[Freeipa-users] Free IPA Client in Docker
Martin Kosek
mkosek at redhat.com
Fri Apr 29 09:40:40 UTC 2016
On 04/28/2016 08:14 PM, Hosakote Nagesh, Pawan wrote:
> Hi,
> I am planning to deploy FreeIPA Client in a docker where my Apps are
> running. However I hit a road block as there seems to be problem with the
> docker’s hostname settings
> In DNS records.
CCing Jan on this one. Did you try to use SSSD Docker container we already have
instead?
https://hub.docker.com/r/fedora/sssd/
https://www.adelton.com/docs/docker/fedora-sssd-container
Martin
> Debug Log
> ———————
>
> ipa-client-install --hostname=`hostname -f` --mkhomedir -N --force-join —debug
>
> .
>
> .
>
> .
>
> .
>
> debug
>
> zone phx01.eaz.ebayc3.com.
>
> update delete </docker/_container_fqdn>. IN A
>
> show
>
> send
>
> update add </docker/_container_fqdn>. 1200 IN A 172.17.0.3
>
> show
>
> send
>
>
> Starting external process
>
> args=/usr/bin/nsupdate -g /etc/ipa/.dns_update.txt
>
> Process execution failed
>
> Traceback (most recent call last):
>
> File "/usr/sbin/ipa-client-install", line 2603, in <module>
>
> sys.exit(main())
>
> File "/usr/sbin/ipa-client-install", line 2584, in main
>
> rval = install(options, env, fstore, statestore)
>
> File "/usr/sbin/ipa-client-install", line 2387, in install
>
> client_dns(cli_server[0], hostname, options.dns_updates)
>
> File "/usr/sbin/ipa-client-install", line 1423, in client_dns
>
> update_dns(server, hostname)
>
> File "/usr/sbin/ipa-client-install", line 1410, in update_dns
>
> if do_nsupdate(update_txt):
>
> File "/usr/sbin/ipa-client-install", line 1346, in do_nsupdate
>
> ipautil.run(['/usr/bin/nsupdate', '-g', UPDATE_FILE])
>
> File "/usr/lib/python2.7/dist-packages/ipapython/ipautil.py", line 303, in run
>
> close_fds=True, env=env, cwd=cwd)
>
> File "/usr/lib/python2.7/subprocess.py", line 710, in __init__
>
> errread, errwrite)
>
> File "/usr/lib/python2.7/subprocess.py", line 1327, in _execute_child
>
> raise child_exception
>
> OSError: [Errno 2] No such file or directory
>
>
>
> As a Follow up question I also wanted to know why is absolutely necessary for
> Kerberos Client to have hostname? Wont Client initiate the connection and
> FreeIPA server can take it from there.
> If so what is the need of FQDN for FreeIPA client at all?
>
> -
> Best,
> Pawan
>
>
More information about the Freeipa-users
mailing list