Why does the agent install fail with "kernel headers cannot be found"?

During an agent installation in an Amazon machine image (AMI) you may encounter the following errors while the installer is trying to compile the Sysdig kernel module: "Unable to find kernel development files for the current kernel version" and "FATAL: Module sysdigcloud-probe not found". 

This indicates your machine is running a kernel in an older AMI for which the kernel headers are no longer available in the configured repositories. The issue has to do with Amazon purging packages in the yum repository when new Amazon Linux machine images are released.

The solution is to either update your kernel for which header files are readily available (recommended) or perform a one-time installation of the kernel headers for your older AMI.

 

Upgrade Your Host's Kernel

The following commands should fix the issue. The first two commands will install a new kernel and reboot your instance:

sudo yum -y install kernel
sudo reboot

After rebooting, you may need to issue these remaining 3 commands to install the required header files if the above kernel update did not already add them. Check to see if your host is reporting metrics to your account first and if not, issue:

sudo yum -y install kernel-devel-$(uname -r)
sudo /usr/lib/dkms/dkms_autoinstaller start
sudo service dragent restart

 

Install Older Kernel Headers

Although it is recommended to upgrade to the latest kernel for security and performance reasons, you can alternatively install the older headers for your AMI.  Use the commands below to find the the AMI version string and install the appropriate headers:

releasever=$(cat /etc/os-release | grep 'VERSION_ID' | grep -Eo "[0-9]{4}\.[0-9]{2}")
sudo yum -y --releasever=${releasever} install kernel-devel-$(uname -r)

 

Issue the remaining commands to allow the Sydig Agent to start successfully:

sudo /usr/lib/dkms/dkms_autoinstaller start
sudo service dragent restart

 

Reference:

Find Out Your AWS Instance Image Version

The file /etc/image-id will show information about the original machine image your instance was set up with:

[ec2-user ~]$ cat /etc/image-id
image_name="amzn-ami-hvm"
image_version="2017.03" image_arch="x86_64"image_file="amzn-ami-hvm-2017.03.0.20170401-x86_64.ext4.gpt"image_stamp="26a3-ed31" image_date="20170402053945" recipe_name="amzn ami" recipe_id="47cfa924-413c-d460-f4f2-2af7-feb6-9e37-7c9f1d2b"

This file will not change as you install updates from the yum repository.

 

The file /etc/system-release will tell you what version of the AWS image is currently installed:

[ec2-user ~]$ cat /etc/system-release
Amazon Linux AMI release 2017.03

This file is updated through yum as your host is updated and is part of the system-release RPM

Have more questions? Submit a request