[Freeipa-devel] [PATCH] 0335 ipa-replica-install: Move check for existing host before DNS resolution check

Petr Viktorin pviktori at redhat.com
Thu Jan 16 12:02:29 UTC 2014 

On 01/14/2014 07:59 PM, Rob Crittenden wrote:
> Petr Viktorin wrote:
>> On 01/13/2014 05:19 PM, Rob Crittenden wrote:
>>> Petr Viktorin wrote:
>>>> See commit message & ticket for details.
>>>>
>>>> https://fedorahosted.org/freeipa/ticket/3889
>>>
>>> If memory serves this was done so that both the replication and the host
>>> checks would be done so the admin wouldn't die a death of a thousand
>>> cuts.
>>>
>>> If a leftover agreement exists then the replica install will fail. You
>>> delete the agreement. The next install may fail too if the host exists.
>>> We should check for both before quitting.
>>
>> AFAIK nowadays ipa-replica-manage del should also remove the host entry,
>> so it's correct to suggest just that.
>>
>
> I couldn't find any place in the code the host is removed. This would
> have to be a pretty specialized case because you'd only remove the host
> if you were also deleting the last agreement.

Well, `ipa-replica-manage del` does remove all agreements. So if we 
suggest deleting the replica, it makes no sense to suggest running `ipa 
host-del` after it.


$ ipa host-find
---------------
3 hosts matched
---------------
   Host name: vm-183.idm.lab.eng.brq.redhat.com
   Principal name: 
host/vm-183.idm.lab.eng.brq.redhat.com at IDM.LAB.ENG.BRQ.REDHAT.COM
   Password: False
   Keytab: True
   Managed by: vm-183.idm.lab.eng.brq.redhat.com

   Host name: vm-221.idm.lab.eng.brq.redhat.com
   Principal name: 
host/vm-221.idm.lab.eng.brq.redhat.com at IDM.LAB.ENG.BRQ.REDHAT.COM
   Password: False
   Keytab: True
   Managed by: vm-221.idm.lab.eng.brq.redhat.com
   SSH public key fingerprint: 
35:59:48:7F:EA:A5:FC:CF:AA:93:7E:F0:BE:29:EC:A6 (ssh-rsa), 
A7:8A:B4:99:61:FC:C6:1A:B5:62:CD:56:F4:BD:49:CA (ecdsa-sha2-nistp256)

   Host name: vm-223.idm.lab.eng.brq.redhat.com
   Principal name: 
host/vm-223.idm.lab.eng.brq.redhat.com at IDM.LAB.ENG.BRQ.REDHAT.COM
   Password: False
   Keytab: True
   Managed by: vm-223.idm.lab.eng.brq.redhat.com
   SSH public key fingerprint: 
7B:D1:4D:3E:5D:45:78:6D:4E:0A:4C:F4:DF:D9:7D:CE (ssh-rsa)
----------------------------
Number of entries returned 3
----------------------------

$ ipa-replica-manage list vm-223.idm.lab.eng.brq.redhat.com
vm-183.idm.lab.eng.brq.redhat.com: replica
vm-221.idm.lab.eng.brq.redhat.com: replica

$ ipa-replica-manage del vm-223.idm.lab.eng.brq.redhat.com 
 
 

Deleting a master is irreversible.
To reconnect to the remote master you will need to prepare a new replica 
file
and re-install.
Continue to delete? [no]: y
Deleting replication agreements between 
vm-223.idm.lab.eng.brq.redhat.com and vm-183.idm.lab.eng.brq.redhat.com, 
vm-221.idm.lab.eng.brq.redhat.com
ipa: INFO: Setting agreement 
cn=meTovm-183.idm.lab.eng.brq.redhat.com,cn=replica,cn=dc\=idm\,dc\=lab\,dc\=eng\,dc\=brq\,dc\=redhat\,dc\=com,cn=mapping 
tree,cn=config schedule to 2358-2359 0 to force synch
ipa: INFO: Deleting schedule 2358-2359 0 from agreement 
cn=meTovm-183.idm.lab.eng.brq.redhat.com,cn=replica,cn=dc\=idm\,dc\=lab\,dc\=eng\,dc\=brq\,dc\=redhat\,dc\=com,cn=mapping 
tree,cn=config
ipa: INFO: Replication Update in progress: FALSE: status: 0 Replica 
acquired successfully: Incremental update succeeded: start: 0: end: 0
Deleted replication agreement from 'vm-183.idm.lab.eng.brq.redhat.com' 
to 'vm-223.idm.lab.eng.brq.redhat.com'
ipa: INFO: Setting agreement 
cn=meTovm-221.idm.lab.eng.brq.redhat.com,cn=replica,cn=dc\=idm\,dc\=lab\,dc\=eng\,dc\=brq\,dc\=redhat\,dc\=com,cn=mapping 
tree,cn=config schedule to 2358-2359 0 to force synch
ipa: INFO: Deleting schedule 2358-2359 0 from agreement 
cn=meTovm-221.idm.lab.eng.brq.redhat.com,cn=replica,cn=dc\=idm\,dc\=lab\,dc\=eng\,dc\=brq\,dc\=redhat\,dc\=com,cn=mapping 
tree,cn=config
ipa: INFO: Replication Update in progress: FALSE: status: 0 Replica 
acquired successfully: Incremental update succeeded: start: 0: end: 0
Deleted replication agreement from 'vm-221.idm.lab.eng.brq.redhat.com' 
to 'vm-223.idm.lab.eng.brq.redhat.com'
Background task created to clean replication data. This may take a while.
This may be safely interrupted with Ctrl+C

$ ipa host-find
---------------
2 hosts matched
---------------
   Host name: vm-183.idm.lab.eng.brq.redhat.com
   Principal name: 
host/vm-183.idm.lab.eng.brq.redhat.com at IDM.LAB.ENG.BRQ.REDHAT.COM
   Password: False
   Keytab: True
   Managed by: vm-183.idm.lab.eng.brq.redhat.com

   Host name: vm-221.idm.lab.eng.brq.redhat.com
   Principal name: 
host/vm-221.idm.lab.eng.brq.redhat.com at IDM.LAB.ENG.BRQ.REDHAT.COM
   Password: False
   Keytab: True
   Managed by: vm-221.idm.lab.eng.brq.redhat.com
   SSH public key fingerprint: 
35:59:48:7F:EA:A5:FC:CF:AA:93:7E:F0:BE:29:EC:A6 (ssh-rsa), 
A7:8A:B4:99:61:FC:C6:1A:B5:62:CD:56:F4:BD:49:CA (ecdsa-sha2-nistp256)
----------------------------
Number of entries returned 2
----------------------------

$ ipa host-del vm-223.idm.lab.eng.brq.redhat.com
ipa: ERROR: vm-223.idm.lab.eng.brq.redhat.com: host not found

$



-- 
Petr³

More information about the Freeipa-devel mailing list