I'm seeing what feels like a concurrency error. I'm in a cloud environment and
launching a group of instances which are all trying to join a domain at about
the same time via ipa-client-install. Some of these operations succeed, and
The error message on those that fail is that they failed to join the domain,
and the HTTP response was 500 instead of 200.
The Apache error_log file on the server, shows a python stack trace (which
unfortunately I can't reproduce in its entirety here), which culminates in the
complaint that a file (/var/run/httpd/ipa/clientcaches/<adminuser>@<domain>)
was not found. What it seems like is that multiple attempts to join the domain
from different hosts are stepping on one another.
I'm wondering if I am trying to do something that is not supported, or if I
have something misconfigured. I'm tempted to catch the error and retry after a
random interval (the output of the failing command indicates that it is rolling
back to the initial state) - that would be the easiest thing. But if this is
pointing to an underlying error on my part I'd rather fix it if possible.
Additional info in case it helps - I'm running RHEL7/FreeIPA4.2 on the servers
(two in a replication agreement). I'm running RHEL6/FreeIPA3.0 on the clients
(most recent attempt I tried to launch 7 instances, three of which failed).
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project