https://bugzilla.redhat.com/show_bug.cgi?id=826677 (Red Hat Enterprise Linux 6)
Description of problem: Cannot remove disconnected host data in order to uninstall/reinstall a replica for re-connecting it to a domain. Initial topology: (simple triangle) 2 - 3 \ / 1 # on host1: ipa-replica-manage disconnect host1 host2 ipa-replica-manage del host3 # not sure if this one is relevant here # on host2: ipa-server-install --uninstall -U # on host1: ipa-replica-prepare -p $ADMINPW --ip-address=$HOST2_IP $HOST2 # on host2: sftp root@$HOST1:/var/lib/ipa/replica-info-$HOST2.gpg ipa-replica-install -U --setup-dns --forwarder=$DNSFORWARD -w $ADMINPW -p $ADMINPW /dev/shm/replica-info-$HOST2.gpg ... The host qe-blade-04.testrelm.com already exists on the master server. Depending on your configuration, you may perform the following: Remove the replication agreement, if any: % ipa-replica-manage del qe-blade-04.testrelm.com Remove the host entry: % ipa host-del qe-blade-04.testrelm.com # on host1: ipa-replica-manage del $HOST2 '$HOST1' has no replication agreement for '$HOST2' ipa host-del $HOST2 ipa: ERROR: invalid 'hostname': An IPA master host cannot be deleted or disabled Version-Release number of selected component (if applicable): ipa-server-2.2.0-16.el6.x86_64 How reproducible: very if not always Steps to Reproduce: 1. <setup rhel6.3 IPA master and 2 replicas> # on host1: 2. ipa-replica-manage disconnect $HOST1 $HOST2 3. ipa-replica-manage del $HOST3 # on host2: 4. ipa-server-install --uninstall -U # on host1: 5. ipa-replica-prepare -p $ADMINPW --ip-address=$HOST2_IP $HOST2 # on host2: 6. cd /dev/shm; sftp root@$HOST1:/var/lib/ipa/replica-info-$HOST2.gpg 7. ipa-replica-install -U --setup-dns --forwarder=$DNSFORWARD -w $ADMINPW -p $ADMINPW /dev/shm/replica-info-$HOST2.gpg Actual results: # on host2 ipa-replica-install fails: ... The host qe-blade-04.testrelm.com already exists on the master server. Depending on your configuration, you may perform the following: Remove the replication agreement, if any: % ipa-replica-manage del qe-blade-04.testrelm.com Remove the host entry: % ipa host-del qe-blade-04.testrelm.com # on host1: ipa-replica-manage del $HOST2 '$HOST1' has no replication agreement for '$HOST2' ipa host-del $HOST2 ipa: ERROR: invalid 'hostname': An IPA master host cannot be deleted or disabled Expected results: ipa-replica-manage or ipa host-del should be able to forcibly remove data to allow a reconnect or ipa-replica-install should provide a way to reconnect if possible. Additional info:
Isn't this fixable with: 'ipa-replica-manage del --force $HOST2' ?
I think this is a procedural problem.
You did an ipa-replica-manage del for host3, but never for host2, yet you uninstalled on host2. As far as the remaining IPA server (host1) knows, host2 is still there just perhaps unreachable. This is why trying to re-install fails.
If you do a: ipa-replica-manage del host2 --force on host1 then you should be able to re-install it.
With the connection between 1 and 2 gone and host3 deleted there would be no way to communicate anything happening on host2 back to host1, so I don't think there is much we can do.
I'm not able to reproduce, asked Scott to try again. This is a rather confusing scenario, it is also possible I'm not doing something right.
Using Scott's updated instructions I was able to reproduce it.
You start with a topology like this:
A / \ B C
You add a link from B to C to get:
A / \ B-----C
Then you delete the link from A to C, leaving you with:
A / B-----C
If you try to delete server B you'll orphan A and C and leave the cn=masters entry because replication is disconnected.
What we need to do is connect to A and C and see if B is the last connection and if so, prevent its removal.
attachment freeipa-rcrit-1050-replicaorphan.patch
master: f695f79[[BR]] ipa-3-0: 68086f8
Metadata Update from @dpal: - Issue assigned to rcritten - Issue set to the milestone: FreeIPA 3.0 RC1
Login to comment on this ticket.