Charles Sibbald via FreeIPA-users wrote: > I get an error during freeIPA ansible install which does not seem to make > sense. > > I have the following inventory file: > > ```cat inventory/hosts.cluster > [ipaserver] > freeipa-1 ansible_host=10.27.3.1 ansible_port=22 ansible_user='centos' > ansible_sudo_pass='centos' ansible_ssh_private_key_file='~/.ssh/id_rsa' > freeipa-2 ansible_host=10.27.3.2 ansible_port=22 ansible_user='centos' > ansible_sudo_pass='centos' ansible_ssh_private_key_file='~/.ssh/id_rsa' > > [ipaserver:vars] > ipaserver_setup_dns=yes > ipaserver_auto_forwarders=yes > ipaserver_no_firewalld=no > ipaadmin_password=ADMPassword1 > ipadm_password=DMPassword1 > ipaserver_setup_dns=yes > ipaserver_domain=packet.das-schiff.io > ipaserver_realm=packet.das-schiff.io > ipaserver_no_host_dns=false > > [ipareplicas] > ipareplica1.test.local > > [ipareplicas:vars] > ipaclient_force_join=yes > > > [ipaclients] > ipaclient1.test.local > ipaclient2.test.local > > [ipaclients:vars] > #ipaclient_use_otp=yes > ipaclient_allow_repair=yes > > > [ipa:children] > ipaserver > ipareplicas > ipaclients > > [ipa:vars] > ipaadmin_password=password1 > ipadm_password=password1 > ipaserver_domain=test.local > ipaserver_realm=TEST.LOCAL > ``` > > and the following hosts file contents: > ```cat /etc/hosts > ::1 freeipa-2.packet.das-schiff.io freeipa-2 > 10.27.3.2 freeipa-2.packet.das-schiff.io freeipa-2 > ``` > > however I keep getting the following error: > ``` > <10.27.3.1> (1, b'\n{"failed": true, "msg": "", "exception": " File > \\"/tmp/ansible_ipaserver_prepare_payload_0ik3mxe2/ansible_ipaserver_prepare_payload.zip/ansible/modules/ipaserver_prepare.py\\", > line 350, in main\\n File > \\"/usr/lib/python3.6/site-packages/ipaserver/install/dns.py\\", line 270, in > install_check\\n True, options.ip_addresses)\\n File > \\"/usr/lib/python3.6/site-packages/ipaserver/install/installutils.py\\", > line 484, in get_server_ip_address\\n raise ScriptError()\\n", > "invocation": {"module_args": {"dm_password": > "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "password": > "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "ip_addresses": [], "domain": > "packet.das-schiff.io", "realm": "PACKET.DAS-SCHIFF.IO", "hostname": > "freeipa-1.packet.das-schiff.io", "no_host_dns": true, "setup_adtrust": > false, "setup_kra": false, "setup_dns": true, "external_ca": false, > "allow_zone_overlap": false, "reverse_zones": [], "no_reverse": false, > "auto_reverse": false, "forwarders": [], "no_forwar > ders": false, "auto_forwarders": true, "no_dnssec_validation": false, > "enable_compat": false, "setup_ca": true, "_hostname_overridden": true, > "force": false, "ca_cert_files": [], "external_cert_files": [], > "external_ca_type": null, "external_ca_profile": null, "subject_base": null, > "ca_subject": null, "forward_policy": null, "netbios_name": null, "rid_base": > null, "secondary_rid_base": null}}}\n', b'OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, > OpenSSL 1.0.2n 7 Dec 2017\r\ndebug1: Reading configuration data > /home/casibbald/.ssh/config\r\ndebug1: /home/casibbald/.ssh/config line 1: > Applying options for *\r\ndebug1: Reading configuration data > /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying options > for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting > O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: > mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: > mux_client_request_session: entering\r\ndebug3: mux_client_re > quest_alive: entering\r\ndebug3: mux_client_request_alive: done pid = > 3029733\r\ndebug3: mux_client_request_session: session request > sent\r\ndebug1: mux_client_request_session: master session id: 2\r\nThe > hostname resolves to the localhost address (127.0.0.1/::1)\nPlease change > your /etc/hosts file so that the hostname\nresolves to the ip address of your > network interface.\nThe KDC service does not listen on localhost\n\nPlease > fix your /etc/hosts file and restart the setup program\ndebug3: > mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received > exit status from master 1\r\n') > <10.27.3.1> Failed to connect to the host via ssh: OpenSSH_7.6p1 > Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017 > debug1: Reading configuration data /home/casibbald/.ssh/config > debug1: /home/casibbald/.ssh/config line 1: Applying options for * > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug1: auto-mux: Trying existing master > debug2: fd 3 setting O_NONBLOCK > debug2: mux_client_hello_exchange: master version 4 > debug3: mux_client_forwards: request forwardings: 0 local, 0 remote > debug3: mux_client_request_session: entering > debug3: mux_client_request_alive: entering > debug3: mux_client_request_alive: done pid = 3029733 > debug3: mux_client_request_session: session request sent > debug1: mux_client_request_session: master session id: 2 > The hostname resolves to the localhost address (127.0.0.1/::1) > Please change your /etc/hosts file so that the hostname > resolves to the ip address of your network interface.
You need to modify /etc/hosts to ensure that the host FQDN does not point to 127.0.0.1 but to its actual IP address. rob > The KDC service does not listen on localhost > > Please fix your /etc/hosts file and restart the setup program > debug3: mux_client_read_packet: read header failed: Broken pipe > debug2: Received exit status from master 1 > The full traceback is: > File > "/tmp/ansible_ipaserver_prepare_payload_0ik3mxe2/ansible_ipaserver_prepare_payload.zip/ansible/modules/ipaserver_prepare.py", > line 350, in main > File "/usr/lib/python3.6/site-packages/ipaserver/install/dns.py", line 270, > in install_check > True, options.ip_addresses) > File "/usr/lib/python3.6/site-packages/ipaserver/install/installutils.py", > line 484, in get_server_ip_address > raise ScriptError() > fatal: [freeipa-1]: FAILED! => { > "changed": false, > "invocation": { > "module_args": { > "_hostname_overridden": true, > "allow_zone_overlap": false, > "auto_forwarders": true, > "auto_reverse": false, > "ca_cert_files": [], > "ca_subject": null, > "dm_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", > "domain": "packet.das-schiff.io", > "enable_compat": false, > "external_ca": false, > "external_ca_profile": null, > "external_ca_type": null, > "external_cert_files": [], > "force": false, > "forward_policy": null, > "forwarders": [], > "hostname": "freeipa-1.packet.das-schiff.io", > "ip_addresses": [], > "netbios_name": null, > "no_dnssec_validation": false, > "no_forwarders": false, > "no_host_dns": true, > "no_reverse": false, > "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", > "realm": "PACKET.DAS-SCHIFF.IO", > "reverse_zones": [], > "rid_base": null, > "secondary_rid_base": null, > "setup_adtrust": false, > "setup_ca": true, > "setup_dns": true, > "setup_kra": false, > "subject_base": null > } > }, > "msg": "" > } > ``` _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org