From 7297060d59534cff6a703ad95c68bf20e53c14ae Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Thu, 5 Jul 2018 23:59:06 +0200
Subject: [PATCH] Only create DNS SRV records for ready server
When installing multiple replicas in parallel, one replica may create
SRV entries for other replicas, although the replicas aren't fully
installed yet. This may cause some services to connect to a server, that
isn't ready to serve requests.
The DNS IPASystemRecords framework now skips all servers that aren't
ready IPA masters.
See: https://pagure.io/freeipa/issue/7566
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
---
ipaserver/dns_data_management.py | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/ipaserver/dns_data_management.py b/ipaserver/dns_data_management.py
index bdf83de0cd76d8b571b5c2190ef8c4d63bcbf2d7..675dd481b461aa14d8adf8393a2168ac84ecac86 100644
--- a/ipaserver/dns_data_management.py
+++ b/ipaserver/dns_data_management.py
@@ -96,7 +96,9 @@ class IPASystemRecords(object):
self.servers_data = {}
servers_result = self.api_instance.Command.server_find(
- no_members=False)['result']
+ no_members=False,
+ servrole=u"IPA master", # only active, fully installed masters
+ )['result']
for s in servers_result:
weight, location, roles = self.__get_server_attrs(s)
self.servers_data[s['cn'][0]] = {
@@ -348,7 +350,9 @@ class IPASystemRecords(object):
zone_obj = zone.Zone(self.domain_abs, relativize=False)
if servers is None:
servers_result = self.api_instance.Command.server_find(
- pkey_only=True)['result']
+ pkey_only=True,
+ servrole=u"IPA master", # only fully installed masters
+ )['result']
servers = [s['cn'][0] for s in servers_result]
locations_result = self.api_instance.Command.location_find()['result']
--
2.17.1