Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1519508 - ipa-server-install was fail if we has Ipv6 address in /etc/resolv.conf
Summary: ipa-server-install was fail if we has Ipv6 address in /etc/resolv.conf
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: rhosp-director
Version: 12.0 (Pike)
Hardware: x86_64
OS: Linux
high
high
Target Milestone: ---
: 12.0 (Pike)
Assignee: Juan Antonio Osorio
QA Contact: Amit Ugol
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-11-30 19:25 UTC by Artem Hrechanychenko
Modified: 2017-12-12 19:20 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-12-12 19:20:45 UTC


Attachments (Terms of Use)

Description Artem Hrechanychenko 2017-11-30 19:25:39 UTC
Description of problem:
2017-11-14T20:42:58Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
2017-11-14T20:42:58Z INFO Checking DNS domain redhat.local., please wait ...
2017-11-14T20:42:58Z DEBUG Name ipa.redhat.local resolved to set([UnsafeIPAddress('10.0.0.13')])
2017-11-14T20:42:58Z DEBUG IP address 10.0.0.13 belongs to a private range, using forward policy only
2017-11-14T20:42:58Z DEBUG Checking DNS server: 172.16.0.1
2017-11-14T20:42:58Z DEBUG Checking DNS server: fe80::5054:ff:fe6e:62ff%eth2
2017-11-14T20:43:08Z ERROR DNS server fe80::5054:ff:fe6e:62ff%eth2: query '. SOA': The DNS operation timed out after 10.0010049343 seconds
2017-11-14T20:43:08Z DEBUG   File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute
    return_value = self.run()
  File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 333, in run
    cfgr.run()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 366, in run
    self.validate()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 375, in validate
    for _nothing in self._validator():
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner
    exc_handler(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 458, in _handle_validate_exception
    self._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner
    step()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda>
    step = lambda: next(self.__gen)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
    value = gen.send(prev_value)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 636, in _configure
    next(validator)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner
    exc_handler(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 458, in _handle_validate_exception
    self._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521, in _handle_exception
    self.__parent._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception
    super(ComponentBase, self)._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner
    step()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda>
    step = lambda: next(self.__gen)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
    value = gen.send(prev_value)
  File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install
    for _nothing in self._installer(self.parent):
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py", line 576, in main
    master_install_check(self)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 248, in decorated
    func(installer)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 609, in install_check
    dns.install_check(False, api, False, options, host_name)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/dns.py", line 293, in install_check
    root_logger)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py", line 526, in check_forwarders
    raise RuntimeError("DNS server %s: %s" % (forwarder, e))

2017-11-14T20:43:08Z DEBUG The ipa-server-install command failed, exception: RuntimeError: DNS server fe80::5054:ff:fe6e:62ff%eth2: query '. SOA': The DNS operation timed out after 10.0010049343 seconds
2017-11-14T20:43:08Z ERROR DNS server fe80::5054:ff:fe6e:62ff%eth2: query '. SOA': The DNS operation timed out after 10.0010049343 seconds
2017-11-14T20:43:08Z ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information

the content of /etc/resolv.conf
# Generated by NetworkManager
search redhat.local
nameserver 172.16.0.1
nameserver fe80::5054:ff:fe3d:c93c%eth2
nameserver 2620:52:0:13b8::fe
# NOTE: the libc resolver may not support more than 3 nameservers.
# The nameservers listed below may not be recognized.
nameserver 10.0.0.1


 If you switch /etc/resolv.conf to a known to work ipv4 DNS - it works fine on the same setup. Move it back to original - fails again with the same error.

Running dig against fe80::5054:ff:fe3d:c93c%eth2 works fine


Could it be that the command[1] doesn't support the format of [ipv6_addres]:[nic] ?

[1]
ipa-server-install -U -r REDHAT.LOCAL -p redhat_01 -a 12345678 --hostname ipa.redhat.local --ip-address=10.0.0.100 --setup-dns --auto-forwarders --auto-reverse

https://rhos-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/job/OT2_container_netiso_osp12_HA_TLS_everywhere/107/console


Version-Release number of selected component (if applicable):
python2-ipaserver-4.5.0-22.el7_4.noarch
ipa-server-4.5.0-22.el7_4.x86_64
ipa-server-dns-4.5.0-22.el7_4.noarch
sssd-ipa-1.15.2-50.el7_4.6.x86_64
python2-ipaclient-4.5.0-22.el7_4.noarch
ipa-client-4.5.0-22.el7_4.x86_64
libipa_hbac-1.15.2-50.el7_4.6.x86_64
ipa-common-4.5.0-22.el7_4.noarch
python2-ipalib-4.5.0-22.el7_4.noarch
python-libipa_hbac-1.15.2-50.el7_4.6.x86_64
ipa-client-common-4.5.0-22.el7_4.noarch
ipa-server-common-4.5.0-22.el7_4.noarch

How reproducible:
always

Steps to Reproduce:
1.Install ipa server using https://github.com/openstack/tripleo-heat-templates/blob/master/ci/scripts/freeipa_setup.sh

Actual results:
install failed

Expected results:
install was successful

Comment 3 Rob Crittenden 2017-11-30 21:58:54 UTC
fe80::5054:ff:fe3d:c93c is a link-local address. I'm not clear whether the [addr]%[nic] syntax is supported but this address is likely to not work.

The other IPv6 looks valid, can you try just without this one?

Comment 6 Artem Hrechanychenko 2017-12-11 12:49:55 UTC
(In reply to Rob Crittenden from comment #3)
> fe80::5054:ff:fe3d:c93c is a link-local address. I'm not clear whether the
> [addr]%[nic] syntax is supported but this address is likely to not work.
> 
> The other IPv6 looks valid, can you try just without this one?

yep, without that address deployment was ok.

Comment 7 Ade Lee 2017-12-12 19:20:45 UTC
The link local address is not supposed to work and is not something that will be done in a real deployment.


Note You need to log in before you can comment on or make changes to this bug.