I'm seeing what feels like a concurrency error.  I'm in a cloud environment and 
launching a group of instances which are all trying to join a domain at about 
the same time via ipa-client-install.  Some of these operations succeed, and 
others fail.

The error message on those that fail is that they failed to join the domain, 
and the HTTP response was 500 instead of 200.

The Apache error_log file on the server, shows a python stack trace (which 
unfortunately I can't reproduce in its entirety here), which culminates in the 
complaint that a file (/var/run/httpd/ipa/clientcaches/<adminuser>@<domain>) 
was not found.  What it seems like is that multiple attempts to join the domain 
from different hosts are stepping on one another.

I'm wondering if I am trying to do something that is not supported, or if I 
have something misconfigured.  I'm tempted to catch the error and retry after a 
random interval (the output of the failing command indicates that it is rolling 
back to the initial state) - that would be the easiest thing.  But if this is 
pointing to an underlying error on my part I'd rather fix it if possible.

Additional info in case it helps - I'm running RHEL7/FreeIPA4.2 on the servers 
(two in a replication agreement).  I'm running RHEL6/FreeIPA3.0 on the clients 
(most recent attempt I tried to launch 7 instances, three of which failed).  


Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to