On 20 September 2017 at 12:30, Fraser Tweedale ftweedal@redhat.com wrote:
On Wed, Sep 20, 2017 at 08:50:03AM +1000, Lachlan Musicman via FreeIPA-users wrote:
2017-09-19T22:30:50Z DEBUG wait_for_open_ports: localhost [8080, 8443] timeout 300 2017-09-19T22:35:51Z ERROR IPA server upgrade failed: Inspect /var/log/ipaupgrade.log and run command ipa-server-upgrade manually. 2017-09-19T22:35:51Z DEBUG File "/usr/lib/python2.7/site- packages/ipapython/admintool.py", line 172, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_
server_upgrade.py",
line 46, in run server.upgrade() File "/usr/lib/python2.7/site-packages/ipaserver/install/server/
upgrade.py",
line 1913, in upgrade upgrade_configuration() File "/usr/lib/python2.7/site-packages/ipaserver/install/server/
upgrade.py",
line 1652, in upgrade_configuration ca.start('pki-tomcat') File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 401, in start self.service.start(instance_name, capture_output=capture_output, wait=wait) File "/usr/lib/python2.7/site-packages/ipaplatform/redhat/service
s.py",
line 211, in start instance_name, capture_output=capture_output, wait=wait) File "/usr/lib/python2.7/site-packages/ipaplatform/base/services.py", line 300, in start self.wait_for_open_ports(self.service_instance(instance_name)) File "/usr/lib/python2.7/site-packages/ipaplatform/base/services.py", line 270, in wait_for_open_ports self.api.env.startup_timeout) File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line
1227,
in wait_for_open_ports raise socket.timeout("Timeout exceeded")
2017-09-19T22:35:51Z DEBUG The ipa-server-upgrade command failed, exception: timeout: Timeout exceeded 2017-09-19T22:35:51Z ERROR Timeout exceeded 2017-09-19T22:35:51Z ERROR The ipa-server-upgrade command failed. See /var/log/ipaupgrade.log for more information
Can you please provide log files? Especially /var/log/ipaupgrade.log, to begin with.
Fraser, thanks for the reply. I meant to answer my own email with the solution but I couldn't see it on the list?
Anyway - the solution was that the /etc/hosts file on the server in question had a ::1 localhost address. We have the IPv6 disabled (combination of one of our services not working with IPv6 and our network not being IPv6 ready) in the OS.
Once I deleted that line from /etc/hosts, everything went to plan.
Note: my analysis was not my own, it on this came from this site:
https://awsadminz.com/ipa-wait_for_open_ports-localhost-8080-8443-timeout-30...
Their solution worked, so I ran with it.
cheers L.
------ "The antidote to apocalypticism is *apocalyptic civics*. Apocalyptic civics is the insistence that we cannot ignore the truth, nor should we panic about it. It is a shared consciousness that our institutions have failed and our ecosystem is collapsing, yet we are still here — and we are creative agents who can shape our destinies. Apocalyptic civics is the conviction that the only way out is through, and the only way through is together. "
*Greg Bloom* @greggish https://twitter.com/greggish/ status/873177525903609857