Bug 1476531
| Summary: | ipa-replica-install does not create host A record | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Patrick Hemmer <bugzilla.redhat> | ||||
| Component: | freeipa | Assignee: | IPA Maintainers <ipa-maint> | ||||
| Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 25 | CC: | abokovoy, bugzilla.redhat, ipa-maint, jcholast, jhrozek, pvoborni, rcritten, ssorce, tkrizek | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2017-10-16 08:39:00 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
You are using --no-host-dns and --skip-conncheck which forces the installer to skip some DNS related checks and therefore might hide some environmental issues.
IPA adds A record if it cannot be resolved or IP address(es) are provided.
From the log it seems that the hostname was resolvable:
2017-07-27T21:54:24Z DEBUG Name fll2aipa02stg.ipa-stg.chewy.net resolved to set([UnsafeIPAddress('10.0.33.201')])
2017-07-27T21:54:24Z WARNING No network interface matches the IP address 10.0.33.201
So it didn't add anything but master most likely could not contact the replica.
You can run the installer with --ip-address option.
Alternative is first to install client and then promote it to replica.
We adjusted our install process to manually add the A record to the IPA DNS zone prior to running `ipa-replica-install` and it comes up perfectly fine. So it's not an issue with the master reaching the replica. I can try with `--ip-address`. Maybe that can be a substitute for manually creating the A record. Could you please also share ipa-client-install.log from the replica? It should contain the nsupdate command along with its output and may provide some insight. Also, do you have dynamic-update enabled for the IPA dnszone? You can check with $ ipa dnszone-mod example.com. --dynamic-update=TRUE and you should get an error saying no configuration was changed. Is the A record created for other clients you install? The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |
Created attachment 1306427 [details] ipareplica-install.log Description of problem: When running `ipa-replica-install` on a new host, the script does not create an A record for the host in the IPA DNS zone. This results in lookups for the host failing and the install script failing as well. Version-Release number of selected component (if applicable): 4.5.2 How reproducible: Every time Steps to Reproduce: 1. `ipa-replica-install` on a new host. Actual results: No A record for host added to IPA DNS zone. Expected results: An A record for host added to IPA DNS zone. Additional info: Install command used: ipa-replica-install --principal admin -w XXXX -n ipa-stg.chewy.net -r IPA-STG.CHEWY.NET --setup-dns --no-host-dns --setup-kra --mkhomedir --forwarder 10.0.2.10 --forwarder 10.0.2.11 --no-ntp --no-dnssec-validation -U --server=fll2aipa01stg.ipa-stg.chewy.net --setup-ca --skip-conncheck