This patch should fix following traceback.

2015-05-20T03:50:41Z ERROR Upgrade failed with cannot connect to 
'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket':
2015-05-20T03:50:41Z DEBUG Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", 
line 304, in __upgrade
    ld = ldapupdate.LDAPUpdate(dm_password='', ldapi=True)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 
314, in __init__
    self.create_connection()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 
862, in create_connection
    autobind=self.ldapi)
  File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 66, in connect
    conn = self.create_connection(*args, **kw)
  File "/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line 188, 
in create_connection
    client_controls=clientctrls)
  File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1074, in 
external_bind
    '', auth_tokens, server_controls, client_controls)
  File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__
    self.gen.throw(type, value, traceback)
  File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 976, in 
error_handler
    error=info)
NetworkError: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket':

2015-05-20T03:50:41Z DEBUG Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 
388, in start_creation
    run_step(full_msg, method)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 
378, in run_step
    method()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", 
line 315, in __upgrade
    raise RuntimeError(e)
RuntimeError: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket':

Reason was the ipa-server-install tried to connect before DS was ready.

The patch adds waiting until DS is ready.

Patch attached.

Fraser can you please check if this fix works? I can't reproduce it.
Thank you, Martin^2.

From 3183fc490d9615fada1dcc9069eb1303e9e61be8 Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Thu, 21 May 2015 13:25:10 +0200
Subject: [PATCH] Server Upgrade: wait until DS is ready

During server upgrade we should wait until DS is ready after restart, otherwise
connection error is raised.

Instead of 389 port, the DS socket is checked.

https://fedorahosted.org/freeipa/ticket/4904
---
 ipaplatform/redhat/services.py       | 14 ++++++++++++++
 ipaserver/install/upgradeinstance.py |  8 +++-----
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/ipaplatform/redhat/services.py b/ipaplatform/redhat/services.py
index d6fa080add35cb5aafb2b347dc5fb6e84cc3e4e8..565bf1fdef27e9a780ad2e2638b5051a95782bd2 100644
--- a/ipaplatform/redhat/services.py
+++ b/ipaplatform/redhat/services.py
@@ -153,6 +153,20 @@ class RedHatDirectoryService(RedHatService):
         super(RedHatDirectoryService, self).restart(instance_name,
             capture_output=capture_output, wait=wait)
 
+    def wait_for_open_ports(self, instance_name=""):
+        if instance_name.endswith('.service'):
+            instance_name = instance_name[:-8]
+        if instance_name.startswith('dirsrv@'):
+            instance_name = instance_name[7:]
+
+        if instance_name:
+
+            ipautil.wait_for_open_socket(
+                paths.SLAPD_INSTANCE_SOCKET_TEMPLATE % instance_name,
+                self.api.env.startup_timeout)
+        else:
+            super(RedHatDirectoryService, self).wait_for_open_ports()
+
 
 class RedHatIPAService(RedHatService):
     # Enforce restart of IPA services when we do enable it
diff --git a/ipaserver/install/upgradeinstance.py b/ipaserver/install/upgradeinstance.py
index 2540df60f1c14b99dbd5b9cdd12d7590edc1bd32..d58c934bc1bd926c0c0c068086c746ac28e8c737 100644
--- a/ipaserver/install/upgradeinstance.py
+++ b/ipaserver/install/upgradeinstance.py
@@ -171,10 +171,8 @@ class IPAUpgrade(service.Service):
         self.schema_files = schema_files
         self.realm = realm_name
 
-    def __start_nowait(self):
-        # Don't wait here because we've turned off port 389. The connection
-        # we make will wait for the socket.
-        super(IPAUpgrade, self).start(wait=False)
+    def __start(self):
+        super(IPAUpgrade, self).start()
 
     def __stop_instance(self):
         """Stop only the main DS instance"""
@@ -187,7 +185,7 @@ class IPAUpgrade(service.Service):
         self.step("saving configuration", self.__save_config)
         self.step("disabling listeners", self.__disable_listeners)
         self.step("enabling DS global lock", self.__enable_ds_global_write_lock)
-        self.step("starting directory server", self.__start_nowait)
+        self.step("starting directory server", self.__start)
         if self.schema_files:
             self.step("updating schema", self.__update_schema)
         self.step("upgrading server", self.__upgrade)
-- 
2.1.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to