#6387 [RFE] better debugging for ipa-replica-conncheck
Closed: Fixed None Opened 7 years ago by pvoborni.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1379858

Description of problem:

ipa-replica-conncheck doesn't give a lot of detailed information in the log
other than pass, fail, and maybe a traceback.  We need the option to generate
more verbose output for debugging ipa-replica-conncheck failures like in bug
#1379029 .

Some of the additional information that might help debug conncheck issues:

- Hostnames and IPs being used to confirm DNS resolution

- Replica port listeners status to confirm they are running before the master
to replica check.

- Maybe also a generic master to replica ping to confirm connectivity in
general in that direction

Version-Release number of selected component (if applicable):
4.4.0-12

How reproducible:
always

Steps to Reproduce:
1.  ipa-replica-conncheck --debug

or:

1.  ipa-server-install on master
2.  ipa-replica-install --debug (would run conncheck with --debug as well)

Actual results:
Currently does nothing.

Expected results:
Would enable ipa-p

Additional info:

There were a number of patches that have improved replica conncheck logging.

master

  • de981d3 log all printed messages to /var/log/ipareplica-conncheck.log
  • af0ba66 add extra logging messages when conncheck starts listening on ports or sends a response (IPv4/IPv6 + port + protocol)
  • a24cd01 extra logging message when IPA fails to bind to port

All these messages are now visible when using ipa-replica-conncheck --debug option and they also end up in the /var/log/ipareplica-conncheck.log

Metadata Update from @pvoborni:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.5

7 years ago

Login to comment on this ticket.

Metadata