Hi, I'm struggling couple of weeks with installing replica in cloud. I know that we definitely have no blocked ports, but not sure what is the issue here:
from new replica: /usr/sbin/ipa-replica-conncheck --master qb-mum-vm01.int --auto-master-check --realm INT --hostname gcp-nas-vm01.int --ca-cert-file /etc/ipa/ca.crt Check connection from replica to remote master 'qb-mum-vm01.int': Directory Service: Unsecure port (389): OK Directory Service: Secure port (636): OK Kerberos KDC: TCP (88): OK Kerberos Kpasswd: TCP (464): OK HTTP Server: Unsecure port (80): OK HTTP Server: Secure port (443): OK The following list of ports use UDP protocol and would need to be checked manually: Kerberos KDC: UDP (88): SKIPPED Kerberos Kpasswd: UDP (464): SKIPPED Connection from replica to master is OK. Start listening on required ports for remote master check Get credentials to log in to remote master Check RPC connection to remote master Execute check on remote master ERROR: Remote master check failed with following error message(s): an internal error has occurred On main server: [Mon Nov 11 14:32:01.426513 2024] [:warn] [pid 343202:tid 343369] [client 10.128.0.52:48930] failed to set perms (3140) on file (/run/ipa/ccaches/asafonov@INT-EqAXFh)!, referer: https://qb-mum-vm01.int/ipa/xml [Mon Nov 11 14:32:01.439064 2024] [wsgi:error] [pid 343143:tid 343391] [remote 10.128.0.52:48930] ipa: INFO: [jsonserver_session] asafonov@INT: ping(): SUCCESS [Mon Nov 11 14:32:01.676346 2024] [:warn] [pid 343202:tid 343370] [client 10.128.0.52:48930] failed to set perms (3140) on file (/run/ipa/ccaches/asafonov@INT-EqAXFh)!, referer: https://qb-mum-vm01.int/ipa/xml [Mon Nov 11 14:32:01.687507 2024] [wsgi:error] [pid 343142:tid 343394] [remote 10.128.0.52:48930] ipa: INFO: [jsonserver_session] asafonov@INT: ping/1(version='2.253'): SUCCESS [Mon Nov 11 14:32:01.924408 2024] [:warn] [pid 343202:tid 343373] [client 10.128.0.52:48930] failed to set perms (3140) on file (/run/ipa/ccaches/asafonov@INT-EqAXFh)!, referer: https://qb-mum-vm01.int/ipa/xml [Mon Nov 11 14:32:27.028832 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] ipa: ERROR: non-public: DBusException: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. [Mon Nov 11 14:32:27.028892 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] Traceback (most recent call last): [Mon Nov 11 14:32:27.028903 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] File "/usr/lib/python3.9/site-packages/ipaserver/rpcserver.py", line 417, in wsgi_execute [Mon Nov 11 14:32:27.028911 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] result = command(*args, **options) [Mon Nov 11 14:32:27.028918 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] File "/usr/lib/python3.9/site-packages/ipalib/frontend.py", line 471, in __call__ [Mon Nov 11 14:32:27.028926 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] return self.__do_call(*args, **options) [Mon Nov 11 14:32:27.028933 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] File "/usr/lib/python3.9/site-packages/ipalib/frontend.py", line 499, in __do_call [Mon Nov 11 14:32:27.028940 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] ret = self.run(*args, **options) [Mon Nov 11 14:32:27.028947 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] File "/usr/lib/python3.9/site-packages/ipalib/frontend.py", line 816, in run [Mon Nov 11 14:32:27.028959 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] return self.execute(*args, **options) [Mon Nov 11 14:32:27.028968 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] File "/usr/lib/python3.9/site-packages/ipaserver/plugins/server.py", line 948, in execute [Mon Nov 11 14:32:27.028975 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] ret, stdout, _stderr = server.conncheck(keys[-1]) [Mon Nov 11 14:32:27.028984 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] File "/usr/lib64/python3.9/site-packages/dbus/proxies.py", line 72, in __call__ [Mon Nov 11 14:32:27.028993 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] return self._proxy_method(*args, **keywords) [Mon Nov 11 14:32:27.029001 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] File "/usr/lib64/python3.9/site-packages/dbus/proxies.py", line 141, in __call__ [Mon Nov 11 14:32:27.029010 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] return self._connection.call_blocking(self._named_service, [Mon Nov 11 14:32:27.029017 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] File "/usr/lib64/python3.9/site-packages/dbus/connection.py", line 652, in call_blocking [Mon Nov 11 14:32:27.029024 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] reply_message = self.send_message_with_reply_and_block( [Mon Nov 11 14:32:27.029033 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. [Mon Nov 11 14:32:27.029303 2024] [wsgi:error] [pid 343140:tid 343385] [remote 10.128.0.52:48930] ipa: INFO: [jsonserver_session] asafonov@INT: server_conncheck('qb-mum-vm01.int', 'gcp-nas-vm01.int', version='2.162'): InternalError Any ideas what is causing that problem ? -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
