We just had to restart sssd on a large number of machines because we had a period of DNS failure. We’re using IPA as the backend. Faiures occurred on Centos 7 and 8 and Ubuntu 18.
I don’t necessarily expect everything to work when DNS is dead, but I did expect it t recover.
For the moment we’re adding entries to /etc/hosts on all of our systems for the IPA servers and our main file servers. Unfortunately DNS is run by the campus, so it’s not under our control.
For critical stuff like NFS nodes, it is best practice for LDAP, DNS, SSD and NFS targets to have /etc/hosts file entries.
Especially for NFS/iSCSI stuff. In my experience it doesn't recover at all usually required a reboot to get its state marbles/sanity back.
This isn't too painful if you have a configuration management system on your network like puppet or Redhat Satellite Server.
On Tue, Apr 21, 2020 at 4:11 PM Charles Hedrick hedrick@rutgers.edu wrote:
We just had to restart sssd on a large number of machines because we had a period of DNS failure. We’re using IPA as the backend. Faiures occurred on Centos 7 and 8 and Ubuntu 18.
I don’t necessarily expect everything to work when DNS is dead, but I did expect it t recover.
For the moment we’re adding entries to /etc/hosts on all of our systems for the IPA servers and our main file servers. Unfortunately DNS is run by the campus, so it’s not under our control.
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o...
sssd-users@lists.fedorahosted.org
-
Charles Hedrick -
Gregory Carter