Hi everyone,

I have been playing with the topology related patches and I have encountered a few issues that I would like to address in this thread:

1.) When replica install for whatever reason crashes _after_ the setup of replication agreements etc., it leaves the topology plugin with dangling segment pointing to the dysfunctional node. An attempt to delete it leads to:

ipa: ERROR: Server is unwilling to perform: Removal of Segment disconnects topology.Deletion not allowed.

And you cannot reinstall the crashed replica because it complains about existing replication agreements. It would probably help to be able to force-remove the segments if one of the endpoints doesn't exist/respond.

2.) I was not able to figure out a way remove replica from the topology without explosions or tampering 'cn=masters,cn=ipa,cn=etc,$SUFFIX'. Obviously ipa-replica-manage del doesn't work anymore (I have tried just for fun, it leads to SIGSEGV of the host's dirsrv and leaves dangling segments to offending replica, leading to point 1).

I managed to remove replica from the topology only by directly uninstalling FreeIPA on the node and then deleting its' host entry from 'cn=masters'. Only after this was the plugin able to automagically removed the segments pointing to/from removed node.

The design page suggests that it should be enough to uninstall IPA server on the replica. The plugin would then pick-up the dangling segments and remove them automatically. However, this behavior seems to require additional modification of the uninstall procedure (e.g. the uninstalling replica should remove its' entry from cn=masters).

3.) It seems that the removal of topology suffixes containing functioning segments is not handled well. I once tried to do this and it led to segmentation fault on the dirsrv instance. What is the expected behavior in this scenario?

Martin^3 Babinsky

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to