[Freeipa-users] multi-master replication

Dmitri Pal dpal at redhat.com
Sun Oct 26 00:17:41 UTC 2014


On 10/24/2014 07:15 PM, Craig White wrote:
>
> *From:*freeipa-users-bounces at redhat.com 
> [mailto:freeipa-users-bounces at redhat.com] *On Behalf Of *Craig White
> *Sent:* Friday, October 24, 2014 4:02 PM
> *To:* freeipa-users at redhat.com
> *Subject:* [Freeipa-users] multi-master replication
>
> I would have thought that changes go from replica to master and not 
> just master to replica.
>
> Is there something I have to do to make the changes bi-directional?
>
> Replying to my own post...
>
> Logs are my friend  ;-)
>
> [24/Oct/2014:23:08:17 +0000] NSMMReplicationPlugin - 
> agmt="cn=meToipa001.domain.local " (ipa001:389): Replication bind with 
> GSSAPI auth resumed
>
> [24/Oct/2014:23:08:17 +0000] NSMMReplicationPlugin - 
> agmt="cn=meToipa001.domain.local " (ipa001:389): Warning: unable to 
> replicate schema: rc=2
>
> [24/Oct/2014:23:08:17 +0000] NSMMReplicationPlugin - 
> agmt="cn=meToipa001.domain.local " (ipa001:389): Failed to send update 
> operation to consumer (uniqueid e018060f-5bb011e4-81078979-dc802980, 
> CSN 544aa346000000030000): Can't contact LDAP server. Will retry later.
>
> [24/Oct/2014:23:08:17 +0000] NSMMReplicationPlugin - 
> agmt="cn=meToipa001.domain.local " (ipa001:389): Consumer failed to 
> replay change (uniqueid (null), CSN (null)): Can't contact LDAP 
> server(-1). Will retry later.
>

These NULLs look suspicious.
I hope DS gurus will have more for you on Monday.

> [24/Oct/2014:23:08:17 +0000] NSMMReplicationPlugin - 
> agmt="cn=meToipa001.domain.local" (ipa001:389): Warning: unable to 
> send endReplication extended operation (Can't contact LDAP server)
>
> And on the master, I see a bunch of...
>
> sasl_io_recv failed to decode packet for connection 4113
>
> but dirsrv is running on both machines and firewalls aren't in the way 
> because I managed to set up the initial replication from master to 
> replica without a problem and the firewall rules are the same for both 
> machines.
>
> # rpm -qa | grep ipa
>
> ipa-admintools-3.0.0-42.el6.x86_64
>
> libipa_hbac-python-1.11.6-30.el6.x86_64
>
> python-iniparse-0.3.1-2.1.el6.noarch
>
> ipa-client-3.0.0-42.el6.x86_64
>
> ipa-server-selinux-3.0.0-42.el6.x86_64
>
> ipa-pki-common-theme-9.0.3-7.el6.noarch
>
> ipa-pki-ca-theme-9.0.3-7.el6.noarch
>
> sssd-ipa-1.11.6-30.el6.x86_64
>
> ipa-python-3.0.0-42.el6.x86_64
>
> ipa-server-3.0.0-42.el6.x86_64
>
> libipa_hbac-1.11.6-30.el6.x86_64
>
> RHEL 6.5
>
>
>


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141025/4308d09b/attachment.htm>


More information about the Freeipa-users mailing list