I've noticed that if the machine running IPA is very busy at startup,
the IPA services will not be online when the machine is started.
I noticed this is as my test virtualization host has had it's power cord
knocked out a few times. When I restart the host machine, all the
virtual machines is started at the same time, causing (a lot) higher
than normal latency for each virtual machine.
This causes the IPA daemons to start, while during the startup one or
several IPA daemons fails due to dependencies of other daemons which is
not started yet, and all the IPA daemons is stopped as not all the IPA
daemons started successfully. I've noticed that the default behavior of
the ipactl command is to shut down all the IPA daemons, if any of the
IPA daemons should fail during startup.
This can be seen in the logs of the individual services, as some is
started successfully, just to receive a shutdown signal shortly after.
It seem to be the pki-ca which shut down my IPA services this morning.
When rebooting the virtual machine running the IPA daemons during normal
load of the host machine, all the IPA daemons start successfully.
Logging on to the IPA server and manually starting the IPA daemons after
the load of the host machine has decreased also works.
I suggest changing the startup scripts to allow (a lot) longer startup
times for the IPA daemons prior to failing them.
Rgds,
Siggi
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
