On Sat, 2011-05-14 at 16:46 +0200, Sigbjorn Lie wrote:
> I've noticed that if the machine running IPA is very busy at startup,
> the IPA services will not be online when the machine is started.
> I noticed this is as my test virtualization host has had it's power cord
> knocked out a few times. When I restart the host machine, all the
> virtual machines is started at the same time, causing (a lot) higher
> than normal latency for each virtual machine.
> This causes the IPA daemons to start, while during the startup one or
> several IPA daemons fails due to dependencies of other daemons which is
> not started yet, and all the IPA daemons is stopped as not all the IPA
> daemons started successfully. I've noticed that the default behavior of
> the ipactl command is to shut down all the IPA daemons, if any of the
> IPA daemons should fail during startup.
> This can be seen in the logs of the individual services, as some is
> started successfully, just to receive a shutdown signal shortly after.
> It seem to be the pki-ca which shut down my IPA services this morning.
> When rebooting the virtual machine running the IPA daemons during normal
> load of the host machine, all the IPA daemons start successfully.
> Logging on to the IPA server and manually starting the IPA daemons after
> the load of the host machine has decreased also works.
> I suggest changing the startup scripts to allow (a lot) longer startup
> times for the IPA daemons prior to failing them.
At the moment we just run service <name> start and wait until it is
done. If the pki-cad service timeouts and returns an error I think we
need to open a bug against the dogtag component as that is the cause.
Can you open a bug in the freeipa trac with logs showing that service is
responsible for the failure ?
Simo Sorce * Red Hat, Inc * New York
Freeipa-users mailing list