sporadic cdn.redhat.com sync errors

Latest response

Are other folks seeing Red Hat CDN issues periodically?

In our /var/log/messages we'll see a failure:
Feb 21 12:53:58 rhs pulp: nectar.downloaders.threaded:ERROR: Skipping requests to cdn.redhat.com due to repeated connection failures: HTTPSConnectionPool(host='cdn.redhat.com', port=443): Max retries exceeded with url: /content/dist/rhel/server/7/7Server/x86_64/os/repodata/repomd.xml (Caused by ProtocolError('Connection aborted.', error(111, 'Connection refused')))

A bit later it will work if we retry:
Feb 21 12:54:29 rhs pulp: nectar.downloaders.threaded:INFO: Download succeeded: https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/repomd.xml.

Trying from the command line works:
curl -v -i -k --proxy datactrproxy.iowa.uiowa.edu:8080 --cert /etc/pki/entitlement/6106724317594944257.pem --key /etc/pki/entitlement/6106724317594944257-key.pem --cacert /etc/rhsm/ca/redhat-uep.pem https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/repomd.xml

Responses

Hi Doug,

Does your Satellite 6 instance connect to CDN via a proxy?

Diagnostic steps here might help. [Satellite 6] Certain repositories fail to sync, failing with pulp nectar.downloader errors

Hi Sam. Thanks for the response. Our Satellite connects directly.

As it turns out, it was a data center firewall issue that we were able to finally hunt down. The firewall allowed outbound connections based on IP addresses. Since cdn.redhat.com is hosted by Akamai, the IP numbers drifted and resulted in periodic failures depending on how the name resolved. Fixed in the firewall.

Thanks for the update Doug. Glad you got it sorted.