The nightly test test_ipahealthcheck.py::TestIpaHealthCheck is failing in PR #844 running on rawhide. See Report and logs: - test test_ipa_healthcheck_after_certupdate - test test_ipa_healthcheck_no_errors - test test_ipa_dns_systemrecords_check
test_ipahealthcheck.py::TestIpaHealthCheck
test_ipa_healthcheck_after_certupdate
test_ipa_healthcheck_no_errors
test_ipa_dns_systemrecords_check
The 3 tests are failing in the check IPADNSSystemRecordsCheck:
IPADNSSystemRecordsCheck
{ "source": "ipahealthcheck.ipa.idns", "check": "IPADNSSystemRecordsCheck", "result": "WARNING", "uuid": "4b859078-4b9b-4fc3-af49-dd476aee7eaf", "when": "20210418093157Z", "duration": "0.092203", "kw": { "msg": "Got {count} ipa-ca AAAA records, expected {expected}", "count": 1, "expected": 2 } } ]
Test scenario: install server with CA, DNS, install replica with CA, call ipa-certupdate on server, check that there are server+replica records for ipa-ca in the zone ipa.test.
From the server install logs, we can see that an A and an AAAA record are added during the first server install:
2021-04-18T08:58:02Z DEBUG raw: dnsrecord_mod(<DNS name ipa.test.>, <DNS name ipa-ca.ipa.test.>, arecord=['192.168.122.166'], aaaarecord=['fe80::3a09:31d:518e:7276'], version='2.240') 2021-04-18T08:58:02Z DEBUG dnsrecord_mod(<DNS name ipa.test.>, <DNS name ipa-ca.ipa.test.>, arecord=('192.168.122.166',), aaaarecord=('fe80::3a09:31d:518e:7276',), rights=False, structured=False, all=False, raw=False, version='2.240') 2021-04-18T08:58:02Z DEBUG raw: dnsrecord_add(<DNS name ipa.test.>, <DNS name ipa-ca.ipa.test.>, arecord=['192.168.122.166'], aaaarecord=['fe80::3a09:31d:518e:7276'], version='2.240') 2021-04-18T08:58:02Z DEBUG dnsrecord_add(<DNS name ipa.test.>, <DNS name ipa-ca.ipa.test.>, arecord=('192.168.122.166',), a_extra_create_reverse=False, aaaarecord=('fe80::3a09:31d:518e:7276',), aaaa_extra_create_reverse=False, force=False, structured=False, all=False, raw=False, version='2.240')
From the replica install logs, we can see that the installer updates the DNS records for ipa-ca but does not see the ipv6 address of the master in the existing record:
2021-04-18T09:08:21Z DEBUG raw: dnsrecord_mod(<DNS name ipa.test.>, <DNS name ipa-ca.ipa.test.>, arecord=['192.168.122.166'], version='2.240') 2021-04-18T09:08:21Z DEBUG dnsrecord_mod(<DNS name ipa.test.>, <DNS name ipa-ca.ipa.test.>, arecord=('192.168.122.166',), rights=False, structured=False, all=False, raw=False, version='2.240') [...] 2021-04-18T09:08:23Z DEBUG raw: dnsrecord_mod(<DNS name ipa.test.>, <DNS name ipa-ca.ipa.test.>, arecord=['192.168.122.166', '192.168.122.101'], aaaarecord=['fe80::b64b:d16e:ece2:6f37'], version='2.240') 2021-04-18T09:08:23Z DEBUG dnsrecord_mod(<DNS name ipa.test.>, <DNS name ipa-ca.ipa.test.>, arecord=('192.168.122.166', '192.168.122.101'), aaaarecord=('fe80::b64b:d16e:ece2:6f37',), rights=False, structured=False, all=False, raw=False, version='2.240')
Need to understand why the replica installer overwrites the AAAA record for ipa-ca instead of adding a new one.
I didn't pay attention at first but the installer is picking the ipv6 link-local address
Failed in [testing_master_latest]
PR #913
report
Failure observed in http://freeipa-org-pr-ci.s3-website.eu-central-1.amazonaws.com/jobs/4c630416-b561-11eb-a4e3-fa163e31fb68/report.html, report
Failure observed in [testing_ipa-4.9_latest] Nightly PR #920 , report
Metadata Update from @mpolovka: - Issue tagged with: tests
Failure observed in [testing_master_pki] Nightly PR #973 , report
Failure observed in [testing_master_pki] Nightly PR #1020 , report
Metadata Update from @frenaud: - Issue assigned to frenaud
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/5880
master:
ipa-4-9:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.