Re: Unable to promote a replica

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Using that method, I was able to promote my consumer. Thanks again.

Today, I tried (and failed) to disable replication on a consumer. Either I don't understand how to disable replication (which is entirely possible), or the replication-disabling-function of the scripts is also broken.

When done with cockpit, using the red "Disable" button on the Replication screen seems to kill the instance of directory without affecting its replication status. Replication is still enabled when I restart the instance.

When I tried to disable with dsconf, I got similar results. The directory stops, but replication is still enabled when I restart it.

I ran:

dsconf -v -D "cn=Directory Manager" ldap://localhost:1389 replication disable --suffix o=foo.bar.com

and the instance listening on port 1389 disappeared, and the error log contained:

[03/Aug/2021:15:15:24.090599240 -0800] - DEBUG - PBKDF2_SHA256 - Comparing password
[03/Aug/2021:15:15:24.136930743 -0800] - DEBUG - replication - copy_operation_parameters - replica is null.
[03/Aug/2021:15:15:24.139180666 -0800] - WARN - NSMMReplicationPlugin - replica_config_delete - The changelog for replica o=foo.bar.com is no longer valid since the replica config is being deleted.  Removing the changelog.

and the output of dsconf was:

DEBUG: The 389 Directory Server Configuration Tool
DEBUG: Inspired by works of: ITS, The University of Adelaide
DEBUG: dsrc path: /root/.dsrc
DEBUG: dsrc container path: /data/config/container.inf
DEBUG: dsrc instances: []
DEBUG: dsrc no such section: slapd-ldap://localhost:1389
DEBUG: Called with: Namespace(basedn=None, binddn='cn=Directory Manager', bindpw=None, func=<function disable_replication at 0x7f1b96485a60>, instance='ldap://localhost:1389', json=False, prompt=False, pwdfile=None, starttls=False, suffix='o=foo.bar.com', verbose=True)
DEBUG: Instance details: {'uri': 'ldap://localhost:1389', 'basedn': None, 'binddn': 'cn=Directory Manager', 'bindpw': None, 'saslmech': None, 'tls_cacertdir': None, 'tls_cert': None, 'tls_key': None, 'tls_reqcert': None, 'starttls': False, 'prompt': False, 'pwdfile': None, 'args': {'ldapurl': 'ldap://localhost:1389', 'root-dn': 'cn=Directory Manager'}}
DEBUG: SER_SERVERID_PROP not provided, assuming non-local instance
DEBUG: Allocate <class 'lib389.DirSrv'> with ldap://localhost:1389
DEBUG: Allocate <class 'lib389.DirSrv'> with server1.foo.bar.com:389
DEBUG: Allocate <class 'lib389.DirSrv'> with server1.foo.bar.com:389
Enter password for cn=Directory Manager on ldap://localhost:1389:
DEBUG: SER_SERVERID_PROP not provided, assuming non-local instance
DEBUG: Allocate <class 'lib389.DirSrv'> with ldap://localhost:1389
DEBUG: Allocate <class 'lib389.DirSrv'> with server1.foo.bar.com:389
DEBUG: Allocate <class 'lib389.DirSrv'> with server1.foo.bar.com:389
DEBUG: open(): Connecting to uri ldap://localhost:1389
DEBUG: Using dirsrv ca certificate /etc/dirsrv/slapd-{instance_name}
DEBUG: Using external ca certificate /etc/dirsrv/slapd-{instance_name}
DEBUG: Using external ca certificate /etc/dirsrv/slapd-{instance_name}
DEBUG: Using /etc/openldap/ldap.conf certificate policy
DEBUG: ldap.OPT_X_TLS_REQUIRE_CERT = 2
DEBUG: open(): bound as cn=Directory Manager
DEBUG: Retrieving entry with [('',)]
DEBUG: Retrieved entry [dn:
vendorVersion: 389-Directory/1.4.4.16 B2021.175.1723

]
DEBUG: _gen_selector filter = (&(&(objectclass=nsds5Replica))(|(nsDS5ReplicaRoot=o=foo.bar.com)))
DEBUG: cn=replica,cn=o\3Dfoo.bar.com,cn=mapping tree,cn=config getVal('nsDS5ReplicaRoot')
DEBUG: list filter = (&(objectclass=nsds5replicationagreement))
DEBUG: list filter = (&(objectclass=nsDSWindowsReplicationAgreement))
DEBUG: cn=replica,cn=o\3Dfoo.bar.com,cn=mapping tree,cn=config delete
DEBUG: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}
Traceback (most recent call last):
  File "/sbin/dsconf", line 134, in <module>
    result = args.func(inst, None, log, args)
  File "/usr/lib/python3.6/site-packages/lib389/cli_conf/replication.py", line 236, in disable_replication
    replica.delete()
  File "/usr/lib/python3.6/site-packages/lib389/replica.py", line 1351, in delete
    return super(Replica, self).delete()
  File "/usr/lib/python3.6/site-packages/lib389/_mapped_object.py", line 825, in delete
    self._instance.delete_ext_s(self._dn, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
  File "/usr/lib/python3.6/site-packages/lib389/__init__.py", line 173, in inner
    return f(*args, **kwargs)
  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 562, in delete_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python3.6/site-packages/lib389/__init__.py", line 173, in inner
    return f(*args, **kwargs)
  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 767, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python3.6/site-packages/lib389/__init__.py", line 173, in inner
    return f(*args, **kwargs)
  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 774, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python3.6/site-packages/lib389/__init__.py", line 173, in inner
    return f(*args, **kwargs)
  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 340, in _ldap_call
    reraise(exc_type, exc_value, exc_traceback)
  File "/usr/lib64/python3.6/site-packages/ldap/compat.py", line 46, in reraise
    raise exc_value
  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 324, in _ldap_call
    result = func(*args,**kwargs)
ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}
ERROR: Error: -1 - Can't contact LDAP server - []



--
Do things because you should, not just because you can.

John Thurston    907-465-8591
John.Thurston@xxxxxxxxxx
Department of Administration
State of Alaska

On 8/2/2021 3:35 PM, Mark Reynolds wrote:
Looks like there might be some patch missing on the 1.4.4 branch because
dsconf should not be trying to create the changelog.
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux