[Freeipa-users] Replica re-initialization
Ludwig Krispenz
lkrispen at redhat.com
Fri Dec 12 13:53:59 UTC 2014
On 12/12/2014 02:00 PM, Martin Kosek wrote:
> On 12/11/2014 06:19 PM, Matt Chesler wrote:
>> I have a cluster of four IPA masters that should be performing fully
>> meshed
>> replication. I discovered yesterday that a recently created user
>> only existed
>> on a single master. After looking through all four masters, it
>> appears that
>> several recent updates only exist on one of the masters. I do not
>> see any
>> replication errors in any of the logs, but I'm not 100% sure how far
>> back this
>> issue goes.
>
> That's really strange, because AFAIK, DS replication module yells
> periodically if it cannot replicate so you should see it on the last
> errors log page.
>
>> I do believe the one master with up-to-date data is a reliable
>> representation of what the LDAP directory should look like. I ran a
>> reinitialize command (ipa-replica-manage re-initialize --from
>> reliable-server.fqdn) on two of the out-of-date masters yesterday
>> around 4pm
>> EST. It's now a little after 12pm EST and the "Update in progress"
>> message is
>> still scrolling by once a second on both terminals. I'd greatly
>> appreciate
>> suggestions about a) how to determine the status of the reinitialize
>> command
>> and b) any other ideas about how to resolve this issue and monitor
>> for it
>> better in the future. Thanks in advance for your help!
you could check the nsds5replicaLastInitStatus: in the replication
agreement. Is there any info in the DS error logs ?
If init is not progressing there is a good chance you are running into
bz 1166265, thierry is working on a fix.
if online initialization is not working, you could still try do it
offline (export/import ldif files)
>
> Thierry or Ludwig, any idea?
More information about the Freeipa-users
mailing list