(Apologies for previously sending off-list, Felipe.)

Sure:

    docker run \
    --rm \
    --interactive \
    --restart=no \
    --hostname=h01.example.com \
    --security-opt=seccomp=unconfined \
    --name=ipa \
    --volume=/media/freeipa:/data \
    --volume=/media/state:/media/state \
    --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro \
    --env=IPA_SERVER_IP=1.2.3.4 \
    --add-host=h01.example.com:1.2.3.4 \
    --publish=80:80 \
    --publish=443:443 \
    --publish=53:53 \
    --publish=53:53/udp \
    --publish=389:389 \
    --publish=636:636 \
    --publish=88:88 \
    --publish=88:88/udp \
    --publish=464:464 \
    --publish=464:464/udp \
    adelton/freeipa-server:centos-7

Thanks-

    John



On 07/24/2017 01:29 PM, Felipe Barreto Volpone wrote:
Hi John,

could you share the command you have run to setup the ipa server?

On Mon, Jul 24, 2017 at 3:12 PM, John Morris via FreeIPA-users
<freeipa-users@lists.fedorahosted.org
<mailto:freeipa-users@lists.fedorahosted.org>> wrote:

    Running FreeIPA out of Docker (`adelton/freeipa-server:centos-7`
    image), `ipa-replica-install` hangs at `[29/44]: setting up initial
    replication`.  The `ipa-server-configure-first.log` (debug output
    enabled) is pasted in the below gist, plus output of `journalctl
    -xe` from within the container.

    https://gist.github.com/zultron/6f9aeb47d304c7bcab93d023e36484ba
    <https://gist.github.com/zultron/6f9aeb47d304c7bcab93d023e36484ba>

    The options to `ipa-replica-install` look like this:

        --unattended
        --principal=admin
        --admin-password=redacted
        --server=h01.example.com <http://h01.example.com>
        --hostname=h11.example.com <http://h11.example.com>
        --realm=EXAMPLE.COM <http://EXAMPLE.COM>
        --domain=example.com <http://example.com>
        --setup-ca
        --setup-dns
        --no-reverse
        --no-forwarders
        --no-host-dns
        --no-ntp
        --no-ui-redirect
        --allow-zone-overlap
        --debug
        --skip-conncheck

    The docker command looks like this:

        docker run \
            --rm \
            --interactive \
            --restart=no \
            --hostname=h11.example.com <http://h11.example.com> \
            --security-opt=seccomp=unconfined \
            --name=ipa \
            --volume=/media/freeipa:/data \
            --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro \
            --env=IPA_SERVER_IP=2.3.4.5 \
            --env=KRB5_TRACE=/dev/stdout \
            --add-host=h01.example.com:1 <http://h01.example.com:1>.2.3.4 \
            --publish=80:80 \
            --publish=443:443 \
            --publish=53:53 \
            --publish=53:53/udp \
            --publish=389:389 \
            --publish=636:636 \
            --publish=88:88 \
            --publish=88:88/udp \
            --publish=464:464 \
            --publish=464:464/udp \
            adelton/freeipa-server:centos-7 \
            ipa-replica-install

    I'm starting to track this down starting from
    `ipaserver/install/dsinstance.py`, `__setup_replica()`, but I'd
    really appreciate suggestions.  Thanks-

            John
    _______________________________________________
    FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
    <mailto:freeipa-users@lists.fedorahosted.org>
    To unsubscribe send an email to
    freeipa-users-le...@lists.fedorahosted.org
    <mailto:freeipa-users-le...@lists.fedorahosted.org>


_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to