How do I troubleshoot an AWS Outposts server failing to provision or initialize for Outposts?

4 minute read
0

I want to troubleshoot an AWS Outposts server failing to provision or initialize.

Resolution

The two most common reasons you can't complete the AWS Outposts server install process is the server being stuck in boot loop or connectivity issues.

Outpost server boot loop

When you connect to the Outpost server using the serial link, it needs up to 900 seconds to initialize before the outpost> prompt appears. If the Outpost server isn't able to finish initializing and complete the 900 second countdown, then it gets stuck in a boot loop. This issue can happen due to a Nitro Security Key (NSK).

To troubleshoot the Outposts server not completing boot and getting stuck on the 900 second countdown, complete the following steps:

  1. Remove both power cables.
  2. Realign the NSK. For more information, see Attach NSK.
  3. When installing multiple servers at the same time, be sure to use the NSK that was shipped with the server. The server won't boot up if a different NSK is attached to the server.
  4. Realign the QSFP breakout cable. Be sure cable 1 and cable 2 in the break out are plugged in to their upstream network device.
  5. Plug in only one power cable, and then power on the server.
    Wait 30 seconds, and then plug in the second power cable.
  6. Connect to the serial port. Then, verify if the countdown continues and if the outpost> prompt displays after reaching 900 seconds.

Outpost server connectivity issues

To troubleshoot connectivity issues, use a serial terminal program to connect to the server. For more information, see Create a serial connection to the server.

First, be sure that your switch meets the following specifications:

  • Basic configuration: The service link port must be an untagged access port to a VLAN with a gateway and a route to AWS endpoints.
  • DHCP: DHCP must be used and must return DNS name servers and a default gateway.
  • Link speed: The switch port must have link speed set to 10 Gb and auto-negotiation must be turned off.

Then, if authorization is failing on network related causes, then use the serial console to test the connection of the following commands:

  • describe-links
  • describe-ip
  • describe-resolve
  • get-connection

Output for describe-links

If either service_link_connected or local_link_connected return False, then there might be an issue with the physical wiring or the switch. To troubleshoot this issue, complete the following steps:

  1. Verify that you're using the provided QSFP breakout cable. If you're using the provided QSFP breakout cable, then try using another QSFP breakout cable if you have an additional QSFP cable.
  2. Verify that the QSFP breakout cable in the Outpost server is firmly seated.
  3. Verify that cable 2 (service link) is firmly seated in the switch.
  4. Complete a general switch sanity check such as, checking link lights.

Output for describe-ip

All fields must have a value, except NTP. Any missing values indicate issues with the DHCP configuration or other switch misconfigurations.

Output for describe-resolve

If dns_responding is False, then there's a reachability issue to the configured DNS server. If dns_resolving is False, then the configured DNS server isn't returning records to the listed query. Be sure the configured DNS server can resolve AWS endpoints.

Also, be sure that the firewall configuration is set up correctly.

Output for get-connection

The values of primary_status and secondary_status must be Success. After one hour of start-connection, if the values aren't Success, then the outpost> prompt displays an error message. If there's a 60 second timeout or error, and all other debug commands are successful, then check the maximum transmission unit (MTU) configuration. To verify the MTU, test the connectivity using a ping check.

Related information

Outpost server installation

AWS OFFICIAL
AWS OFFICIALUpdated 10 months ago