On Sat, 2011-05-14 at 16:46 +0200, Sigbjorn Lie wrote: > I've noticed that if the machine running IPA is very busy at startup, > the IPA services will not be online when the machine is started. > > I noticed this is as my test virtualization host has had it's power cord > knocked out a few times. When I restart the host machine, all the > virtual machines is started at the same time, causing (a lot) higher > than normal latency for each virtual machine. > > This causes the IPA daemons to start, while during the startup one or > several IPA daemons fails due to dependencies of other daemons which is > not started yet, and all the IPA daemons is stopped as not all the IPA > daemons started successfully. I've noticed that the default behavior of > the ipactl command is to shut down all the IPA daemons, if any of the > IPA daemons should fail during startup. > > This can be seen in the logs of the individual services, as some is > started successfully, just to receive a shutdown signal shortly after. > It seem to be the pki-ca which shut down my IPA services this morning. > > When rebooting the virtual machine running the IPA daemons during normal > load of the host machine, all the IPA daemons start successfully. > Logging on to the IPA server and manually starting the IPA daemons after > the load of the host machine has decreased also works. > > I suggest changing the startup scripts to allow (a lot) longer startup > times for the IPA daemons prior to failing them.
At the moment we just run service <name> start and wait until it is done. If the pki-cad service timeouts and returns an error I think we need to open a bug against the dogtag component as that is the cause. Can you open a bug in the freeipa trac with logs showing that service is responsible for the failure ? Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
