I have been playing with the topology related patches and I have
encountered a few issues that I would like to address in this thread:
1.) When replica install for whatever reason crashes _after_ the setup
of replication agreements etc., it leaves the topology plugin with
dangling segment pointing to the dysfunctional node. An attempt to
delete it leads to:
ipa: ERROR: Server is unwilling to perform: Removal of Segment
disconnects topology.Deletion not allowed.
And you cannot reinstall the crashed replica because it complains about
existing replication agreements. It would probably help to be able to
force-remove the segments if one of the endpoints doesn't exist/respond.
2.) I was not able to figure out a way remove replica from the topology
without explosions or tampering 'cn=masters,cn=ipa,cn=etc,$SUFFIX'.
Obviously ipa-replica-manage del doesn't work anymore (I have tried just
for fun, it leads to SIGSEGV of the host's dirsrv and leaves dangling
segments to offending replica, leading to point 1).
I managed to remove replica from the topology only by directly
uninstalling FreeIPA on the node and then deleting its' host entry from
'cn=masters'. Only after this was the plugin able to automagically
removed the segments pointing to/from removed node.
The design page suggests that it should be enough to uninstall IPA
server on the replica. The plugin would then pick-up the dangling
segments and remove them automatically. However, this behavior seems to
require additional modification of the uninstall procedure (e.g. the
uninstalling replica should remove its' entry from cn=masters).
3.) It seems that the removal of topology suffixes containing
functioning segments is not handled well. I once tried to do this and it
led to segmentation fault on the dirsrv instance. What is the expected
behavior in this scenario?
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code