Marc Young's questions

We're a growing shop that has no real user management. It's come the time to have single-sign-on. We host everything in AWS with the exception of an in-house desktop server that basically just hosts a NAS.

I'm only slightly familiar enough with Active Directory that I could set up an in-house domain and have it federate users. I've read the FAQs on AWS Directory Service and just looking to get clarity at what it can and cannot do.

My goal is to have an AD that can manage users in AWS as well as in-house. I'm unsure if I can do both in AWS DS or if it's just to handle the AWS portion.

Per the FAQ: AWS Directory Service makes it easy for you to setup and run directories in the AWS cloud, or connect your AWS resources with an existing on-premises Microsoft Active Directory

Does this mean that even if I ran AWS DS I'd still have to host an in-house AD and join them to manage users in AWS as well as in-house? I'd like to avoid having to run one on-premesis since my goal is to get everything into AWS.

I'm running 2 instances of oVirt. the first is oVirt 3.5 and everything is great.

I recently set up Version 4.0.1.1-1.el7.centos and I'm having issues within VM's.

I spun up a VM from the Glance template for Centos 65 (CentOS 6.5 64-Bit (7df3c30)) (Side note this is the same for other centos VM's i've imported).

Once the VM is up it does not work with almost no yum mirror servers.

It all started with a yum update:

[root@test ~]# yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.nexcess.net
 * extras: mirrors.gigenet.com
 * updates: mirrors.greenmountainaccess.net
http://mirror.nexcess.net/CentOS/6.8/os/x86_64/repodata/repomd.xml: [Errno 12] Timeout on http://mirror.nexcess.net/CentOS/6.8/os/x86_64/repodata/repomd.xml: (28, 'Operation too slow. Less than 1 bytes/sec transfered the last 30 seconds')
Trying other mirror.
http://mirrors.gigenet.com/centos/6.8/os/x86_64/repodata/repomd.xml: [Errno 12] Timeout on http://mirrors.gigenet.com/centos/6.8/os/x86_64/repodata/repomd.xml: (28, 'Operation too slow. Less than 1 bytes/sec transfered the last 30 seconds')
Trying other mirror.

Upon investigation this times out:

[root@test ~]# curl http://mirrors.gigenet.com/centos/6.8/os/x86_64/repodata/repomd.xml

From the VM I have what appears to be find network connectivity, the host has no issues curling google, msn, etc. It seems to not be able to connect to any Yum mirror repomd.xml files however.

However that is 100% accessible from the VM master (the host that this VM is running on). I can curl, etc from the host. I cannot do this from the VM.

Any thoughts on how to resolve it? I can provide more information if needed.

Edit

This is where it gets weird. I can curl part of the mirror but not the repodata.

[root@test ~]# curl -vv http://linux.mirrors.es.net/centos/6.8/updates/x86_64/
* About to connect() to linux.mirrors.es.net port 80 (#0)
*   Trying 198.129.224.35... connected
* Connected to linux.mirrors.es.net (198.129.224.35) port 80 (#0)
> GET /centos/6.8/updates/x86_64/ HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.21 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: linux.mirrors.es.net
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Mon, 22 Aug 2016 16:47:06 GMT
< Server: Apache
< Content-Length: 1284
< Connection: close
< Content-Type: text/html;charset=UTF-8
<
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
...snip....
* Closing connection #0


[root@test ~]# curl -vv http://linux.mirrors.es.net/centos/6.8/updates/x86_64/repodata/
* About to connect() to linux.mirrors.es.net port 80 (#0)
*   Trying 198.129.224.35... connected
* Connected to linux.mirrors.es.net (198.129.224.35) port 80 (#0)
> GET /centos/6.8/updates/x86_64/repodata/ HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.21 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: linux.mirrors.es.net
> Accept: */*
>
...this times out...

as you can see i can curl the first fine from the vm, but if i add /repodata it times out