance is started:SUBSYSTEM=="net", ACTION=="add", DRIVERS=="? *", ATTR{address}=="00:16:3f:00:65:a8", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
- DHCP mode is not selected for the network configuration of the custom image. If a static IP address is specified for the custom image, the ECS instance created from this image will use this static IP address. This may cause an unreachable network error because the static IP addresses conflicts with an existing IP address or the static IP address may not belong to the same subnet as an existing IP address.
Solution
The solution to this issue will depend on the specific cause of the problem. The following steps are for reference only. You must check the network configuration before creating a custom image.
Note: If you want to modify a profile in the procedure, first create a backup or an image.
- Log on to the ECS instance created from the custom image remotely.
- Run the following command. Confirm that the GATEWAY parameter is not specified in the profile. Otherwise, comment out the GATEWAY value.
Note: The actual directory for the GATEWAY parameter may be different in other operating systems.
cat /etc/sysconfig/network
A similar output is displayed.# Created by anaconda
- Run the following command to check the profile. If the profile contains network rules, delete the rules for the corresponding NIC.
/etc/udev/rules.d/70-persistent-net.rules
- Run the following command to check the profile:
cat /etc/sysconfig/network-scripts/ifcfg-eth0
A similar output is displayed. Confirm that the following items are returned and that the profile does not contain any static IP address or the GATEWAY value. Otherwise, comment out the static IP addresses and GATEWAY value.DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes
Application scope
- ECS