On 04/28/2016 08:14 PM, Hosakote Nagesh, Pawan wrote:
> Hi,
>       I am planning to deploy FreeIPA Client in a docker where my Apps are
> running. However I hit a road block as there seems to be problem with the
> docker’s hostname settings
> In DNS records.  

CCing Jan on this one. Did you try to use SSSD Docker container we already have
instead?

https://hub.docker.com/r/fedora/sssd/
https://www.adelton.com/docs/docker/fedora-sssd-container

Martin

> Debug Log
> ———————
> 
> ipa-client-install --hostname=`hostname -f` --mkhomedir -N --force-join 
> —debug 
> 
> .
> 
> .
> 
> .
> 
> .
> 
> debug
> 
> zone phx01.eaz.ebayc3.com.
> 
> update delete </docker/_container_fqdn>. IN A
> 
> show
> 
> send
> 
> update add </docker/_container_fqdn>. 1200 IN A 172.17.0.3
> 
> show
> 
> send
> 
> 
> Starting external process
> 
> args=/usr/bin/nsupdate -g /etc/ipa/.dns_update.txt
> 
> Process execution failed
> 
> Traceback (most recent call last):
> 
>   File "/usr/sbin/ipa-client-install", line 2603, in <module>
> 
>     sys.exit(main())
> 
>   File "/usr/sbin/ipa-client-install", line 2584, in main
> 
>     rval = install(options, env, fstore, statestore)
> 
>   File "/usr/sbin/ipa-client-install", line 2387, in install
> 
>     client_dns(cli_server[0], hostname, options.dns_updates)
> 
>   File "/usr/sbin/ipa-client-install", line 1423, in client_dns
> 
>     update_dns(server, hostname)
> 
>   File "/usr/sbin/ipa-client-install", line 1410, in update_dns
> 
>     if do_nsupdate(update_txt):
> 
>   File "/usr/sbin/ipa-client-install", line 1346, in do_nsupdate
> 
>     ipautil.run(['/usr/bin/nsupdate', '-g', UPDATE_FILE])
> 
>   File "/usr/lib/python2.7/dist-packages/ipapython/ipautil.py", line 303, in 
> run
> 
>     close_fds=True, env=env, cwd=cwd)
> 
>   File "/usr/lib/python2.7/subprocess.py", line 710, in __init__
> 
>     errread, errwrite)
> 
>   File "/usr/lib/python2.7/subprocess.py", line 1327, in _execute_child
> 
>     raise child_exception
> 
> OSError: [Errno 2] No such file or directory
> 
> 
> 
> As a Follow up question I also wanted to know why is absolutely necessary for
> Kerberos Client to have hostname? Wont Client initiate the connection and
> FreeIPA server can take it from there.
> If so what is the need of FQDN for FreeIPA client at all?
> 
> -
> Best,
> Pawan
> 
> 

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to