[Freeipa-users] unhappy replication?

Dmitri Pal dpal at redhat.com
Tue Sep 9 23:32:06 UTC 2014 

On 09/09/2014 06:44 PM, Rob Crittenden wrote:
> Kat wrote:
>> On 9/9/14 3:18 PM, Dmitri Pal wrote:
>>> On 09/09/2014 12:55 PM, Rich Megginson wrote:
>>>> On 09/09/2014 10:41 AM, Kat wrote:
>>>>> The problem I see is simple - not being able to add additional
>>>>> replicas after the migration?
>>>> What I meant to say is - Is the workaround of setting replication
>>>> first, then doing migration, acceptable?
>>>>
>>>>> On 9/9/14 9:24 AM, Rich Megginson wrote:
>>>>>> On 09/09/2014 10:12 AM, Kat wrote:
>>>>>>> Well - here is the problem and solution:
>>>>>>>
>>>>>>> Fails every time:
>>>>>>>
>>>>>>> Install master, enable migration, migrate existing LDAP
>>>>>>> config/users, setup replication, fails.
>>>>>>>
>>>>>>> Works every time:
>>>>>>>
>>>>>>> Install master, setup replication, enable migration, migrate
>>>>>>> existing LDAP config/users, works perfectly.
>>>>>>>
>>>>>>> So -- a problem with migration settings??
>>>>>> Could be.  Is it a problem if the only way you can successfully set
>>>>>> things up is to do the latter procedure?
>>> Would be nice to test this scenario at some point and reproduce it.
>>> I do not think the workaround is acceptable. One should be able to add
>>> the replicas after migration.
>>> Is this a timing issue? I mean can you add replica next day for
>>> example or never?
>>> If you never can add a replica after migration it is a problem and we
>>> should fix it. If you can't just for s short period of time then we
>>> should probably file a ticket and process it later.
>>>
>> Sadly - no - I waited 24 hours after the migration from OpenLDAP to IPA
>> and still could not do it.
>>
>> Going to try something else. Since the bug still exists migrating to 4.x
>> directly - going to migrate to 3.3.5, THEN upgrade to 4.0.1 and then try
>> the replica addition. I will let you know what happens.
> Honestly, I find it hard to believe that this is related to migration.
> All migration does is pull over users and groups over LDAP. Whether you
> set up the agreement before or after, it is going to do a full database
> dump. The only difference is that after it will get more data.
>
> rob
>
Well may be the data is so big that the replication gets stuck?
May be there is some huge group membership issue or something like.
Do you have a huge group? Multiples of huge groups? Do you use auto 
membership?

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

More information about the Freeipa-users mailing list