freeipa

Clone
Source Code
GIT

#4551 Automated replica installation may fail on missing DNS record
Closed: Fixed None Opened 9 years ago by pviktori.

Closed: Fixed
Reopen Issue

ipa-replica-prepare adds the host and a DNS record for it. It takes some time before this propagates to Bind.

ipa-replica-install does a connection check, which (if IPA manages DNS) uses the record created above.

If replica-install is run immediately after replica-prepare (e.g. in automated installations), the DNS record may not yet exist, and the installation will fail.

Suggested solution: At the end of ipa-replica-prepare, wait until the replica's hostname is resolvable. Say "this check may be safely interrupted if the DNS record will be added later". Add an option (--no-wait-for-dns) to skip the wait.

Please note that this is useful even for installations where DNS is managed outside of IPA.
It:

  • reminds admin to add the new record
  • checks that admin did the right thing

master:

  • ffe4417 ipa-replica-prepare: Wait for the DNS entry to be resolvable

ipa-4-1:

  • ee4a023 ipa-replica-prepare: Wait for the DNS entry to be resolvable

ipa-4-0:

  • 1794237 ipa-replica-prepare: Wait for the DNS entry to be resolvable

Metadata Update from @pviktori:
- Issue assigned to pviktori
- Issue set to the milestone: FreeIPA 4.0.4
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
defect
None
None
Installation
None
1
None
None
pspacek
None
0
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.