Hi Flo / All, I have completely removed all servers/replicas except for one, did an "ipa-server-install --uninstall" on the other 3, reinstalled a single one as a new replica, and shortly after it was done and back in the cluster I began getting the "Can't locate CSN" errors again in the logs. Both from "freeipa1" (source of truth) and "freeipa3" (new replica)
This seems bonkers to me. They are both in sync according to "cipa". I am not understanding why removing every single replica, verifying with "ipa-replica-manage" that there isn't any ghost replicas, and then adding a single one back is bringing the "Can't locate CSN" errors back. What else could I be missing here? On Fri, Nov 7, 2025 at 5:41 AM Russell Jones <[email protected]> wrote: > Thanks Flo. I have indeed done that, but I didn't start with only source > of truth and just one replica. > > Will try that and report back. > > > > > On Fri, Nov 7, 2025, 4:50 AM Florence Blanc-Renaud <[email protected]> wrote: > >> Hi, >> >> On Thu, Nov 6, 2025 at 11:32 PM Russell Jones via FreeIPA-users < >> [email protected]> wrote: >> >>> Hi all, >>> >>> I have a replication issue that I have been unable to resolve with my >>> 4-node cluster. Steps I have tried: >>> >>> - One by one reinitializing all of the replicas >>> - One by one completely removing and reinstalling all of the replicas >>> - Lowering the changelog max age to 5 minutes (dsconf... >>> replication set-changelog) hoping that the problematic entry would just get >>> expired out. >>> >> >> The max age governs how long a server keeps a change in the changelog >> before purging it (and the changes in the changelog are the crucial pieces >> of information for replication). So if the max age is 5min and a replica >> gets disconnected for more than 5 minutes, it won't be able to get the >> changes older than 5 minutes and it will show this error with Can't locate >> CSN. A small value for max age is a greater risk of losing information, and >> a large value implies bigger database, bigger disk space. >> >> I would start by resetting the max age to the default value, then >> identify which server contains the source of truth. >> Try to re-initialize one replica from this source of trust. >> - remove the replica following >> https://docs.redhat.com/en/documentation/Red_Hat_Enterprise_Linux/8/html-single/installing_identity_management/index#managing-topology-remove-cli >> - remove obsolete ruv records (if any) >> https://docs.redhat.com/en/documentation/Red_Hat_Enterprise_Linux/8/html-single/installing_identity_management/index#managing-topology-remove-cli >> - re-install the replica with ipa-replica-manage install ... >> Then check if replication works. >> >> flo >> >> >>> >>> Nothing has worked. Below is the error I am getting, and it happens on >>> all of the nodes. It does not seem to be limited to just one problematic >>> node. How do I fix this? Replication has been working just fine otherwise. >>> Users and nodes are replicated without an issue. The "cipa" tool reports >>> everything passes. >>> >>> [06/Nov/2025:16:20:25.409077016 -0600] - ERR - >>> agmt="cn=freeipa3.cluster-to-freeipa2.us.ep.corp.local" (freeipa2:389) - >>> clcache_load_buffer - Can't locate CSN 690d206b000000260000 in the >>> changelog (DB rc=-12797). If replication stops, the consumer may need to be >>> reinitialized. >>> >>> [06/Nov/2025:16:20:25.409713350 -0600] - ERR - >>> agmt="cn=freeipa3.cluster-to-freeipa1.us.ep.corp.local" (freeipa1:389) - >>> clcache_load_buffer - Can't locate CSN 690d206b000000260000 in the >>> changelog (DB rc=-12797). If replication stops, the consumer may need to be >>> reinitialized. >>> >>> [06/Nov/2025:16:21:03.774688925 -0600] - ERR - >>> agmt="cn=freeipa3.cluster-to-freeipa1.us.ep.corp.local" (freeipa1:389) - >>> clcache_load_buffer - Can't locate CSN 690d2091000000260000 in the >>> changelog (DB rc=-12797). If replication stops, the consumer may need to be >>> reinitialized. >>> >>> [06/Nov/2025:16:21:03.775486850 -0600] - ERR - >>> agmt="cn=freeipa3.cluster-to-freeipa2.us.ep.corp.local" (freeipa2:389) - >>> clcache_load_buffer - Can't locate CSN 690d2091000000260000 in the >>> changelog (DB rc=-12797). If replication stops, the consumer may need to be >>> reinitialized. >>> >>> [06/Nov/2025:16:21:03.776066865 -0600] - ERR - >>> agmt="cn=freeipa3.cluster-to-freeipa4.cluster" (freeipa4:389) - >>> clcache_load_buffer - Can't locate CSN 690d2091000000260000 in the >>> changelog (DB rc=-12797). If replication stops, the consumer may need to be >>> reinitialized. >>> -- >>> _______________________________________________ >>> FreeIPA-users mailing list -- [email protected] >>> To unsubscribe send an email to >>> [email protected] >>> Fedora Code of Conduct: >>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>> List Archives: >>> https://lists.fedorahosted.org/archives/list/[email protected] >>> Do not reply to spam, report it: >>> https://pagure.io/fedora-infrastructure/new_issue >>> >>
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
