[Freeipa-users] Replication woes
Rob Crittenden
rcritten at redhat.com
Mon Aug 19 15:58:28 UTC 2013
Rob Crittenden wrote:
> Bret Wortman wrote:
>> Well, my master ground to a halt and wasn't responding. I rebooted the
>> system and now I can't access the web UI or ssh to the master either. I
>> have console access but that's it.
>>
>> The services all say they're running, but the web UI gives an "Unknown
>> Error" dialog and ssh fails with "ssh_exchange_identification:
>> Connection closed by remote host" whenever I try to ssh to ipamaster. I
>> think something has gone really wrong inside my master. Any ideas? Even
>> after the reboot, --cleanup isn't helping and just hangs.
>>
>> The logfiles end (as of the time I ^C'd the process) with:
>>
>> NSMMReplicationPlugin - agmt="cn=meTogood3.spx.net
>> <http://meTogood3.spx.net>" (good3:389): Replication bind with GSSAPI
>> auth failed: LDAP error -2 (Local error) (SASL(-1): generic failure:
>> GSSAPI Error: Unspecified GSS failure. Minor code may provide more
>> information (Cannot determine realm for numeric host address))
>> NSMMReplicationPlugin - CleanAllRUV Task: Replica not online
>> (agmt="cn=meTogood3.foo.net <http://meTogood3.foo.net>" (good3:389))
>> NSMMReplicationPlugin - CleanAllRUV Task: Not all replicas online,
>> retrying in 160 seconds...,
>>
>> So it looks like it's having trouble talking with one of my replicas and
>> is doggedly trying to get the job done. Any idea how to get the master
>> back working again while I troubleshoot this connectivity issue?
>
> That suggests a DNS problem, and it might explain ssh as well depending
> on your configuration.
To be clear, you ran --cleanup against one of the bad masters, not a
good one, right?
rob
More information about the Freeipa-users
mailing list