ansible-freeipa icon indicating copy to clipboard operation
ansible-freeipa copied to clipboard

Published 20 hours ago verified publisher icon freeipa

ipatopologysuffix checked not working

Open FF186 opened this issue 1 year ago • 3 comments 

- name: Check topology segment
  freeipa.ansible_freeipa.ipatopologysuffix:
    ipaadmin_principal: admin
    ipaadmin_password: myPassword
    suffix: domain
    left: replica1.example.com
    right: replica2.example.com
    state: checked


Result: 
FAILED! => {"changed": false, "msg": "value of state must be one of: verified, got: checked"}

FF186 avatar Jan 30 '24 14:01 FF186

Please use state: verified for ipatopologysuffix.

t-woerner avatar Jan 30 '24 15:01 t-woerner

@t-woerner , thanks for you reply.

However, I can't gain any information from running state: verified. I would really like to check if there's an error between the replicas. Not supported?

What about reinitialization?

- name: Check topology segment
  freeipa.ansible_freeipa.ipatopologysuffix:
    ipaadmin_principal: admin
    ipaadmin_password: myPassword
    suffix: domain
    left: replica1.example.com
    right: replica2.example.com
    state: reinitialized

FAILED! => {"changed": false, "msg": "value of state must be one of: verified, got: reinitialized"}

However, state: verified does not reinitialize my replicas. I still get:

replica
  last update status: Error (19) Replication error acquiring replica: Replica has different database generation ID, remote replica may need to be initialized (RUV error)
  last update ended: 1970-01-01 00:00:00+00:00

FF186 avatar Jan 30 '24 15:01 FF186

Doens't seem to work as intended, sticking to ipa CLI for now:

  • command: ipa-replica-manage re-initialize --from replica1.example.com args: stdin: "myPassword" delegate_to: "replica{{ item }}.example.com" loop: "{{ (range(1, groups[ipareplica] | length | int + 1) | list }}"

FF186 avatar Jan 31 '24 11:01 FF186