Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1364139
Description of problem: When IP address of master does not resolve to its hostname, ipa-replica-install fails. Version-Release number of selected component (if applicable): python2-ipaserver-4.4.0-4.el7.noarch How reproducible: Deterministic. Steps to Reproduce: 1. Have setup where IP address of master as seen by replica does not match master's hostname. 2. Run ipa-replica-install --server ipa.example.test --domain example.test Actual results: /etc/ssh/ssh_config not found, skipping configuration /etc/ssh/sshd_config not found, skipping configuration Configuring example.test as NIS domain. Client configuration complete. Unenrolling client from IPA server Removing Kerberos service principals from /etc/krb5.keytab Disabling client Kerberos and LDAP configurations Redundant SSSD configuration file /etc/sssd/sssd.conf was moved to /etc/sssd/sssd.conf.deleted Restoring client configuration files Unconfiguring the NIS domain. nscd daemon is not installed, skip configuration nslcd daemon is not installed, skip configuration Systemwide CA database updated. Client uninstall complete. ipa.ipapython.install.cli.install_tool(Replica): ERROR The host name ipa.example.test does not match the primary host name freeipa-server-container.freeipa-network. Please check /etc/hosts or DNS name resolution ipa.ipapython.install.cli.install_tool(Replica): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information Removing client side components Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. The log ends with 2016-08-04T13:29:08Z DEBUG Check if replica.example.test is a primary hostname for localhost 2016-08-04T13:29:08Z DEBUG Primary hostname for localhost: replica.example.test 2016-08-04T13:29:08Z DEBUG Search DNS for replica.example.test 2016-08-04T13:29:08Z DEBUG Check if replica.example.test is not a CNAME 2016-08-04T13:29:09Z DEBUG Check reverse address of 172.18.0.3 2016-08-04T13:29:09Z DEBUG Found reverse name: replica.example.test 2016-08-04T13:29:09Z DEBUG Check if ipa.example.test is a primary hostname for localhost 2016-08-04T13:29:09Z DEBUG Primary hostname for localhost: freeipa-server-container.freeipa-network 2016-08-04T13:29:09Z DEBUG Starting external process 2016-08-04T13:29:09Z DEBUG args=/usr/sbin/ipa-client-install --unattended --uninstall 2016-08-04T13:29:19Z DEBUG Process finished, return code=0 2016-08-04T13:29:19Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 318, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 308, in run self.validate() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 317, in validate for nothing in self._validator(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runner self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 564, in _configure next(validator) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runner self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 449, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 446, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install for nothing in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1712, in main promote_check(self) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 364, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 386, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1108, in promote_check installutils.verify_fqdn(config.master_host_name, options.no_host_dns) File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 166, in verify_fqdn "Please check /etc/hosts or DNS name resolution" % (host_name, ex_name[0])) 2016-08-04T13:29:19Z DEBUG The ipa-replica-install command failed, exception: HostLookupError: The host name ipa.example.test does not match the primary host name freeipa-server-container.freeipa-network. Please check /etc/hosts or DNS name resolution 2016-08-04T13:29:19Z ERROR The host name ipa.example.test does not match the primary host name freeipa-server-container.freeipa-network. Please check /etc/hosts or DNS name resolution 2016-08-04T13:29:19Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information Expected results: No error. Additional info:
Metadata Update from @pvoborni: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.5 backlog
Metadata Update from @tdudlak: - Custom field on_review reset (from 0) - Issue assigned to tdudlak (was: someone) - Issue close_status updated to: None - Issue set to the milestone: FreeIPA 4.6 (was: FreeIPA 4.5 backlog)
Metadata Update from @tdudlak: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/3646
Metadata Update from @frenaud: - Custom field on_review reset (from https://github.com/freeipa/freeipa/pull/3646) - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1364139,https://bugzilla.redhat.com/show_bug.cgi?id=1751951 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1364139)
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/3646
master:
ipa-4-7:
ipa-4-6:
ipa-4-8:
Metadata Update from @tdudlak: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
The pull requests add that local_hostname=False in containers. Why is the fact that the replica is being run in container important?
local_hostname=False
This is about the master's IP address not resolving directly to the hostname, so the same situation likely happens in AWS, and the same situation happens when the master is in container (or in general, in reverse-DNS-challenging environment) and replica is on a host, outside of cotnainers.
Login to comment on this ticket.