With --setup-dns, missing A records should not be hard error in case that A record will be added later (hostname belongs to IPA domain)
2016-06-16T09:50:50Z INFO Checking DNS domain ipa.test., please wait ... 2016-06-16T09:51:20Z WARNING DNS check for domain ipa.test. failed: The DNS operation timed out after 30.0002450943 seconds. 2016-06-16T09:51:50Z ERROR DNS query for master.ipa.test. A failed: The DNS operation timed out after 30.0005278587 seconds 2016-06-16T09:51:50Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 318, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 308, in run self.validate() .... File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 598, in install_check dns.install_check(False, api, False, options, host_name) File "/usr/lib/python2.7/site-packages/ipaserver/install/dns.py", line 260, in install_check True, options.ip_addresses) File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 463, in get_server_ip_address hostaddr = dnsutil.resolve_ip_addresses(host_name) File "/usr/lib/python2.7/site-packages/ipapython/dnsutil.py", line 328, in resolve_ip_addresses rrsets = resolve_rrsets(fqdn, ['A', 'AAAA']) File "/usr/lib/python2.7/site-packages/ipapython/dnsutil.py", line 305, in resolve_rrsets answer = dns.resolver.query(fqdn, rdtype) File "/usr/lib/python2.7/site-packages/dns/resolver.py", line 1029, in query raise_on_no_answer, source_port) File "/usr/lib/python2.7/site-packages/dns/resolver.py", line 949, in query timeout = self._compute_timeout(start) File "/usr/lib/python2.7/site-packages/dns/resolver.py", line 770, in _compute_timeout raise Timeout(timeout=duration) 2016-06-16T09:51:50Z DEBUG The ipa-server-install command failed, exception: Timeout: The DNS operation timed out after 30.0005278587 seconds 2016-06-16T09:51:50Z ERROR The DNS operation timed out after 30.0005278587 seconds 2016-06-16T09:51:50Z ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information
Broken in ipa-4-3 as well
In case that DNS server is not responding, this error is raised.
This regression is caused by commit dc40500 , before this commit IP adresses was resolved by using socket.getaddrinfo() which works without DNS (only proper /etc/hosts was enough)
Question is if current installation is broken, or the previous solution was workaround to DNS issues.
Also re-installation of DNS is broken due this: https://www.redhat.com/archives/freeipa-devel/2016-June/msg00693.html
We need to allow reinstall DNS, thus this is blocker. (patches were pushed to ipa-4-3, thus 4.3.2 blocker)
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1351140 (Red Hat Enterprise Linux 7)
master:
ipa-4-3:
One more corner case was not covered: We did not reinit DNS resolver so records created using --ip-address option might not be resolved. Patch is on list.
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1351276 (Red Hat Enterprise Linux 7)
Metadata Update from @mbasti: - Issue assigned to pspacek - Issue set to the milestone: FreeIPA 4.3.2
Login to comment on this ticket.