Redshift Serverless Data Sharing Query aborted due to read failure on a perm block

May 1, 2024 adminLeave a comment

Here is an interesting error that we recently encountered with one of our Redshift Serverless and Redshift Provisioned clusters. We have a data sharing setup where the serverless DB is the producer cluster of certain key tables. We share these tables to a provisioned Redshift cluster via data sharing.

When querying this particular table on the provisioned cluster through the data share with python(psycopg2) and airflow we received the following error.

2024-04-29 18:06:25,073 - ERROR -   | Query aborted due to read failure on a perm block.
  | HINT:  Please try again.
2024-04-29 18:06:25,073 - ERROR -   | Stacktrace:
2024-04-29 18:06:25,073 - ERROR -   | Traceback (most recent call last):
  |   File "/usr/local/airflow/.local/lib/python3.10/site-packages/soda/execution/query/query.py", line 122, in fetchone
  |     cursor.execute(self.sql)
  | psycopg2.errors.IoError: Query aborted due to read failure on a perm block.
  | HINT:  Please try again.

2024-04-29 18:06:25,073 - ERROR - | Query aborted due to read failure on a perm block.

| HINT: Please try again.

2024-04-29 18:06:25,073 - ERROR - | Stacktrace:

2024-04-29 18:06:25,073 - ERROR - | Traceback (most recent call last):

| File "/usr/local/airflow/.local/lib/python3.10/site-packages/soda/execution/query/query.py", line 122, in fetchone

| cursor.execute(self.sql)

| psycopg2.errors.IoError: Query aborted due to read failure on a perm block.

| HINT: Please try again.

We opened a support case with AWS and was informed that this is due to a meta data mismatch that can be resolved by running an update against the shared table on the producer side. After running this update we were back in business and things operated as normal.

The following query can be executed on the producer cluster as a mitigation: “UPDATE SET = 1 WHERE false;” where TABLE_NAME is the name of the table on which queries are failing and COLUMN_NAME is the name of any column in this table. This query will not result in any actual change to the producer’s data, but will result in synchronizing the metadata pertaining to TABLE_NAME on the consumer and thus letting subsequent datasharing queries go through successfully.

"UPDATE <TABLE_NAME> SET <COLUMN_NAME> = 1 WHERE false;"

1	"UPDATE <TABLE_NAME> SET <COLUMN_NAME> = 1 WHERE false;"

— Jason Ralph

Redshift Serverless Find Largest Tables

February 17, 2024February 20, 2024 adminLeave a comment

You can use the below SQL on redshift serverless to find the top largest tables. You can return the results in 1MB data blocks or convert to TB. You can obviously change the limit N to whatever you want to change the number of results returned.

1MB data blocks:

(wg-redshift) admin@redshift-sl-prod=# select *, size size_in_1_MB_data_blocks from svv_table_info order by pct_used desc limit 1; 
-[ RECORD 1 ]------------+----------------------------------------
database                 | redshift-sl-prod
schema                   | qa
table_id                 | 1791319
table                    | transactions
encoded                  | Y, AUTO(ENCODE)
diststyle                | AUTO(EVEN)
sortkey1                 | AUTO(SORTKEY)
max_varchar              | 16383
sortkey1_enc             | 
sortkey_num              | 0
size                     | 9102740
pct_used                 | 0.4444
empty                    | 0
unsorted                 | 
stats_off                | 0.00
tbl_rows                 | 91509652251
skew_sortkey1            | 
skew_rows                | 
estimated_visible_rows   | 91509653504
risk_event               | 
vacuum_sort_benefit      | 
create_time              | 2023-11-15 01:53:19.524329
size_in_1_mb_data_blocks | 9102740

Time: 6995.168 ms (00:06.995)

(wg-redshift) admin@redshift-sl-prod=# select *, size size_in_1_MB_data_blocks from svv_table_info order by pct_used desc limit 1;

-[ RECORD 1 ]------------+----------------------------------------

database | redshift-sl-prod

schema | qa

table_id | 1791319

table | transactions

encoded | Y, AUTO(ENCODE)

diststyle | AUTO(EVEN)

sortkey1 | AUTO(SORTKEY)

max_varchar | 16383

sortkey1_enc |

sortkey_num | 0

size | 9102740

pct_used | 0.4444

empty | 0

unsorted |

stats_off | 0.00

tbl_rows | 91509652251

skew_sortkey1 |

skew_rows |

estimated_visible_rows | 91509653504

risk_event |

vacuum_sort_benefit |

create_time | 2023-11-15 01:53:19.524329

size_in_1_mb_data_blocks | 9102740

Time: 6995.168 ms (00:06.995)

Size In TB:

(wg-redshift) admin@redshift-sl-prod=# select *, size/(1024*1024) size_in_tb from svv_table_info order by pct_used desc limit 1; 
-[ RECORD 1 ]----------+----------------------------------------
database               | redshift-sl-prod
schema                 | qa
table_id               | 1791319
table                  | transactions
encoded                | Y, AUTO(ENCODE)
diststyle              | AUTO(EVEN)
sortkey1               | AUTO(SORTKEY)
max_varchar            | 16383
sortkey1_enc           | 
sortkey_num            | 0
size                   | 9102740
pct_used               | 0.4444
empty                  | 0
unsorted               | 
stats_off              | 0.00
tbl_rows               | 91509652251
skew_sortkey1          | 
skew_rows              | 
estimated_visible_rows | 91509653504
risk_event             | 
vacuum_sort_benefit    | 
create_time            | 2023-11-15 01:53:19.524329
size_in_tb             | 8

Time: 6763.316 ms (00:06.763)

(wg-redshift) admin@redshift-sl-prod=# select *, size/(1024*1024) size_in_tb from svv_table_info order by pct_used desc limit 1;

-[ RECORD 1 ]----------+----------------------------------------

database | redshift-sl-prod

schema | qa

table_id | 1791319

table | transactions

encoded | Y, AUTO(ENCODE)

diststyle | AUTO(EVEN)

sortkey1 | AUTO(SORTKEY)

max_varchar | 16383

sortkey1_enc |

sortkey_num | 0

size | 9102740

pct_used | 0.4444

empty | 0

unsorted |

stats_off | 0.00

tbl_rows | 91509652251

skew_sortkey1 |

skew_rows |

estimated_visible_rows | 91509653504

risk_event |

vacuum_sort_benefit |

create_time | 2023-11-15 01:53:19.524329

size_in_tb | 8

Time: 6763.316 ms (00:06.763)

Specific Fields:

(wg-redshift) admin@redshift-sl-prod=# select database, schema, "table", size size_in_mb, tbl_rows, size/(1024*1024) size_in_tb from svv_table_info order by pct_used desc limit 1;
-[ RECORD 1 ]---------------------------------------
database   | redshift-sl-prod
schema     | seamqa
table      | transactions
size_in_mb | 9102740
tbl_rows   | 91509652251
size_in_tb | 8

Time: 6202.359 ms (00:06.202)

(wg-redshift) admin@redshift-sl-prod=# select database, schema, "table", size size_in_mb, tbl_rows, size/(1024*1024) size_in_tb from svv_table_info order by pct_used desc limit 1;

-[ RECORD 1 ]---------------------------------------

database | redshift-sl-prod

schema | seamqa

table | transactions

size_in_mb | 9102740

tbl_rows | 91509652251

size_in_tb | 8

Time: 6202.359 ms (00:06.202)

botocore.exceptions.ReadTimeoutError: Read timeout on endpoint URL: https://lambda.us-east-1.amazonaws.com

January 17, 2024January 17, 2024 admin2 Comments

Recently while working on one of our EMR projects that uses lambdas and airflow, I ran into the following timeout issue:

botocore.exceptions.ReadTimeoutError: Read timeout on endpoint URL: "https://lambda.us-east-1.amazonaws.com/2015-03-31/functions/infrastructure-lambda-incoming/invocations"

1	botocore.exceptions.ReadTimeoutError: Read timeout on endpoint URL: "https://lambda.us-east-1.amazonaws.com/2015-03-31/functions/infrastructure-lambda-incoming/invocations"

We have a lambda that was invoked from boto3 in a Airflow step that would update dynamo db with values needed for our pipeline. This function worked in previous tests with no issues. We did add to the lambda function which was causing it to take longer than normal. When we tested the lambda from the console, the function worked fine, albeit it took a bit longer than the previous version. When calling from Airflow we would continually run into the timeout issue, causing the function to be executed multiple times during retries.

I thought to test this function from the awscli and it revealed the issue, the default boto3 timeout is 60 seconds, this was longer than our lambda was taking. So even though we set the lambda timeout to 4 minutes, boto was timing out at 1 minute, never getting the response back from lambda. The way we fixed this was to have boto3 setup a lambda_config that had a longer timeout.

lambda_config = config.Config(
    read_timeout=900,
    connect_timeout=900,
    retries={"max_attempts": 0}
)

lambda_config = config.Config(

read_timeout=900,

connect_timeout=900,

retries={"max_attempts": 0}

)

def call_lambda(**kwargs):
    lambda_client = boto3.client('lambda', region_name=REGION, config=lambda_config)
    payload = {--snipped--}
    # invoke the lambda and wait for it to complete
    response = lambda_client.invoke(
        FunctionName=lambda_name,
        InvocationType="RequestResponse",
        Payload=json.dumps(payload),
    )
    if response["StatusCode"] != 200:
        raise AirflowException("Preprocess lambda has failed")

def call_lambda(**kwargs):

lambda_client = boto3.client('lambda', region_name=REGION, config=lambda_config)

payload = {--snipped--}

# invoke the lambda and wait for it to complete

response = lambda_client.invoke(

FunctionName=lambda_name,

InvocationType="RequestResponse",

Payload=json.dumps(payload),

)

if response["StatusCode"] != 200:

raise AirflowException("Preprocess lambda has failed")

RequestsDependencyWarning: urllib3 (1.26.18) or chardet (3.0.4) doesn’t match a supported version!

November 27, 2023November 28, 2023 adminLeave a comment

I ran into this issue on a CENTOS8 server that has yet to be updated to RHEL8, after upgrading some packages via Pip:

[root@server01 site-packages]# python3.6
Python 3.6.8 (default, Sep 10 2021, 09:13:53) 
[GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
/usr/local/lib/python3.6/site-packages/requests/__init__.py:91: RequestsDependencyWarning: urllib3 (1.26.18) or chardet (3.0.4) doesn't match a supported version!
  RequestsDependencyWarning)
>>> quit()

[root@server01 site-packages]# python3.6

Python 3.6.8 (default, Sep 10 2021, 09:13:53)

[GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] on linux

Type "help", "copyright", "credits" or "license" for more information.

>>> import requests

/usr/local/lib/python3.6/site-packages/requests/__init__.py:91: RequestsDependencyWarning: urllib3 (1.26.18) or chardet (3.0.4) doesn't match a supported version!

RequestsDependencyWarning)

>>> quit()

Turns out:

Module python3-requests is not compatible with locally installed third party module urllib3 of version 1.26.8 and get conflicting with Red Hat provided python3-urllib3 version 1.24.2-5.el8.

I was able to get around this by upgrading URLLIB3 and REQUESTS:

[root@server01 site-packages]# pip3.6 install -U urllib3 requests

1	[root@server01 site-packages]# pip3.6 install -U urllib3 requests

Works Now:

[root@server01 site-packages]# python3.6
Python 3.6.8 (default, Sep 10 2021, 09:13:53) 
[GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
>>> quit()

[root@server01 site-packages]# python3.6

Python 3.6.8 (default, Sep 10 2021, 09:13:53)

[GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] on linux

Type "help", "copyright", "credits" or "license" for more information.

>>> import requests

>>> quit()

HTTPSConnectionPool(host=’files.pythonhosted.org’, port=443): Read timed out

June 22, 2023June 22, 2023 adminLeave a comment

I recently had an issue where one of our EMR clusters failed to bootstrap the python modules via PIP. I checked the logs and saw that we ran into the following error:

HTTPSConnectionPool(host='files.pythonhosted.org', port=443): Read timed out

1	HTTPSConnectionPool(host='files.pythonhosted.org', port=443): Read timed out

I wanted to have PIP not die if it timed out, I also wanted it to retry on failure. By adding the following to my bootstrap.sh I was able to have the PIP socket timeout at a longer interval, also bump up the retries to 10. I have not seen the issue since I applied the new settings.

sudo python3 -m pip --timeout 100 --retries 10 install --upgrade pip
sudo python3 -m pip --timeout 100 --retries 10 install

1 2	sudo python3 -m pip --timeout 100 --retries 10 install --upgrade pip sudo python3 -m pip --timeout 100 --retries 10 install

From the PIP help page:

  --retries <retries>         Maximum number of retries each connection should attempt (default 5 times).
  --timeout <sec>             Set the socket timeout (default 15 seconds).

1 2	--retries <retries> Maximum number of retries each connection should attempt (default 5 times). --timeout <sec> Set the socket timeout (default 15 seconds).

Upgrade Rocky Linux 8 to 9 CLI

May 18, 2023May 18, 2023 admin2 Comments

I thought I would share my version of how I updated the server that runs this blog from Rocky 8 to Rocky 9 without a clean install. I want to mention this is a do at your own risk post, this is not officially supported.

!!!Do not attempt this if you do not have backups and a way to fully recover your system.!!!

The first step I took was go to the rocky download site and make sure I grabbed the latest GPG, RELEASE and REPOS:

https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/r/

You will need to modify the below command to match the version you find in the above site, once that is complete you can run it.

[root@rocky-us-east-jasonralph ~]# dnf install -y https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/r/{rocky-gpg-keys-9.2-1.4.el9.noarch.rpm,rocky-release-9.2-1.4.el9.noarch.rpm,rocky-repos-9.2-1.4.el9.noarch.rpm}

1	[root@rocky-us-east-jasonralph ~]# dnf install -y https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/r/{rocky-gpg-keys-9.2-1.4.el9.noarch.rpm,rocky-release-9.2-1.4.el9.noarch.rpm,rocky-repos-9.2-1.4.el9.noarch.rpm}

One road block was dnf did not like that I had remi and epel release 8, so I removed them and it went fine.

[root@rocky-us-east-jasonralph ~]# dnf install -y https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/r/{rocky-gpg-keys-9.2-1.4.el9.noarch.rpm,rocky-release-9.2-1.4.el9.noarch.rpm,rocky-repos-9.2-1.4.el9.noarch.rpm}
Last metadata expiration check: 0:20:38 ago on Thu 18 May 2023 10:27:24 PM UTC.
rocky-gpg-keys-9.2-1.4.el9.noarch.rpm                                                                                                                                                                                                   169 kB/s |  12 kB     00:00    
rocky-release-9.2-1.4.el9.noarch.rpm                                                                                                                                                                                                    403 kB/s |  23 kB     00:00    
rocky-repos-9.2-1.4.el9.noarch.rpm                                                                                                                                                                                                      298 kB/s |  12 kB     00:00    
Error: 
 Problem: problem with installed package remi-release-8.7-2.el8.remi.noarch
  - package remi-release-8.7-2.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed
  - package remi-release-8.4-1.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed
  - package remi-release-8.5-2.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed
  - package remi-release-8.5-3.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed
  - package remi-release-8.6-1.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed
  - cannot install both rocky-release-9.2-1.4.el9.noarch and rocky-release-8.7-1.2.el8.noarch
  - conflicting requests
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)

[root@rocky-us-east-jasonralph ~]# dnf install -y https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/r/{rocky-gpg-keys-9.2-1.4.el9.noarch.rpm,rocky-release-9.2-1.4.el9.noarch.rpm,rocky-repos-9.2-1.4.el9.noarch.rpm}

Last metadata expiration check: 0:20:38 ago on Thu 18 May 2023 10:27:24 PM UTC.

rocky-gpg-keys-9.2-1.4.el9.noarch.rpm 169 kB/s | 12 kB 00:00

rocky-release-9.2-1.4.el9.noarch.rpm 403 kB/s | 23 kB 00:00

rocky-repos-9.2-1.4.el9.noarch.rpm 298 kB/s | 12 kB 00:00

Error:

Problem: problem with installed package remi-release-8.7-2.el8.remi.noarch

- package remi-release-8.7-2.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed

- package remi-release-8.4-1.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed

- package remi-release-8.5-2.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed

- package remi-release-8.5-3.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed

- package remi-release-8.6-1.el8.remi.noarch requires system-release(releasever) = 8, but none of the providers can be installed

- cannot install both rocky-release-9.2-1.4.el9.noarch and rocky-release-8.7-1.2.el8.noarch

- conflicting requests

(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)

Find the epel and remi release rpms:

[root@rocky-us-east-jasonralph ~]# rpm -qa| grep release
remi-release-8.7-2.el8.remi.noarch
epel-release-8-19.el8.noarch
rocky-release-8.7-1.2.el8.noarch

[root@rocky-us-east-jasonralph ~]# rpm -qa| grep release

remi-release-8.7-2.el8.remi.noarch

epel-release-8-19.el8.noarch

rocky-release-8.7-1.2.el8.noarch

Remove them:

[root@rocky-us-east-jasonralph ~]# yum remove epel-release-8-19.el8.noarch remi-release-8.7-2.el8.remi.noarch

1	[root@rocky-us-east-jasonralph ~]# yum remove epel-release-8-19.el8.noarch remi-release-8.7-2.el8.remi.noarch

Upgrade your system to 9 from 8:

[root@rocky-us-east-jasonralph ~]# dnf install -y https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/r/{rocky-gpg-keys-9.2-1.4.el9.noarch.rpm,rocky-release-9.2-1.4.el9.noarch.rpm,rocky-repos-9.2-1.4.el9.noarch.rpm}

1	[root@rocky-us-east-jasonralph ~]# dnf install -y https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/r/{rocky-gpg-keys-9.2-1.4.el9.noarch.rpm,rocky-release-9.2-1.4.el9.noarch.rpm,rocky-repos-9.2-1.4.el9.noarch.rpm}

I ignored this error, it seems like its just a GPG error:

  Running scriptlet: rocky-gpg-keys-8.7-1.2.el8.noarch                                                                                                                                                                                                              6/6 
Line is not an assignment at '/usr/lib/sysctl.d/50-redhat.conf:8': (null)
Couldn't write '1' to 'net/ipv4/conf/*/rp_filter', ignoring: No such file or directory
warning: %transfiletriggerin(systemd-239-68.el8_7.4.x86_64) scriptlet failed, exit status 1

Error in <unknown> scriptlet in rpm package rocky-gpg-keys

Running scriptlet: rocky-gpg-keys-8.7-1.2.el8.noarch 6/6

Line is not an assignment at '/usr/lib/sysctl.d/50-redhat.conf:8': (null)

Couldn't write '1' to 'net/ipv4/conf/*/rp_filter', ignoring: No such file or directory

warning: %transfiletriggerin(systemd-239-68.el8_7.4.x86_64) scriptlet failed, exit status 1

Error in <unknown> scriptlet in rpm package rocky-gpg-keys

Verify:

[root@rocky-us-east-jasonralph ~]# cat /etc/rocky-release
Rocky Linux release 9.2 (Blue Onyx)

1 2	[root@rocky-us-east-jasonralph ~]# cat /etc/rocky-release Rocky Linux release 9.2 (Blue Onyx)

Rebuild the RPM database to now use SQLITE:

[root@rocky-us-east-jasonralph ~]# rpm --rebuilddb

1	[root@rocky-us-east-jasonralph ~]# rpm --rebuilddb

Thats it, reboot:

[root@rocky-us-east-jasonralph ~]# reboot

1	[root@rocky-us-east-jasonralph ~]# reboot

I did have some issues with dnf where I needed to reset some modules.

[root@rocky-us-east-jasonralph ~]#  dnf check
Modular dependency problems:

 Problem 1: conflicting requests
  - nothing provides module(platform:el8) needed by module httpd:2.4:8070020230406163027:3b9f49c4.x86_64
 Problem 2: conflicting requests
  - nothing provides module(platform:el8) needed by module mariadb:10.3:8060020220913075833:d63f516d.x86_64
 Problem 3: conflicting requests
  - nothing provides module(platform:el8) needed by module mysql:8.0:8060020221025174942:d63f516d.x86_64
 Problem 4: conflicting requests
  - nothing provides module(platform:el8) needed by module nginx:1.14:8040020210610090123:9f9e2e7e.x86_64

[root@rocky-us-east-jasonralph ~]# dnf check

Modular dependency problems:

Problem 1: conflicting requests

- nothing provides module(platform:el8) needed by module httpd:2.4:8070020230406163027:3b9f49c4.x86_64

Problem 2: conflicting requests

- nothing provides module(platform:el8) needed by module mariadb:10.3:8060020220913075833:d63f516d.x86_64

Problem 3: conflicting requests

- nothing provides module(platform:el8) needed by module mysql:8.0:8060020221025174942:d63f516d.x86_64

Problem 4: conflicting requests

- nothing provides module(platform:el8) needed by module nginx:1.14:8040020210610090123:9f9e2e7e.x86_64

I needed to reset the modules one by one, there may be more on your system:

[root@rocky-us-east-jasonralph ~]# dnf module reset httpd:2.4 mariadb:10.3 mysql:8.0 nginx:1.14

1	[root@rocky-us-east-jasonralph ~]# dnf module reset httpd:2.4 mariadb:10.3 mysql:8.0 nginx:1.14

That seemed to fix it, good luck.

AttributeError: module ‘cryptography.utils’ has no attribute ‘register_interface’

September 7, 2022September 8, 2022 admin6 Comments

I just recently came across an issue when we were bootstrapping one of our EMR clusters, looks like when trying to import pgpy we failed with the following traceback:

Traceback (most recent call last):
  File "/mnt/var/lib/hadoop/steps/s-B2LJDDVVD5Y1/./aws_s3_decrypt.py", line 18, in <module>
    import pgpy
  File "/usr/local/lib/python3.7/site-packages/pgpy/__init__.py", line 4, in <module>
    from .pgp import PGPKey
  File "/usr/local/lib/python3.7/site-packages/pgpy/pgp.py", line 27, in <module>
    from .constants import CompressionAlgorithm
  File "/usr/local/lib/python3.7/site-packages/pgpy/constants.py", line 23, in <module>
    from ._curves import BrainpoolP256R1, BrainpoolP384R1, BrainpoolP512R1, X25519, Ed25519
  File "/usr/local/lib/python3.7/site-packages/pgpy/_curves.py", line 37, in <module>
    @utils.register_interface(ec.EllipticCurve)
AttributeError: module 'cryptography.utils' has no attribute 'register_interface'
Command exiting with ret '1'

Traceback (most recent call last):

File "/mnt/var/lib/hadoop/steps/s-B2LJDDVVD5Y1/./aws_s3_decrypt.py", line 18, in <module>

import pgpy

File "/usr/local/lib/python3.7/site-packages/pgpy/__init__.py", line 4, in <module>

from .pgp import PGPKey

File "/usr/local/lib/python3.7/site-packages/pgpy/pgp.py", line 27, in <module>

from .constants import CompressionAlgorithm

File "/usr/local/lib/python3.7/site-packages/pgpy/constants.py", line 23, in <module>

from ._curves import BrainpoolP256R1, BrainpoolP384R1, BrainpoolP512R1, X25519, Ed25519

File "/usr/local/lib/python3.7/site-packages/pgpy/_curves.py", line 37, in <module>

@utils.register_interface(ec.EllipticCurve)

AttributeError: module 'cryptography.utils' has no attribute 'register_interface'

Command exiting with ret '1'

Apparently the cryptography team released a new version on September 7th 2022 that broke the pgpy library.
https://pypi.org/project/cryptography/38.0.1/

We needed to downgrade our version to get things working again. I figured I would post this to see if others run into this, according to the pgpy github page, they are working on a fix.

https://github.com/SecurityInnovation/PGPy/issues/402

Here is how I solved it in the meantime, I needed to downgrade the cryptography library.

sudo python3 -m pip install PGPy
sudo python3 -m pip uninstall -y cryptography
sudo python3 -m pip install cryptography==37.0.4

sudo python3 -m pip install PGPy

sudo python3 -m pip uninstall -y cryptography

sudo python3 -m pip install cryptography==37.0.4

Python Linux Find Files With Pattern Accessed Older Than N Days And Remove

July 7, 2022July 14, 2022 adminLeave a comment

This is a neat utility that you can use to keep in your sysadmin bag of tricks, it walks the directory you define recursively and grabs all the file access times and stores them into a list, it then compares them against a command line parameter for days ago. If its older than N days it will remove the file. What’s really nice about this utility is it has a debug mode, this way you can see what will be deleted before you remove debug and execute it.

#!/usr/bin/env python3

import argparse
import fnmatch
import os
import sys
from datetime import datetime, timedelta
from pathlib import Path

# set date now.
now = datetime.today()

# setup dir to clean
home = str(Path.home())
target_dir = '/home/jasonr' # CHANGE TO WHERE YOU WANT TO SEARCH

# dir to clean
dirs_to_clean = target_dir

# setup cli arguments.
parser = argparse.ArgumentParser(
    description='''
[--days_ago 60] will keep 60 days worth of files.
[--debug yes] will print out statements with no actions.''',
    formatter_class=argparse.RawTextHelpFormatter)
parser.add_argument('--days_ago',
                    help='[--days_ago NN]')
parser.add_argument('--debug',
                    help='[--debug (yes|no)')
args = parser.parse_args()

# allowed arguments from cli.
accepted_cli_args = ['yes', 'no']

# sanity check, assign days to keep on system.
if args.days_ago is None:
    days = 60
else:
    days = args.days_ago

# define a list of patterns
patterns = ['*.csv', '*.txt'] # YOU CAN ADD ANY PATTERN TO LIST

# sanity check, assign debug true or false
if args.debug in accepted_cli_args:
    if args.debug == 'yes':
        debug = True
    else:
        debug = False
else:
    print("{0}: Wrong parameter --debug (yes or no): [{1}]"
          .format(now, args.debug))
    sys.exit(1)


def find_files(dir_to_clean):
    file_list = []
    days_ago = datetime.now() - timedelta(days=int(days))
    for root, dirs, files in os.walk(dir_to_clean):
        for pattern in patterns:
            for filename in fnmatch.filter(files, pattern):
                file_list.append(os.path.join(root, filename))
                file_list.sort()

    for file in file_list:
        try:
            file_atime = datetime.fromtimestamp(os.path.getatime(file))
        except Exception as e:
            print("{0}: File Access Time Get Failed: [{1}]"
                  .format(now, e))
        if file_atime < days_ago:
            if os.path.isfile(file):
                try:
                    if not debug:
                        print("{0}: Removing file: [{1}]"
                              .format(now, file))
                        os.remove(file)
                    else:
                        print("{0}: DEBUG: Removing file: [{1}]"
                              .format(now, file))
                except OSError as e:
                    print("{0}: File Clean Up Failed: [{1}]"
                          .format(now, e))
                    sys.exit(1)


# main function.
def main():
    find_files(dirs_to_clean)


if __name__ == "__main__":
    main()

#!/usr/bin/env python3

import argparse

import fnmatch

import os

import sys

from datetime import datetime, timedelta

from pathlib import Path

# set date now.

now = datetime.today()

# setup dir to clean

home = str(Path.home())

target_dir = '/home/jasonr' # CHANGE TO WHERE YOU WANT TO SEARCH

# dir to clean

dirs_to_clean = target_dir

# setup cli arguments.

parser = argparse.ArgumentParser(

description='''

[--days_ago 60] will keep 60 days worth of files.

[--debug yes] will print out statements with no actions.''',

formatter_class=argparse.RawTextHelpFormatter)

parser.add_argument('--days_ago',

help='[--days_ago NN]')

parser.add_argument('--debug',

help='[--debug (yes|no)')

args = parser.parse_args()

# allowed arguments from cli.

accepted_cli_args = ['yes', 'no']

# sanity check, assign days to keep on system.

if args.days_ago is None:

days = 60

else:

days = args.days_ago

# define a list of patterns

patterns = ['*.csv', '*.txt'] # YOU CAN ADD ANY PATTERN TO LIST

# sanity check, assign debug true or false

if args.debug in accepted_cli_args:

if args.debug == 'yes':

debug = True

else:

debug = False

else:

print("{0}: Wrong parameter --debug (yes or no): [{1}]"

.format(now, args.debug))

sys.exit(1)

def find_files(dir_to_clean):

file_list = []

days_ago = datetime.now() - timedelta(days=int(days))

for root, dirs, files in os.walk(dir_to_clean):

for pattern in patterns:

for filename in fnmatch.filter(files, pattern):

file_list.append(os.path.join(root, filename))

file_list.sort()

for file in file_list:

try:

file_atime = datetime.fromtimestamp(os.path.getatime(file))

except Exception as e:

print("{0}: File Access Time Get Failed: [{1}]"

.format(now, e))

if file_atime < days_ago:

if os.path.isfile(file):

try:

if not debug:

print("{0}: Removing file: [{1}]"

.format(now, file))

os.remove(file)

else:

print("{0}: DEBUG: Removing file: [{1}]"

.format(now, file))

except OSError as e:

print("{0}: File Clean Up Failed: [{1}]"

.format(now, e))

sys.exit(1)

# main function.

def main():

find_files(dirs_to_clean)

if __name__ == "__main__":

main()

[jasonr@sb-jralph-8 ~]$ python3 finder.py --days_ago 90 --debug yes
2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/awscli/examples/emr/create-cluster-synopsis.txt]
2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/cryptography-3.3.2-py3.8.egg-info/top_level.txt]
2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/docutils/parsers/rst/include/README.txt]
2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/docutils/parsers/rst/include/isoamsa.txt]
2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/docutils/parsers/rst/include/isoamsb.txt]
2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/docutils/parsers/rst/include/isoamsc.txt]

[jasonr@sb-jralph-8 ~]$ python3 finder.py --days_ago 90 --debug yes

2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/awscli/examples/emr/create-cluster-synopsis.txt]

2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/cryptography-3.3.2-py3.8.egg-info/top_level.txt]

2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/docutils/parsers/rst/include/README.txt]

2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/docutils/parsers/rst/include/isoamsa.txt]

2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/docutils/parsers/rst/include/isoamsb.txt]

2022-07-07 11:22:57.524454: DEBUG: Removing file: [/home/jasonr/aws/dist/docutils/parsers/rst/include/isoamsc.txt]

AWS EMR ImportError: this version of pandas is incompatible with numpy < 1.17.3

May 10, 2022August 5, 2022 admin7 Comments

I found another one that I thought was worth writing a quick blog post about. We use AWS Elastic Map Reduce with transient clusters, so in order to get the python libraries installed, we need to use the bootstrap feature. We ran into many issues trying the standard bootstrap script which looked something like this:

[09:43:14] jason@jralph-mbp14:~ $ cat bootstrap.sh
aws s3 cp s3://bucket1-us-east-1/EMR/requirements.txt .
sudo python3 -m pip install -r requirements.txt

[09:43:14] jason@jralph-mbp14:~ $ cat bootstrap.sh

aws s3 cp s3://bucket1-us-east-1/EMR/requirements.txt .

sudo python3 -m pip install -r requirements.txt

The contents of requirements.txt looked like this:

[09:43:14] jason@jralph-mbp14:~ $ cat requirements.txt
boto3
botocore
awscli
requests
scikit-learn
numpy
pandas

[09:43:14] jason@jralph-mbp14:~ $ cat requirements.txt

boto3

botocore

awscli

requests

scikit-learn

numpy

pandas

We would get all the nodes in the cluster to bootstrap properly however the logs showed the following:

Traceback (most recent call last):
  File "analysis.py", line 6, in <module>
    import pandas as pd
  File "/usr/local/lib64/python3.7/site-packages/pandas/__init__.py", line 22, in <module>
    from pandas.compat import (
  File "/usr/local/lib64/python3.7/site-packages/pandas/compat/__init__.py", line 15, in <module>
    from pandas.compat.numpy import (
  File "/usr/local/lib64/python3.7/site-packages/pandas/compat/numpy/__init__.py", line 27, in <module>
    f"this version of pandas is incompatible with numpy < {_min_numpy_ver}\n"
ImportError: this version of pandas is incompatible with numpy < 1.17.3
your numpy version is 1.16.5.
Please upgrade numpy to >= 1.17.3 to use this pandas version

Traceback (most recent call last):

File "analysis.py", line 6, in <module>

import pandas as pd

File "/usr/local/lib64/python3.7/site-packages/pandas/__init__.py", line 22, in <module>

from pandas.compat import (

File "/usr/local/lib64/python3.7/site-packages/pandas/compat/__init__.py", line 15, in <module>

from pandas.compat.numpy import (

File "/usr/local/lib64/python3.7/site-packages/pandas/compat/numpy/__init__.py", line 27, in <module>

f"this version of pandas is incompatible with numpy < {_min_numpy_ver}\n"

ImportError: this version of pandas is incompatible with numpy < 1.17.3

your numpy version is 1.16.5.

Please upgrade numpy to >= 1.17.3 to use this pandas version

And when trying to import from pyspark, we saw this:

Traceback (most recent call last):
  File "analysis.py", line 6, in <module>
    import pandas as pd
ModuleNotFoundError: No module named 'pandas'

Traceback (most recent call last):

File "analysis.py", line 6, in <module>

import pandas as pd

ModuleNotFoundError: No module named 'pandas'

After speaking with AWS support, it turns out this was a known issue. When a cluster is launched, EMR first provisions the EC2 instances, after that it runs the bootstrap actions. Thus, when the bootstrap action runs, it installs the desired version. However, since the applications are installed after the bootstrap action, these applications override the custom installation for the Python packages. In order to get around the issue of the version being overridden, the workaround is to make use of a Bootstrap Action that delays the installation of the packages until the nodes are fully up and running. This will resolve the conflict that we have been seeing with pandas and numpy. Here is what our final working bootstrap.sh looks like, hope this helps, it was a tough one to solve:

#!/bin/bash
set -x

cat > /var/tmp/fix-bootstap.sh <<'EOF'
#!/bin/bash
set -x

while true; do
    NODEPROVISIONSTATE=`sed -n '/localInstance [{]/,/[}]/{
    /nodeProvisionCheckinRecord [{]/,/[}]/ {
    /status: / { p }
    /[}]/a
    }
    /[}]/a
    }' /emr/instance-controller/lib/info/job-flow-state.txt | awk ' { print $2 }'`

    if [ "$NODEPROVISIONSTATE" == "SUCCESSFUL" ]; then
        echo "Running my post provision bootstrap"
        # Enter your code here
        sudo python3 -m pip install --upgrade pip
        sudo python3 -m pip install boto3
        sudo python3 -m pip install botocore
        sudo python3 -m pip install sklearn
        sudo python3 -m pip install requests
        sudo python3 -m pip install numpy
        sudo python3 -m pip install pandas
        echo '-------BOOTSTRAP COMPLETE-------' 

        exit
    else
        echo "Sleeping Till Node is Provisioned"
        sleep 10
    fi
done

EOF

chmod +x /var/tmp/fix-bootstap.sh
nohup /var/tmp/fix-bootstap.sh  2>&1 &

#!/bin/bash

set -x

cat > /var/tmp/fix-bootstap.sh <<'EOF'

#!/bin/bash

set -x

while true; do

NODEPROVISIONSTATE=`sed -n '/localInstance [{]/,/[}]/{

/nodeProvisionCheckinRecord [{]/,/[}]/ {

/status: / { p }

/[}]/a

}

/[}]/a

}' /emr/instance-controller/lib/info/job-flow-state.txt | awk ' { print $2 }'`

if [ "$NODEPROVISIONSTATE" == "SUCCESSFUL" ]; then

echo "Running my post provision bootstrap"

# Enter your code here

sudo python3 -m pip install --upgrade pip

sudo python3 -m pip install boto3

sudo python3 -m pip install botocore

sudo python3 -m pip install sklearn

sudo python3 -m pip install requests

sudo python3 -m pip install numpy

sudo python3 -m pip install pandas

echo '-------BOOTSTRAP COMPLETE-------'

exit

else

echo "Sleeping Till Node is Provisioned"

sleep 10

done

EOF

chmod +x /var/tmp/fix-bootstap.sh

nohup /var/tmp/fix-bootstap.sh 2>&1 &

10 Year Anniversary: www.jasonralph.org

April 18, 2022April 18, 2022 adminLeave a comment

I had not posted too much lately, lots of stuff going on with my work and personal life, my wife and I moved into a new house in 2022, and for work we have been grinding on a large migration. I looked at my blog this morning and noticed that I have had this spare time project running for 10 years.

So for 10 years I have had jasonralph.org up and continuously available, with analytics, it started in my apartment on an old IBM stand alone server, it now runs on a single Rocky Linux 8 VM from linode for 10 dollars a month. I hope to have some new content soon, but for now, I am happy for the 10 year anniversary.

Jason R. Ralph

Linux All Day Everyday

Redshift Serverless Find Largest Tables

botocore.exceptions.ReadTimeoutError: Read timeout on endpoint URL: https://lambda.us-east-1.amazonaws.com

RequestsDependencyWarning: urllib3 (1.26.18) or chardet (3.0.4) doesn’t match a supported version!

HTTPSConnectionPool(host=’files.pythonhosted.org’, port=443): Read timed out

Upgrade Rocky Linux 8 to 9 CLI

AttributeError: module ‘cryptography.utils’ has no attribute ‘register_interface’

Python Linux Find Files With Pattern Accessed Older Than N Days And Remove

AWS EMR ImportError: this version of pandas is incompatible with numpy < 1.17.3

10 Year Anniversary: www.jasonralph.org