John,

I didn't noticed that you're using adelton's repository.
Could you try more recent image from the official docker hub (/r/freeipa
instead of /r/adelton)?
https://hub.docker.com/r/freeipa/freeipa-server/


On Mon, Jul 24, 2017 at 4:40 PM, John Morris via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:

> (Apologies for previously sending off-list, Felipe.)
>
> Sure:
>
>     docker run \
>     --rm \
>     --interactive \
>     --restart=no \
>     --hostname=h01.example.com \
>     --security-opt=seccomp=unconfined \
>     --name=ipa \
>     --volume=/media/freeipa:/data \
>     --volume=/media/state:/media/state \
>     --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro \
>     --env=IPA_SERVER_IP=1.2.3.4 \
>     --add-host=h01.example.com:1.2.3.4 \
>     --publish=80:80 \
>     --publish=443:443 \
>     --publish=53:53 \
>     --publish=53:53/udp \
>     --publish=389:389 \
>     --publish=636:636 \
>     --publish=88:88 \
>     --publish=88:88/udp \
>     --publish=464:464 \
>     --publish=464:464/udp \
>     adelton/freeipa-server:centos-7
>
> Thanks-
>
>     John
>
>
>
> On 07/24/2017 01:29 PM, Felipe Barreto Volpone wrote:
>
>> Hi John,
>>
>> could you share the command you have run to setup the ipa server?
>>
>> On Mon, Jul 24, 2017 at 3:12 PM, John Morris via FreeIPA-users
>> <freeipa-users@lists.fedorahosted.org
>> <mailto:freeipa-users@lists.fedorahosted.org>> wrote:
>>
>>     Running FreeIPA out of Docker (`adelton/freeipa-server:centos-7`
>>     image), `ipa-replica-install` hangs at `[29/44]: setting up initial
>>     replication`.  The `ipa-server-configure-first.log` (debug output
>>     enabled) is pasted in the below gist, plus output of `journalctl
>>     -xe` from within the container.
>>
>>     https://gist.github.com/zultron/6f9aeb47d304c7bcab93d023e36484ba
>>     <https://gist.github.com/zultron/6f9aeb47d304c7bcab93d023e36484ba>
>>
>>     The options to `ipa-replica-install` look like this:
>>
>>         --unattended
>>         --principal=admin
>>         --admin-password=redacted
>>         --server=h01.example.com <http://h01.example.com>
>>         --hostname=h11.example.com <http://h11.example.com>
>>         --realm=EXAMPLE.COM <http://EXAMPLE.COM>
>>         --domain=example.com <http://example.com>
>>         --setup-ca
>>         --setup-dns
>>         --no-reverse
>>         --no-forwarders
>>         --no-host-dns
>>         --no-ntp
>>         --no-ui-redirect
>>         --allow-zone-overlap
>>         --debug
>>         --skip-conncheck
>>
>>     The docker command looks like this:
>>
>>         docker run \
>>             --rm \
>>             --interactive \
>>             --restart=no \
>>             --hostname=h11.example.com <http://h11.example.com> \
>>             --security-opt=seccomp=unconfined \
>>             --name=ipa \
>>             --volume=/media/freeipa:/data \
>>             --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro \
>>             --env=IPA_SERVER_IP=2.3.4.5 \
>>             --env=KRB5_TRACE=/dev/stdout \
>>             --add-host=h01.example.com:1 <http://h01.example.com:1>.2.3.4
>> \
>>             --publish=80:80 \
>>             --publish=443:443 \
>>             --publish=53:53 \
>>             --publish=53:53/udp \
>>             --publish=389:389 \
>>             --publish=636:636 \
>>             --publish=88:88 \
>>             --publish=88:88/udp \
>>             --publish=464:464 \
>>             --publish=464:464/udp \
>>             adelton/freeipa-server:centos-7 \
>>             ipa-replica-install
>>
>>     I'm starting to track this down starting from
>>     `ipaserver/install/dsinstance.py`, `__setup_replica()`, but I'd
>>     really appreciate suggestions.  Thanks-
>>
>>             John
>>     _______________________________________________
>>     FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
>>     <mailto:freeipa-users@lists.fedorahosted.org>
>>     To unsubscribe send an email to
>>     freeipa-users-le...@lists.fedorahosted.org
>>     <mailto:freeipa-users-le...@lists.fedorahosted.org>
>>
>>
>> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to