Julian,
Did you see my on-list response on the list at 16:41pm eastern yesterday? I didn’t see
it make it to the list, It’s quoted below. The problem I was having was the first
install would fail with an error connecting to the host that stores the config. Setting
SlapdConfigForMC and UseExistingMC appropriately fixed it for me. What is
SlapdConfigForMC and UseExistingMC set to on the server that stores that config and
server(s) that don’t store?
I just got everything working cleanly with the below inf. Can dig up a list of the
variables I’m setting in my hosts.yml would you be willing to post a sanitized version of
your inf so we can compare notes?
I agree expect is clunky, I’m curious to find out what your problem is as I’ve been living
this issue for the last week or so.
-morgan
On Sep 18, 2017, at 4:41 PM, Morgan Jones
<morgan(a)morganjones.org> wrote:
Hello Julian et al,
I’ve resolved my unrelated issues and now I'm pretty sure the process to install
several servers with a common config host using inf files is this. I’d love some feedback
from others if you feel this is wrong, this is just from trial and error on my part and
it’s not particularly intuitive:
Do an install with setup-ds-admin.pl —keepcache
Take the resulting .inf and change:
SlapdConfigForMC = yes on the server you want to install the config tree,
SlapdConfigForMC = no on the rest, and
UseExistingMC = 0 on the server you want to install the config tree, and
UseExistingMC = 1 on the rest and
Also put adm.conf at /etc/dirsrv/admin-serv/adm.conf.
Here’s an update to the links below, I renamed the .inf template. These should be
immutable:
https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940ea...
https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940ea...
https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940ea...
-morgan
On Sep 18, 2017, at 5:24 AM, Julian Kippels <kippels(a)hhu.de>
wrote:
Hi,
I have tested this and have found that any entries
in /etc/dirsrv/admin-serv/adm.conf get overridden by the install
script. I have adapted your template to work with my own ansible
playbook and after setup-ds-admin.pl ran, the value for ldapurl has
changed to the local hostname instead of the hostname for the config
host. Additionaly the ConfigDirectoryLdapURL parameter from the
inf-File seems to be ignored. Even if I set it to the correct config
host hostname the local hostname is being used eventually.
My current plan is to ditch the silent install completely in favor of
an expect-script that would send the input to an interactive run of
setup-ds-admin.pl. However I think that this is a really clunky fix and
I would really like to get it working with the silent install.
Julian
Am Fri, 15 Sep 2017 12:56:07 -0400
schrieb Morgan Jones <morgan(a)morganjones.org>:
> Hello Julia,
>
> I’m troubleshooting this exact behavior. So far I’ve found if you
> create an /etc/dirsrv/admin-serv/adm.conf before the silent install
> it works. However we just went through a host domain name change
> (long story) and I’m having I think unrelated problems. I hope to
> resolve that shortly and then I might have a more definitive answer.
>
> In the mean time this may be helpful to you:
>
https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389...
>
https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm...
>
> Here’s where they’re used if you are familiar with ansible:
>
https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml
>
> -morgan
>
>
>> On Sep 15, 2017, at 11:49 AM, Julian Kippels <kippels(a)hhu.de> wrote:
>>
>> Hi,
>>
>> I was playing around with silent installs and found out that the
>> final configuration differs from interactive installations. Here is
>> what I did:
>>
>> I installed two servers on different machines ds-1.localdomain and
>> ds-2.localdomain. ds-1 is used as a master and ds-2 is supposed to
>> use it as its configuration server.
>> Both machines run RHEL 7.4 with the latest EPEL-builds of 389-ds.
>>
>> First I used setup-ds-admin.pl --keepcache interactively first on
>> ds-1 and told it not to use an existing configuration server, then
>> on ds-2 and told it to use ds-1. When I connect to ds-1 using
>> 389-console I can see both ds-1 and ds-2.
>> Then I took the generated .inf-files, removed all traces from the
>> previous instances from both machines using remove-ds-admin.pl -a
>> -f -y and then ran setup-ds-admin.pl --silent --file=ds-1.inf and
>> --file=ds-2.inf respectively. When I connect to ds-1 now, I only see
>> ds-1, to see ds-2 I have to connect to ds-2 with 389-console.
>>
>> The .inf-files look like this:
>> --------
>> $ cat ds-1.inf
>> [General]
>> AdminDomain = localdomain
>> ConfigDirectoryAdminID = admin
>> ConfigDirectoryAdminPwd = XXX
>> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot
>> FullMachineName = ds-1.localdomain
>> ServerRoot = /usr/lib64/dirsrv
>> StrictHostCheck = true
>> SuiteSpotGroup = dirsrv
>> SuiteSpotUserID = dirsrv
>> [admin]
>> Port = 9830
>> ServerAdminID = admin
>> ServerAdminPwd = XXX
>> ServerIpAddress = 0.0.0.0
>> SysUser = dirsrv
>> [slapd]
>> start_server = 0
>> AddOrgEntries = Yes
>> AddSampleEntries = No
>> HashedRootDNPwd = XXX
>> InstScriptsEnabled = true
>> InstallLdifFile = suggest
>> RootDN = cn=Directory Manager
>> RootDNPwd = XXX
>> ServerIdentifier = ds-1
>> ServerPort = 389
>> SlapdConfigForMC = yes
>> Suffix = dc=localdomain
>> UseExistingMC = 0
>> bak_dir = /var/lib/dirsrv/slapd-ds-1/bak
>> bindir = /usr/bin
>> cert_dir = /etc/dirsrv/slapd-ds-1
>> config_dir = /etc/dirsrv/slapd-ds-1
>> datadir = /usr/share
>> db_dir = /var/lib/dirsrv/slapd-ds-1/db
>> ds_bename = userRoot
>> inst_dir = /usr/lib64/dirsrv/slapd-ds-1
>> ldif_dir = /var/lib/dirsrv/slapd-ds-1/ldif
>> localstatedir = /var
>> lock_dir = /var/lock/dirsrv/slapd-ds-1
>> log_dir = /var/log/dirsrv/slapd-ds-1
>> naming_value = rz
>> run_dir = /var/run/dirsrv
>> sbindir = /usr/sbin
>> schema_dir = /etc/dirsrv/slapd-ds-1/schema
>> sysconfdir = /etc
>> tmp_dir = /tmp
>> --------
>> $ cat ds-2.inf
>> [General]
>> AdminDomain = localdomain
>> ConfigDirectoryAdminID = admin
>> ConfigDirectoryAdminPwd = XXX
>> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot
>> FullMachineName = ds-2.localdomain
>> ServerRoot = /usr/lib64/dirsrv
>> StrictHostCheck = true
>> SuiteSpotGroup = dirsrv
>> SuiteSpotUserID = dirsrv
>> [admin]
>> Port = 9830
>> ServerAdminID = admin
>> ServerAdminPwd = XXX
>> ServerIpAddress = 0.0.0.0
>> SysUser = dirsrv
>> [slapd]
>> AddOrgEntries = Yes
>> AddSampleEntries = No
>> HashedRootDNPwd = XXX
>> InstScriptsEnabled = true
>> InstallLdifFile = suggest
>> RootDN = cn=Directory Manager
>> RootDNPwd = XXX
>> ServerIdentifier = ds-2
>> ServerPort = 389
>> Suffix = dc=localdomain
>> UseExistingMC = 1
>> bak_dir = /var/lib/dirsrv/slapd-ds-2/bak
>> bindir = /usr/bin
>> cert_dir = /etc/dirsrv/slapd-ds-2
>> config_dir = /etc/dirsrv/slapd-ds-2
>> datadir = /usr/share
>> db_dir = /var/lib/dirsrv/slapd-ds-2/db
>> ds_bename = userRoot
>> inst_dir = /usr/lib64/dirsrv/slapd-ds-2
>> ldif_dir = /var/lib/dirsrv/slapd-ds-2/ldif
>> localstatedir = /var
>> lock_dir = /var/lock/dirsrv/slapd-ds-2
>> log_dir = /var/log/dirsrv/slapd-ds-2
>> naming_value = rz
>> run_dir = /var/run/dirsrv
>> sbindir = /usr/sbin
>> schema_dir = /etc/dirsrv/slapd-ds-2/schema
>> sysconfdir = /etc
>> tmp_dir = /tmp
>>
>> I think this unintended behaviour and should be fixed. Unless I did
>> a mistake somewhere, but I can't see where…
>>
>> Julian
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org