Charles Sibbald via FreeIPA-users wrote:
> I get an error during freeIPA ansible install which does not seem to make 
> sense.
> 
> I have the following inventory file:
> 
> ```cat inventory/hosts.cluster
> [ipaserver]
> freeipa-1 ansible_host=10.27.3.1 ansible_port=22 ansible_user='centos' 
> ansible_sudo_pass='centos' ansible_ssh_private_key_file='~/.ssh/id_rsa'
> freeipa-2 ansible_host=10.27.3.2 ansible_port=22 ansible_user='centos' 
> ansible_sudo_pass='centos' ansible_ssh_private_key_file='~/.ssh/id_rsa'
> 
> [ipaserver:vars]
> ipaserver_setup_dns=yes
> ipaserver_auto_forwarders=yes
> ipaserver_no_firewalld=no
> ipaadmin_password=ADMPassword1
> ipadm_password=DMPassword1
> ipaserver_setup_dns=yes
> ipaserver_domain=packet.das-schiff.io
> ipaserver_realm=packet.das-schiff.io
> ipaserver_no_host_dns=false
> 
> [ipareplicas]
> ipareplica1.test.local
> 
> [ipareplicas:vars]
> ipaclient_force_join=yes
> 
> 
> [ipaclients]
> ipaclient1.test.local
> ipaclient2.test.local
> 
> [ipaclients:vars]
> #ipaclient_use_otp=yes
> ipaclient_allow_repair=yes
> 
> 
> [ipa:children]
> ipaserver
> ipareplicas
> ipaclients
> 
> [ipa:vars]
> ipaadmin_password=password1
> ipadm_password=password1
> ipaserver_domain=test.local
> ipaserver_realm=TEST.LOCAL
> ```
> 
> and the following hosts file contents:
> ```cat /etc/hosts
> ::1         freeipa-2.packet.das-schiff.io freeipa-2
> 10.27.3.2   freeipa-2.packet.das-schiff.io freeipa-2
> ```
> 
> however I keep getting the following error:
> ```
> <10.27.3.1> (1, b'\n{"failed": true, "msg": "", "exception": "  File 
> \\"/tmp/ansible_ipaserver_prepare_payload_0ik3mxe2/ansible_ipaserver_prepare_payload.zip/ansible/modules/ipaserver_prepare.py\\",
>  line 350, in main\\n  File 
> \\"/usr/lib/python3.6/site-packages/ipaserver/install/dns.py\\", line 270, in 
> install_check\\n    True, options.ip_addresses)\\n  File 
> \\"/usr/lib/python3.6/site-packages/ipaserver/install/installutils.py\\", 
> line 484, in get_server_ip_address\\n    raise ScriptError()\\n", 
> "invocation": {"module_args": {"dm_password": 
> "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "password": 
> "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "ip_addresses": [], "domain": 
> "packet.das-schiff.io", "realm": "PACKET.DAS-SCHIFF.IO", "hostname": 
> "freeipa-1.packet.das-schiff.io", "no_host_dns": true, "setup_adtrust": 
> false, "setup_kra": false, "setup_dns": true, "external_ca": false, 
> "allow_zone_overlap": false, "reverse_zones": [], "no_reverse": false, 
> "auto_reverse": false, "forwarders": [], "no_forwar
>  ders": false, "auto_forwarders": true, "no_dnssec_validation": false, 
> "enable_compat": false, "setup_ca": true, "_hostname_overridden": true, 
> "force": false, "ca_cert_files": [], "external_cert_files": [], 
> "external_ca_type": null, "external_ca_profile": null, "subject_base": null, 
> "ca_subject": null, "forward_policy": null, "netbios_name": null, "rid_base": 
> null, "secondary_rid_base": null}}}\n', b'OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, 
> OpenSSL 1.0.2n  7 Dec 2017\r\ndebug1: Reading configuration data 
> /home/casibbald/.ssh/config\r\ndebug1: /home/casibbald/.ssh/config line 1: 
> Applying options for *\r\ndebug1: Reading configuration data 
> /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying options 
> for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting 
> O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: 
> mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: 
> mux_client_request_session: entering\r\ndebug3: mux_client_re
>  quest_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 
> 3029733\r\ndebug3: mux_client_request_session: session request 
> sent\r\ndebug1: mux_client_request_session: master session id: 2\r\nThe 
> hostname resolves to the localhost address (127.0.0.1/::1)\nPlease change 
> your /etc/hosts file so that the hostname\nresolves to the ip address of your 
> network interface.\nThe KDC service does not listen on localhost\n\nPlease 
> fix your /etc/hosts file and restart the setup program\ndebug3: 
> mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received 
> exit status from master 1\r\n')
> <10.27.3.1> Failed to connect to the host via ssh: OpenSSH_7.6p1 
> Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
> debug1: Reading configuration data /home/casibbald/.ssh/config
> debug1: /home/casibbald/.ssh/config line 1: Applying options for *
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: Applying options for *
> debug1: auto-mux: Trying existing master
> debug2: fd 3 setting O_NONBLOCK
> debug2: mux_client_hello_exchange: master version 4
> debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
> debug3: mux_client_request_session: entering
> debug3: mux_client_request_alive: entering
> debug3: mux_client_request_alive: done pid = 3029733
> debug3: mux_client_request_session: session request sent
> debug1: mux_client_request_session: master session id: 2
> The hostname resolves to the localhost address (127.0.0.1/::1)
> Please change your /etc/hosts file so that the hostname
> resolves to the ip address of your network interface.

You need to modify /etc/hosts to ensure that the host FQDN does not
point to 127.0.0.1 but to its actual IP address.

rob

> The KDC service does not listen on localhost
> 
> Please fix your /etc/hosts file and restart the setup program
> debug3: mux_client_read_packet: read header failed: Broken pipe
> debug2: Received exit status from master 1
> The full traceback is:
>   File 
> "/tmp/ansible_ipaserver_prepare_payload_0ik3mxe2/ansible_ipaserver_prepare_payload.zip/ansible/modules/ipaserver_prepare.py",
>  line 350, in main
>   File "/usr/lib/python3.6/site-packages/ipaserver/install/dns.py", line 270, 
> in install_check
>     True, options.ip_addresses)
>   File "/usr/lib/python3.6/site-packages/ipaserver/install/installutils.py", 
> line 484, in get_server_ip_address
>     raise ScriptError()
> fatal: [freeipa-1]: FAILED! => {
>     "changed": false,
>     "invocation": {
>         "module_args": {
>             "_hostname_overridden": true,
>             "allow_zone_overlap": false,
>             "auto_forwarders": true,
>             "auto_reverse": false,
>             "ca_cert_files": [],
>             "ca_subject": null,
>             "dm_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
>             "domain": "packet.das-schiff.io",
>             "enable_compat": false,
>             "external_ca": false,
>             "external_ca_profile": null,
>             "external_ca_type": null,
>             "external_cert_files": [],
>             "force": false,
>             "forward_policy": null,
>             "forwarders": [],
>             "hostname": "freeipa-1.packet.das-schiff.io",
>             "ip_addresses": [],
>             "netbios_name": null,
>             "no_dnssec_validation": false,
>             "no_forwarders": false,
>             "no_host_dns": true,
>             "no_reverse": false,
>             "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
>             "realm": "PACKET.DAS-SCHIFF.IO",
>             "reverse_zones": [],
>             "rid_base": null,
>             "secondary_rid_base": null,
>             "setup_adtrust": false,
>             "setup_ca": true,
>             "setup_dns": true,
>             "setup_kra": false,
>             "subject_base": null
>         }
>     },
>     "msg": ""
> }
> ```

_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org

Reply via email to