Re: [Freeipa-devel] [PATCH 0254] Server Upgrade: Wait until DS is ready after restart
On Mon, May 25, 2015 at 08:13:35AM +0200, Jan Cholasta wrote: > Dne 22.5.2015 v 15:53 Petr Vobornik napsal(a): > >On 05/21/2015 03:16 PM, Fraser Tweedale wrote: > >>On Thu, May 21, 2015 at 01:38:43PM +0200, Martin Basti wrote: > >>>This patch should fix following traceback. > >>> > >>>2015-05-20T03:50:41Z ERROR Upgrade failed with cannot connect to > >>>'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': > >>>2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): > >>> File > >>>"/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", > >>>line 304, in __upgrade > >>> ld = ldapupdate.LDAPUpdate(dm_password='', ldapi=True) > >>> File > >>>"/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", > >>>line 314, in __init__ > >>> self.create_connection() > >>> File > >>>"/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", > >>>line 862, in create_connection > >>> autobind=self.ldapi) > >>> File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line > >>>66, in connect > >>> conn = self.create_connection(*args, **kw) > >>> File > >>>"/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line > >>>188, in create_connection > >>> client_controls=clientctrls) > >>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line > >>>1074, in external_bind > >>> '', auth_tokens, server_controls, client_controls) > >>> File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ > >>> self.gen.throw(type, value, traceback) > >>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line > >>>976, in error_handler > >>> error=info) > >>>NetworkError: cannot connect to > >>>'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': > >>> > >>>2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): > >>> File > >>>"/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line > >>>388, in start_creation > >>> run_step(full_msg, method) > >>> File > >>>"/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line > >>>378, in run_step > >>> method() > >>> File > >>>"/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", > >>>line 315, in __upgrade > >>> raise RuntimeError(e) > >>>RuntimeError: cannot connect to > >>>'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': > >>> > >>>Reason was the ipa-server-install tried to connect before DS was ready. > >>> > >>>The patch adds waiting until DS is ready. > >>> > >>>Patch attached. > >>> > >>>Fraser can you please check if this fix works? I can't reproduce it. > >>>Thank you, Martin^2. > >>> > >>ACK; fixes the issue for me. > >> > >>One minor comment: > >> > >>>+def __start(self): > >>>+super(IPAUpgrade, self).start() > >>> > >>> def __stop_instance(self): > >>> """Stop only the main DS instance""" > >>>@@ -187,7 +185,7 @@ class IPAUpgrade(service.Service): > >>> self.step("saving configuration", self.__save_config) > >>> self.step("disabling listeners", self.__disable_listeners) > >>> self.step("enabling DS global lock", > >>>self.__enable_ds_global_write_lock) > >>>-self.step("starting directory server", self.__start_nowait) > >>>+self.step("starting directory server", self.__start) > >> > >>I think you can just say `self.start' and remove `__start' function. > >> > >>Cheers, > >>Fraser > >> > > > >Pushed to master: 3d17bf8e639616893d6937d98662ccc7541d1e23 > > This semi-breaks ipa-server-install for me: > > Configuring directory server (dirsrv): Estimated time 1 minute > [1/38]: creating directory server user > [2/38]: creating directory server instance > ipa : CRITICAL Failed to restart the directory server ([Errno 2] No > such file or directory). See the installation log for details. > [3/38]: adding default schema > [4/38]: enabling memberof plugin > > It would be nice to check if the socket exists before waiting for it. > This (non-catastrophic but annoying) regression occurred for me too. I wasn't paying enough attention to ipa-server-install before I ACKed the patch :/ > -- > Jan Cholasta -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0254] Server Upgrade: Wait until DS is ready after restart
Dne 22.5.2015 v 15:53 Petr Vobornik napsal(a): On 05/21/2015 03:16 PM, Fraser Tweedale wrote: On Thu, May 21, 2015 at 01:38:43PM +0200, Martin Basti wrote: This patch should fix following traceback. 2015-05-20T03:50:41Z ERROR Upgrade failed with cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': 2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 304, in __upgrade ld = ldapupdate.LDAPUpdate(dm_password='', ldapi=True) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 314, in __init__ self.create_connection() File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 862, in create_connection autobind=self.ldapi) File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 66, in connect conn = self.create_connection(*args, **kw) File "/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line 188, in create_connection client_controls=clientctrls) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1074, in external_bind '', auth_tokens, server_controls, client_controls) File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 976, in error_handler error=info) NetworkError: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': 2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 388, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 378, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 315, in __upgrade raise RuntimeError(e) RuntimeError: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': Reason was the ipa-server-install tried to connect before DS was ready. The patch adds waiting until DS is ready. Patch attached. Fraser can you please check if this fix works? I can't reproduce it. Thank you, Martin^2. ACK; fixes the issue for me. One minor comment: +def __start(self): +super(IPAUpgrade, self).start() def __stop_instance(self): """Stop only the main DS instance""" @@ -187,7 +185,7 @@ class IPAUpgrade(service.Service): self.step("saving configuration", self.__save_config) self.step("disabling listeners", self.__disable_listeners) self.step("enabling DS global lock", self.__enable_ds_global_write_lock) -self.step("starting directory server", self.__start_nowait) +self.step("starting directory server", self.__start) I think you can just say `self.start' and remove `__start' function. Cheers, Fraser Pushed to master: 3d17bf8e639616893d6937d98662ccc7541d1e23 This semi-breaks ipa-server-install for me: Configuring directory server (dirsrv): Estimated time 1 minute [1/38]: creating directory server user [2/38]: creating directory server instance ipa : CRITICAL Failed to restart the directory server ([Errno 2] No such file or directory). See the installation log for details. [3/38]: adding default schema [4/38]: enabling memberof plugin It would be nice to check if the socket exists before waiting for it. -- Jan Cholasta -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0254] Server Upgrade: Wait until DS is ready after restart
On 05/21/2015 03:16 PM, Fraser Tweedale wrote: On Thu, May 21, 2015 at 01:38:43PM +0200, Martin Basti wrote: This patch should fix following traceback. 2015-05-20T03:50:41Z ERROR Upgrade failed with cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': 2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 304, in __upgrade ld = ldapupdate.LDAPUpdate(dm_password='', ldapi=True) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 314, in __init__ self.create_connection() File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 862, in create_connection autobind=self.ldapi) File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 66, in connect conn = self.create_connection(*args, **kw) File "/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line 188, in create_connection client_controls=clientctrls) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1074, in external_bind '', auth_tokens, server_controls, client_controls) File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 976, in error_handler error=info) NetworkError: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': 2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 388, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 378, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 315, in __upgrade raise RuntimeError(e) RuntimeError: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': Reason was the ipa-server-install tried to connect before DS was ready. The patch adds waiting until DS is ready. Patch attached. Fraser can you please check if this fix works? I can't reproduce it. Thank you, Martin^2. ACK; fixes the issue for me. One minor comment: +def __start(self): +super(IPAUpgrade, self).start() def __stop_instance(self): """Stop only the main DS instance""" @@ -187,7 +185,7 @@ class IPAUpgrade(service.Service): self.step("saving configuration", self.__save_config) self.step("disabling listeners", self.__disable_listeners) self.step("enabling DS global lock", self.__enable_ds_global_write_lock) -self.step("starting directory server", self.__start_nowait) +self.step("starting directory server", self.__start) I think you can just say `self.start' and remove `__start' function. Cheers, Fraser Pushed to master: 3d17bf8e639616893d6937d98662ccc7541d1e23 -- Petr Vobornik -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0254] Server Upgrade: Wait until DS is ready after restart
On Thu, May 21, 2015 at 01:38:43PM +0200, Martin Basti wrote: > This patch should fix following traceback. > > 2015-05-20T03:50:41Z ERROR Upgrade failed with cannot connect to > 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': > 2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): > File > "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line > 304, in __upgrade > ld = ldapupdate.LDAPUpdate(dm_password='', ldapi=True) > File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", > line 314, in __init__ > self.create_connection() > File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", > line 862, in create_connection > autobind=self.ldapi) > File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 66, in > connect > conn = self.create_connection(*args, **kw) > File "/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line > 188, in create_connection > client_controls=clientctrls) > File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1074, in > external_bind > '', auth_tokens, server_controls, client_controls) > File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ > self.gen.throw(type, value, traceback) > File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 976, in > error_handler > error=info) > NetworkError: cannot connect to > 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': > > 2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): > File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line > 388, in start_creation > run_step(full_msg, method) > File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line > 378, in run_step > method() > File > "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line > 315, in __upgrade > raise RuntimeError(e) > RuntimeError: cannot connect to > 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': > > Reason was the ipa-server-install tried to connect before DS was ready. > > The patch adds waiting until DS is ready. > > Patch attached. > > Fraser can you please check if this fix works? I can't reproduce it. > Thank you, Martin^2. > ACK; fixes the issue for me. One minor comment: > +def __start(self): > +super(IPAUpgrade, self).start() > > def __stop_instance(self): > """Stop only the main DS instance""" > @@ -187,7 +185,7 @@ class IPAUpgrade(service.Service): > self.step("saving configuration", self.__save_config) > self.step("disabling listeners", self.__disable_listeners) > self.step("enabling DS global lock", > self.__enable_ds_global_write_lock) > -self.step("starting directory server", self.__start_nowait) > +self.step("starting directory server", self.__start) I think you can just say `self.start' and remove `__start' function. Cheers, Fraser -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
[Freeipa-devel] [PATCH 0254] Server Upgrade: Wait until DS is ready after restart
This patch should fix following traceback. 2015-05-20T03:50:41Z ERROR Upgrade failed with cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': 2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 304, in __upgrade ld = ldapupdate.LDAPUpdate(dm_password='', ldapi=True) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 314, in __init__ self.create_connection() File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 862, in create_connection autobind=self.ldapi) File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 66, in connect conn = self.create_connection(*args, **kw) File "/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line 188, in create_connection client_controls=clientctrls) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1074, in external_bind '', auth_tokens, server_controls, client_controls) File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 976, in error_handler error=info) NetworkError: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': 2015-05-20T03:50:41Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 388, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 378, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 315, in __upgrade raise RuntimeError(e) RuntimeError: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-IPA-LOCAL.socket': Reason was the ipa-server-install tried to connect before DS was ready. The patch adds waiting until DS is ready. Patch attached. Fraser can you please check if this fix works? I can't reproduce it. Thank you, Martin^2. From 3183fc490d9615fada1dcc9069eb1303e9e61be8 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Thu, 21 May 2015 13:25:10 +0200 Subject: [PATCH] Server Upgrade: wait until DS is ready During server upgrade we should wait until DS is ready after restart, otherwise connection error is raised. Instead of 389 port, the DS socket is checked. https://fedorahosted.org/freeipa/ticket/4904 --- ipaplatform/redhat/services.py | 14 ++ ipaserver/install/upgradeinstance.py | 8 +++- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/ipaplatform/redhat/services.py b/ipaplatform/redhat/services.py index d6fa080add35cb5aafb2b347dc5fb6e84cc3e4e8..565bf1fdef27e9a780ad2e2638b5051a95782bd2 100644 --- a/ipaplatform/redhat/services.py +++ b/ipaplatform/redhat/services.py @@ -153,6 +153,20 @@ class RedHatDirectoryService(RedHatService): super(RedHatDirectoryService, self).restart(instance_name, capture_output=capture_output, wait=wait) +def wait_for_open_ports(self, instance_name=""): +if instance_name.endswith('.service'): +instance_name = instance_name[:-8] +if instance_name.startswith('dirsrv@'): +instance_name = instance_name[7:] + +if instance_name: + +ipautil.wait_for_open_socket( +paths.SLAPD_INSTANCE_SOCKET_TEMPLATE % instance_name, +self.api.env.startup_timeout) +else: +super(RedHatDirectoryService, self).wait_for_open_ports() + class RedHatIPAService(RedHatService): # Enforce restart of IPA services when we do enable it diff --git a/ipaserver/install/upgradeinstance.py b/ipaserver/install/upgradeinstance.py index 2540df60f1c14b99dbd5b9cdd12d7590edc1bd32..d58c934bc1bd926c0c0c068086c746ac28e8c737 100644 --- a/ipaserver/install/upgradeinstance.py +++ b/ipaserver/install/upgradeinstance.py @@ -171,10 +171,8 @@ class IPAUpgrade(service.Service): self.schema_files = schema_files self.realm = realm_name -def __start_nowait(self): -# Don't wait here because we've turned off port 389. The connection -# we make will wait for the socket. -super(IPAUpgrade, self).start(wait=False) +def __start(self): +super(IPAUpgrade, self).start() def __stop_instance(self): """Stop only the main DS instance""" @@ -187,7 +185,7 @@ class IPAUpgrade(service.Service): self.step("saving configuration", self.__save_config) self.step("disabling listeners", self.__disable_listeners) self.step("enabling DS global lock", self.__enable_ds_global_write_lock) -self.step("starting directory server", self.__start_nowait) +self.step("starting directory server", self.__start) if self.schema_files: self.step("updating schema", self.__update_schema) self.step("upgrading server", s