After getting the feedback previously from the mailing list (thank you for all your help) I have deployed a CentOS 7 image in AWS. I was able to add teh client machine to the FreeIPA domain. The CentOS 7 instance is a t2.medium which is a 2 proc by 4GB RAM. But when I go to promote it I get the following error: ipa-replica-install --setup-ca --ssh-trust-dns --mkhomedir --setup-kra --setup-dns --forwarder=10.10.0.2
2018-03-05T21:33:57Z DEBUG stderr=2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'2018-03-05T21:33:57Z DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state'2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'2018-03-05T21:33:57Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'2018-03-05T21:33:57Z DEBUG Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes2018-03-05T21:33:57Z DEBUG [1/27]: creating certificate server db2018-03-05T21:33:57Z DEBUG duration: 0 seconds2018-03-05T21:33:57Z DEBUG [2/27]: setting up initial replication2018-03-05T21:33:57Z DEBUG Fetching nsDS5ReplicaId from master [attempt 1/5]2018-03-05T21:33:57Z DEBUG retrieving schema for SchemaCache url=ldap://infra-test-ipa.gatewayblend.net:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x93d5368>2018-03-05T21:33:58Z DEBUG Successfully updated nsDS5ReplicaId.2018-03-05T21:34:14Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication")RuntimeError: Failed to start replication 2018-03-05T21:34:14Z DEBUG [error] RuntimeError: Failed to start replication2018-03-05T21:34:14Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 333, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 368, in run self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 392, in execute for _nothing in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 658, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install for _nothing in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py", line 617, in main replica_install(self) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 386, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1458, in install ca.install(False, config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 205, in install install_step_0(standalone, replica_config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 284, in install_step_0 use_ldaps=standalone) File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 447, in configure_instance self.start_creation(runtime=runtime) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication") 2018-03-05T21:34:14Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Failed to start replication2018-03-05T21:34:14Z ERROR Failed to start replication2018-03-05T21:34:14Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information[centos@freeipa02 ~]$
I think I figured out my problem. I think its the Amazon Linux replica. named-pkcs11 keeps dying which is causing my issues.
On Monday, March 5, 2018 3:40 PM, Andrew Meyer via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
After getting the feedback previously from the mailing list (thank you for all your help) I have deployed a CentOS 7 image in AWS. I was able to add teh client machine to the FreeIPA domain. The CentOS 7 instance is a t2.medium which is a 2 proc by 4GB RAM. But when I go to promote it I get the following error: ipa-replica-install --setup-ca --ssh-trust-dns --mkhomedir --setup-kra --setup-dns --forwarder=10.10.0.2
2018-03-05T21:33:57Z DEBUG stderr=2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'2018-03-05T21:33:57Z DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state'2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'2018-03-05T21:33:57Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'2018-03-05T21:33:57Z DEBUG Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes2018-03-05T21:33:57Z DEBUG [1/27]: creating certificate server db2018-03-05T21:33:57Z DEBUG duration: 0 seconds2018-03-05T21:33:57Z DEBUG [2/27]: setting up initial replication2018-03-05T21:33:57Z DEBUG Fetching nsDS5ReplicaId from master [attempt 1/5]2018-03-05T21:33:57Z DEBUG retrieving schema for SchemaCache url=ldap://infra-test-ipa.gatewayblend.net:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x93d5368>2018-03-05T21:33:58Z DEBUG Successfully updated nsDS5ReplicaId.2018-03-05T21:34:14Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication")RuntimeError: Failed to start replication 2018-03-05T21:34:14Z DEBUG [error] RuntimeError: Failed to start replication2018-03-05T21:34:14Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 333, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 368, in run self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 392, in execute for _nothing in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 658, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install for _nothing in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py", line 617, in main replica_install(self) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 386, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1458, in install ca.install(False, config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 205, in install install_step_0(standalone, replica_config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 284, in install_step_0 use_ldaps=standalone) File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 447, in configure_instance self.start_creation(runtime=runtime) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication") 2018-03-05T21:34:14Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Failed to start replication2018-03-05T21:34:14Z ERROR Failed to start replication2018-03-05T21:34:14Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information[centos@freeipa02 ~]$ _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Andrew Meyer via FreeIPA-users wrote:
After getting the feedback previously from the mailing list (thank you for all your help) I have deployed a CentOS 7 image in AWS. I was able to add teh client machine to the FreeIPA domain. The CentOS 7 instance is a t2.medium which is a 2 proc by 4GB RAM. But when I go to promote it I get the following error:
ipa-replica-install --setup-ca --ssh-trust-dns --mkhomedir --setup-kra --setup-dns --forwarder=10.10.0.2
2018-03-05T21:33:57Z DEBUG stderr= 2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state' 2018-03-05T21:33:57Z DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state' 2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2018-03-05T21:33:57Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2018-03-05T21:33:57Z DEBUG Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 2018-03-05T21:33:57Z DEBUG [1/27]: creating certificate server db 2018-03-05T21:33:57Z DEBUG duration: 0 seconds 2018-03-05T21:33:57Z DEBUG [2/27]: setting up initial replication 2018-03-05T21:33:57Z DEBUG Fetching nsDS5ReplicaId from master [attempt 1/5] 2018-03-05T21:33:57Z DEBUG retrieving schema for SchemaCache url=ldap://infra-test-ipa.gatewayblend.net:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x93d5368> 2018-03-05T21:33:58Z DEBUG Successfully updated nsDS5ReplicaId. 2018-03-05T21:34:14Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication") RuntimeError: Failed to start replication
2018-03-05T21:34:14Z DEBUG [error] RuntimeError: Failed to start replication 2018-03-05T21:34:14Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 333, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 368, in run self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 392, in execute for _nothing in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 658, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install for _nothing in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py", line 617, in main replica_install(self) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 386, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1458, in install ca.install(False, config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 205, in install install_step_0(standalone, replica_config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 284, in install_step_0 use_ldaps=standalone) File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 447, in configure_instance self.start_creation(runtime=runtime) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication")
2018-03-05T21:34:14Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Failed to start replication 2018-03-05T21:34:14Z ERROR Failed to start replication 2018-03-05T21:34:14Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information [centos@freeipa02 ~]$
You'll need to look at the logs for more information.
rob
We got it fixed. But one of the servers became severely out of sync causing other issues. We got it fixed and replication is now working once again. Now it is just figuring out if we truly can use Amazon Linux 2 as a FreeIPA replica or if we need to stick w/ CentOS 7.
On Tuesday, March 6, 2018 1:02 PM, Rob Crittenden via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Andrew Meyer via FreeIPA-users wrote:
After getting the feedback previously from the mailing list (thank you for all your help) I have deployed a CentOS 7 image in AWS. I was able to add teh client machine to the FreeIPA domain. The CentOS 7 instance is a t2.medium which is a 2 proc by 4GB RAM. But when I go to promote it I get the following error:
ipa-replica-install --setup-ca --ssh-trust-dns --mkhomedir --setup-kra --setup-dns --forwarder=10.10.0.2
2018-03-05T21:33:57Z DEBUG stderr= 2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state' 2018-03-05T21:33:57Z DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state' 2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2018-03-05T21:33:57Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2018-03-05T21:33:57Z DEBUG Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 2018-03-05T21:33:57Z DEBUG [1/27]: creating certificate server db 2018-03-05T21:33:57Z DEBUG duration: 0 seconds 2018-03-05T21:33:57Z DEBUG [2/27]: setting up initial replication 2018-03-05T21:33:57Z DEBUG Fetching nsDS5ReplicaId from master [attempt 1/5] 2018-03-05T21:33:57Z DEBUG retrieving schema for SchemaCache url=ldap://infra-test-ipa.gatewayblend.net:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x93d5368> 2018-03-05T21:33:58Z DEBUG Successfully updated nsDS5ReplicaId. 2018-03-05T21:34:14Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication") RuntimeError: Failed to start replication
2018-03-05T21:34:14Z DEBUG [error] RuntimeError: Failed to start replication 2018-03-05T21:34:14Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 333, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 368, in run self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 392, in execute for _nothing in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 658, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install for _nothing in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py", line 617, in main replica_install(self) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 386, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1458, in install ca.install(False, config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 205, in install install_step_0(standalone, replica_config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 284, in install_step_0 use_ldaps=standalone) File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 447, in configure_instance self.start_creation(runtime=runtime) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication")
2018-03-05T21:34:14Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Failed to start replication 2018-03-05T21:34:14Z ERROR Failed to start replication 2018-03-05T21:34:14Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information [centos@freeipa02 ~]$
You'll need to look at the logs for more information.
rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Andrew Meyer wrote:
We got it fixed. But one of the servers became severely out of sync causing other issues. We got it fixed and replication is now working once again. Now it is just figuring out if we truly can use Amazon Linux 2 as a FreeIPA replica or if we need to stick w/ CentOS 7.
If they use a different release of curl who knows what else is different. Do you want to trust your intrastructure with that?
IPA herds many cats and it can be difficult to keep so many dependent packages in-line. With so many moving parts even small changes can sometimes cause a tremendous amount of grief.
rob
On Tuesday, March 6, 2018 1:02 PM, Rob Crittenden via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Andrew Meyer via FreeIPA-users wrote:
After getting the feedback previously from the mailing list (thank you for all your help) I have deployed a CentOS 7 image in AWS. I was able to add teh client machine to the FreeIPA domain. The CentOS 7 instance is a t2.medium which is a 2 proc by 4GB RAM. But when I go to promote it I get the following error:
ipa-replica-install --setup-ca --ssh-trust-dns --mkhomedir --setup-kra --setup-dns --forwarder=10.10.0.2
2018-03-05T21:33:57Z DEBUG stderr= 2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state' 2018-03-05T21:33:57Z DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state' 2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2018-03-05T21:33:57Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2018-03-05T21:33:57Z DEBUG Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 2018-03-05T21:33:57Z DEBUG [1/27]: creating certificate server db 2018-03-05T21:33:57Z DEBUG duration: 0 seconds 2018-03-05T21:33:57Z DEBUG [2/27]: setting up initial replication 2018-03-05T21:33:57Z DEBUG Fetching nsDS5ReplicaId from master
[attempt 1/5]
2018-03-05T21:33:57Z DEBUG retrieving schema for SchemaCache url=ldap://infra-test-ipa.gatewayblend.net:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x93d5368> 2018-03-05T21:33:58Z DEBUG Successfully updated nsDS5ReplicaId. 2018-03-05T21:34:14Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication") RuntimeError: Failed to start replication
2018-03-05T21:34:14Z DEBUG [error] RuntimeError: Failed to start replication 2018-03-05T21:34:14Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 333, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 368, in run self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 392, in execute for _nothing in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 658, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install for _nothing in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py", line 617, in main replica_install(self) File
"/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
line 386, in decorated func(installer) File
"/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
line 1458, in install ca.install(False, config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 205, in install install_step_0(standalone, replica_config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 284, in install_step_0 use_ldaps=standalone) File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 447, in configure_instance self.start_creation(runtime=runtime) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication")
2018-03-05T21:34:14Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Failed to start replication 2018-03-05T21:34:14Z ERROR Failed to start replication 2018-03-05T21:34:14Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information [centos@freeipa02 mailto:centos@freeipa02 ~]$
You'll need to look at the logs for more information.
rob
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org mailto:freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org mailto:freeipa-users-leave@lists.fedorahosted.org
Agreed. Going to try and get direct management to move forward w/ CentOS 7 up there.Thanks to you and your team for all their help. FreeIPA is so awesome.
On Tuesday, March 6, 2018 1:31 PM, Rob Crittenden via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Andrew Meyer wrote:
We got it fixed. But one of the servers became severely out of sync causing other issues. We got it fixed and replication is now working once again. Now it is just figuring out if we truly can use Amazon Linux 2 as a FreeIPA replica or if we need to stick w/ CentOS 7.
If they use a different release of curl who knows what else is different. Do you want to trust your intrastructure with that?
IPA herds many cats and it can be difficult to keep so many dependent packages in-line. With so many moving parts even small changes can sometimes cause a tremendous amount of grief.
rob
On Tuesday, March 6, 2018 1:02 PM, Rob Crittenden via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Andrew Meyer via FreeIPA-users wrote:
After getting the feedback previously from the mailing list (thank you for all your help) I have deployed a CentOS 7 image in AWS. I was able to add teh client machine to the FreeIPA domain. The CentOS 7 instance is a t2.medium which is a 2 proc by 4GB RAM. But when I go to promote it I get the following error:
ipa-replica-install --setup-ca --ssh-trust-dns --mkhomedir --setup-kra --setup-dns --forwarder=10.10.0.2
2018-03-05T21:33:57Z DEBUG stderr= 2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state' 2018-03-05T21:33:57Z DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state' 2018-03-05T21:33:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2018-03-05T21:33:57Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2018-03-05T21:33:57Z DEBUG Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 2018-03-05T21:33:57Z DEBUG [1/27]: creating certificate server db 2018-03-05T21:33:57Z DEBUG duration: 0 seconds 2018-03-05T21:33:57Z DEBUG [2/27]: setting up initial replication 2018-03-05T21:33:57Z DEBUG Fetching nsDS5ReplicaId from master
[attempt 1/5]
2018-03-05T21:33:57Z DEBUG retrieving schema for SchemaCache url=ldap://infra-test-ipa.gatewayblend.net:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x93d5368> 2018-03-05T21:33:58Z DEBUG Successfully updated nsDS5ReplicaId. 2018-03-05T21:34:14Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication") RuntimeError: Failed to start replication
2018-03-05T21:34:14Z DEBUG [error] RuntimeError: Failed to start replication 2018-03-05T21:34:14Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 333, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 368, in run self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 392, in execute for _nothing in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 658, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install for _nothing in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py", line 617, in main replica_install(self) File
"/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
line 386, in decorated func(installer) File
"/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
line 1458, in install ca.install(False, config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 205, in install install_step_0(standalone, replica_config, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 284, in install_step_0 use_ldaps=standalone) File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 447, in configure_instance self.start_creation(runtime=runtime) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1192, in __setup_replication repl.setup_cs_replication(self.master_host) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1814, in setup_cs_replication raise RuntimeError("Failed to start replication")
2018-03-05T21:34:14Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Failed to start replication 2018-03-05T21:34:14Z ERROR Failed to start replication 2018-03-05T21:34:14Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information [centos@freeipa02 mailto:centos@freeipa02 ~]$
You'll need to look at the logs for more information.
rob
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org mailto:freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org mailto:freeipa-users-leave@lists.fedorahosted.org
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
freeipa-users@lists.fedorahosted.org