From 0f6afe8ffa39804d7bb5e86e4aa447f4d56a4dfa Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Thu, 5 Jul 2018 23:59:06 +0200 Subject: [PATCH] Only create DNS SRV records for ready server When installing multiple replicas in parallel, one replica may create SRV entries for other replicas, although the replicas aren't fully installed yet. This may cause some services to connect to a server, that isn't ready to serve requests. The DNS IPASystemRecords framework now skips all servers that aren't ready IPA masters. See: https://pagure.io/freeipa/issue/7566 Signed-off-by: Christian Heimes Reviewed-By: Alexander Bokovoy Reviewed-By: Fraser Tweedale --- ipaserver/dns_data_management.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ipaserver/dns_data_management.py b/ipaserver/dns_data_management.py index 2008ba6e7d387046b74e3de0af644d97b145ccb7..6016d8a0044d487c3118f43f199b2a433facfa9a 100644 --- a/ipaserver/dns_data_management.py +++ b/ipaserver/dns_data_management.py @@ -93,7 +93,9 @@ class IPASystemRecords(object): self.servers_data = {} servers_result = self.api_instance.Command.server_find( - no_members=False)['result'] + no_members=False, + servrole=u"IPA master", # only active, fully installed masters + )['result'] for s in servers_result: weight, location, roles = self.__get_server_attrs(s) self.servers_data[s['cn'][0]] = { @@ -345,7 +347,9 @@ class IPASystemRecords(object): zone_obj = zone.Zone(self.domain_abs, relativize=False) if servers is None: servers_result = self.api_instance.Command.server_find( - pkey_only=True)['result'] + pkey_only=True, + servrole=u"IPA master", # only fully installed masters + )['result'] servers = [s['cn'][0] for s in servers_result] locations_result = self.api_instance.Command.location_find()['result'] -- 2.17.1