On 05/20/2015 02:57 AM, Janelle wrote:
On 5/19/15 12:04 AM, thierry bordaz wrote:
On 05/19/2015 03:42 AM, Janelle wrote:
On 5/18/15 6:23 PM, Janelle wrote:
Once again, replication/sync has been lost. I really wish the
product was more stable, it is so much potential and yet.
Servers running for 6 days no issues. No new accounts or changes
(maybe a few users changing passwords) and again, 5 out of 16
servers are no longer in sync.
I can test it easily by adding an account and then waiting a few
minutes, then run "ipa user-show --all username" on all the
servers, and only a few of them have the account. I have now
waited 15 minutes, still no luck.
Oh well.. I guess I will go look at alternatives. I had such high
hopes for this tool. Thanks so much everyone for all your help in
trying to get things stable, but for whatever reason, there is a
random loss of sync among the servers and obviously this is not
acceptable.
regards
~J
All the replicas are happy again. I found these again:
unable to decode {replica 16} 55356472000300100000 55356472000300100000
unable to decode {replica 23} 5553e3a3000000170000 55543240000300170000
unable to decode {replica 24} 554d53d3000000180000 554d54a4000200180000
What I also found to be interesting is that I have not deleted any
masters at all, so this was quite perplexing where the orphaned
entries came from. However I did find 3 of the replicas did not show
complete RUV lists... While most of the replicas had a list of all 16
servers, a couple of them listed only 4 or 5. (using
ipa-replica-manage list-ruv)
I don't know about the orphaned entries. Did you get entries below
deleted parents ?
AFAIK all replicas are master and so have an entry {replica <rid>} in
the RUV. We should expect all servers having the same number of
RUVelements (16, 4 or 5). The servers with 4 or 5 may be isolated so
that they did not received updates from those with 16 RUVelements.
would you copy/paste an example of RUV with 16 and with 4-5 ?
Once I re-initialized --from servers that showed the correct RUVS
everyone is happy again. I have tested replication by creating and
deleting accounts, changing group members and a few other things.
Everything is working fine. I have enabled additional logging.
Now we wait and when it happens again, hopefully we have something.
Yes, it will help :-)
thanks
thierry
thanks
~Janelle
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project