I know this is a 2.1 ticket, but the patch is probably also a solution of #1047 - a 2.0.5 bucket critical bug.
------------ When Directory Server operation is run right after the server restart the listening ports may not be opened yet. This makes the installation fail. This patch fixes this issue by waiting for both secure and insecure Directory Server ports to open after every restart. https://fedorahosted.org/freeipa/ticket/1076
>From 06c10624c26c365aaef547d726b7944915116d2b Mon Sep 17 00:00:00 2001 From: Martin Kosek <mko...@redhat.com> Date: Mon, 14 Mar 2011 17:56:17 +0100 Subject: [PATCH] Wait for Directory Server ports to open When Directory Server operation is run right after the server restart the listening ports may not be opened yet. This makes the installation fail. This patch fixes this issue by waiting for both secure and insecure Directory Server ports to open after every restart. https://fedorahosted.org/freeipa/ticket/1076 --- ipaserver/install/cainstance.py | 13 +------------ ipaserver/install/dsinstance.py | 1 + ipaserver/install/installutils.py | 32 ++++++++++++++++++++++++++++++++ 3 files changed, 34 insertions(+), 12 deletions(-) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index cb54747f5f38d3e836c4cdfc22f54cd65cd63c22..d0d528204fb1d672cf21cfa17a865524be74dd0c 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -690,18 +690,7 @@ class CAInstance(service.Service): def __restart_instance(self): try: self.restart() - # Wait until the dogtag webapp responds - while True: - try: - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - s.connect(('localhost', 9180)) - s.close() - break - except socket.error, e: - if e.errno == 111: # Connection refused - time.sleep(1) - else: - raise e + installutils.wait_for_open_ports('localhost', 9180, 300) except Exception: # TODO: roll back here? logging.critical("Failed to restart the certificate server. See the installation log for details.") diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 07e15cdf0f5a12bb7bc4bc6b4b6fb831a34984bd..dbe0173341ecbccd5e54bce3532c41b5343e7f6d 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -412,6 +412,7 @@ class DsInstance(service.Service): if not is_ds_running(): logging.critical("Failed to restart the directory server. See the installation log for details.") sys.exit(1) + installutils.wait_for_open_ports('localhost', [389, 636], 300) except SystemExit, e: raise e except Exception, e: diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py index 9f4bd615b7159bbbccf651f128b145c51e29caf4..396d7c370fc6254de7727cff057ecedb4889bdb4 100644 --- a/ipaserver/install/installutils.py +++ b/ipaserver/install/installutils.py @@ -28,6 +28,7 @@ import sys import struct import fcntl import netaddr +import time from ipapython import ipautil from ipapython import dnsclient @@ -386,3 +387,34 @@ def create_keytab(path, principal): kadmin("ktadd -k " + path + " " + principal) +def wait_for_open_ports(host, ports, timeout=0): + """ + Wait until the specified port(s) on the remote host are open. Timeout + in seconds may be specified to limit the wait. + """ + if not isinstance(ports, (tuple, list)): + ports = [ports] + + op_timeout = time.time() + timeout + ipv6_failover = False + + for port in ports: + while True: + try: + if ipv6_failover: + s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM) + else: + s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + s.connect((host, port)) + s.close() + break; + except socket.error, e: + if e.errno == 111: # 111: Connection refused + if timeout and time.time() > op_timeout: # timeout exceeded + raise e + time.sleep(1) + elif not ipv6_failover: # fallback to IPv6 connection + ipv6_failover = True + else: + raise e + -- 1.7.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
