From 7297060d59534cff6a703ad95c68bf20e53c14ae Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Thu, 5 Jul 2018 23:59:06 +0200 Subject: [PATCH] Only create DNS SRV records for ready server When installing multiple replicas in parallel, one replica may create SRV entries for other replicas, although the replicas aren't fully installed yet. This may cause some services to connect to a server, that isn't ready to serve requests. The DNS IPASystemRecords framework now skips all servers that aren't ready IPA masters. See: https://pagure.io/freeipa/issue/7566 Signed-off-by: Christian Heimes Reviewed-By: Alexander Bokovoy --- ipaserver/dns_data_management.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ipaserver/dns_data_management.py b/ipaserver/dns_data_management.py index bdf83de0cd76d8b571b5c2190ef8c4d63bcbf2d7..675dd481b461aa14d8adf8393a2168ac84ecac86 100644 --- a/ipaserver/dns_data_management.py +++ b/ipaserver/dns_data_management.py @@ -96,7 +96,9 @@ class IPASystemRecords(object): self.servers_data = {} servers_result = self.api_instance.Command.server_find( - no_members=False)['result'] + no_members=False, + servrole=u"IPA master", # only active, fully installed masters + )['result'] for s in servers_result: weight, location, roles = self.__get_server_attrs(s) self.servers_data[s['cn'][0]] = { @@ -348,7 +350,9 @@ class IPASystemRecords(object): zone_obj = zone.Zone(self.domain_abs, relativize=False) if servers is None: servers_result = self.api_instance.Command.server_find( - pkey_only=True)['result'] + pkey_only=True, + servrole=u"IPA master", # only fully installed masters + )['result'] servers = [s['cn'][0] for s in servers_result] locations_result = self.api_instance.Command.location_find()['result'] -- 2.17.1