[Freeipa-users] unable to delete dead freeipa replica
Andrew Holway
andrew.holway at gmail.com
Fri Nov 6 14:37:45 UTC 2015
Thanks Petr,
Tried this and get the following output with the verbose flag:
p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
Cleaning a master is irreversible.
This should not normally be require, so use cautiously.
Continue to clean master? [no]: yes
I still however see this machine as a nameserver for this domain. Also, SRV
records pointing to it are still being served.
[root at freeipa-prod-a-033 centos]# dig NS cloud.dcmn.com +short
freeipa-prod-a-031.cloud.foo.com.
freeipa-prod-b-032.cloud.foo.com.
freeipa-prod-a-033.cloud.foo.com.
Cheers,
Andrew
On 6 November 2015 at 15:28, Petr Vobornik <pvoborni at redhat.com> wrote:
> On 11/05/2015 05:32 PM, Andrew Holway wrote:
>
>> Actually I'm starting to feel like this is a bug. Managed to get the old
>> IPA server back up and ran .
>>
>> "ipa-server-install --uninstall"
>>
>> Which completed successfully and gave the advice:
>>
>> Replication agreements with the following IPA masters found: freeipa-
>>
>> prod-b-032.cloud.foo.com. Removing any replication agreements before
>>
>> uninstalling the server is strongly recommended. You can remove
>> replication
>>
>> agreements by running the following command on any other IPA master:
>>
>> $ ipa-replica-manage del freeipa-prod-a-031.cloud.foo.com
>>
>>
>> Running this command on the other IPA servers gives the following:
>>
>>
>> [root at freeipa-prod-a-033 centos]# ipa-replica-manage del
>> freeipa-prod-a-031.cloud.foo.com
>>
>> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
>>
>> 'freeipa-prod-a-033.cloud.dcmn.com' has no replication agreement for'
>> freeipa-prod-a-031.cloud.foo.com'
>>
>>
>> I dont see anything in the logs.
>>
>>
>> Thanks,
>>
>>
>> Andrew
>>
>> On 5 November 2015 at 16:58, Andrew Holway <andrew.holway at gmail.com>
>> wrote:
>>
>> One of our FreeIPA replicas had its filesystem hosed so we want to remove
>>> it. Can someone show me the sequence of commands to remove a down
>>> replica?
>>>
>>> Thanks,
>>>
>>> Andrew
>>>
>>>
>>>
>>> [root at freeipa-prod-a-033 centos]# ipa-replica-manage list
>>>
>>> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
>>>
>>> freeipa-prod-a-031.cloud.foo.com: master
>>>
>>> freeipa-prod-a-033.cloud.foo.com: master
>>>
>>> freeipa-prod-b-032.cloud.foo.com: master
>>>
>>> [root at freeipa-prod-a-033 centos]# ipa-replica-manage del --force
>>> freeipa-prod-a-031.foo.dcmn.com
>>>
>>> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
>>>
>>> 'freeipa-prod-a-033.cloud.foo.com' has no replication agreement for'
>>> freeipa-prod-a-031.cloud.dcmn.com'
>>>
>>>
> If freeipa-prod-a-031 is already uninstall, use also --cleanup option:
>
> ipa-replica-manage del --force --cleanup freeipa-prod-a-031.foo.dcmn.com
>
> -f, --force
> Ignore some types of errors, don't prompt when deleting a
> master
> -c, --cleanup
> When deleting a master with the --force flag, remove
> leftover references to an already deleted master.
> --
> Petr Vobornik
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151106/fa0e3a84/attachment.htm>
More information about the Freeipa-users
mailing list