Hi Rob,
Your advice "You need to modify /etc/hosts to ensure that the host FQDN does
not point to 127.0.0.1 but to its actual IP address.
I am ashamed to say I either do not understand how this is done or I am
confused.
I have set the hosts file as follows and there is no 127.0.0.1
I am not entirely sure what else is required to not have 127.0.0.1 not returned.
Config:
[centos@freeipa-1 ~]$ cat /etc/hosts
10.27.3.1 freeipa-1.packet.das-schiff.io freeipa-1
Kind regards, and ashamedly confused by Lentos
Charles
> On 27 Oct 2020, at 16:04, Rob Crittenden <rcrit...@redhat.com> wrote:
>
> Charles Sibbald via FreeIPA-users wrote:
>> I get an error during freeIPA ansible install which does not seem to make
>> sense.
>>
>> I have the following inventory file:
>>
>> ```cat inventory/hosts.cluster
>> [ipaserver]
>> freeipa-1 ansible_host=10.27.3.1 ansible_port=22 ansible_user='centos'
>> ansible_sudo_pass='centos' ansible_ssh_private_key_file='~/.ssh/id_rsa'
>> freeipa-2 ansible_host=10.27.3.2 ansible_port=22 ansible_user='centos'
>> ansible_sudo_pass='centos' ansible_ssh_private_key_file='~/.ssh/id_rsa'
>>
>> [ipaserver:vars]
>> ipaserver_setup_dns=yes
>> ipaserver_auto_forwarders=yes
>> ipaserver_no_firewalld=no
>> ipaadmin_password=ADMPassword1
>> ipadm_password=DMPassword1
>> ipaserver_setup_dns=yes
>> ipaserver_domain=packet.das-schiff.io
>> ipaserver_realm=packet.das-schiff.io
>> ipaserver_no_host_dns=false
>>
>> [ipareplicas]
>> ipareplica1.test.local
>>
>> [ipareplicas:vars]
>> ipaclient_force_join=yes
>>
>>
>> [ipaclients]
>> ipaclient1.test.local
>> ipaclient2.test.local
>>
>> [ipaclients:vars]
>> #ipaclient_use_otp=yes
>> ipaclient_allow_repair=yes
>>
>>
>> [ipa:children]
>> ipaserver
>> ipareplicas
>> ipaclients
>>
>> [ipa:vars]
>> ipaadmin_password=password1
>> ipadm_password=password1
>> ipaserver_domain=test.local
>> ipaserver_realm=TEST.LOCAL
>> ```
>>
>> and the following hosts file contents:
>> ```cat /etc/hosts
>> ::1 freeipa-2.packet.das-schiff.io freeipa-2
>> 10.27.3.2 freeipa-2.packet.das-schiff.io freeipa-2
>> ```
>>
>> however I keep getting the following error:
>> ```
>> <10.27.3.1> (1, b'\n{"failed": true, "msg": "", "exception": " File
>> \\"/tmp/ansible_ipaserver_prepare_payload_0ik3mxe2/ansible_ipaserver_prepare_payload.zip/ansible/modules/ipaserver_prepare.py\\",
>> line 350, in main\\n File
>> \\"/usr/lib/python3.6/site-packages/ipaserver/install/dns.py\\", line 270,
>> in install_check\\n True, options.ip_addresses)\\n File
>> \\"/usr/lib/python3.6/site-packages/ipaserver/install/installutils.py\\",
>> line 484, in get_server_ip_address\\n raise ScriptError()\\n",
>> "invocation": {"module_args": {"dm_password":
>> "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "password":
>> "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "ip_addresses": [], "domain":
>> "packet.das-schiff.io", "realm": "PACKET.DAS-SCHIFF.IO", "hostname":
>> "freeipa-1.packet.das-schiff.io", "no_host_dns": true, "setup_adtrust":
>> false, "setup_kra": false, "setup_dns": true, "external_ca": false,
>> "allow_zone_overlap": false, "reverse_zones": [], "no_reverse": false,
>> "auto_reverse": false, "forwarders": [], "no_forwar
>> ders": false, "auto_forwarders": true, "no_dnssec_validation": false,
>> "enable_compat": false, "setup_ca": true, "_hostname_overridden": true,
>> "force": false, "ca_cert_files": [], "external_cert_files": [],
>> "external_ca_type": null, "external_ca_profile": null, "subject_base": null,
>> "ca_subject": null, "forward_policy": null, "netbios_name": null,
>> "rid_base": null, "secondary_rid_base": null}}}\n', b'OpenSSH_7.6p1
>> Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017\r\ndebug1: Reading
>> configuration data /home/casibbald/.ssh/config\r\ndebug1:
>> /home/casibbald/.ssh/config line 1: Applying options for *\r\ndebug1:
>> Reading configuration data /etc/ssh/ssh_config\r\ndebug1:
>> /etc/ssh/ssh_config line 19: Applying options for *\r\ndebug1: auto-mux:
>> Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2:
>> mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards:
>> request forwardings: 0 local, 0 remote\r\ndebug3:
>> mux_client_request_session: entering\r\ndebug3: mux_client_re
>> quest_alive: entering\r\ndebug3: mux_client_request_alive: done pid =
>> 3029733\r\ndebug3: mux_client_request_session: session request
>> sent\r\ndebug1: mux_client_request_session: master session id: 2\r\nThe
>> hostname resolves to the localhost address (127.0.0.1/::1)\nPlease change
>> your /etc/hosts file so that the hostname\nresolves to the ip address of
>> your network interface.\nThe KDC service does not listen on
>> localhost\n\nPlease fix your /etc/hosts file and restart the setup
>> program\ndebug3: mux_client_read_packet: read header failed: Broken
>> pipe\r\ndebug2: Received exit status from master 1\r\n')
>> <10.27.3.1> Failed to connect to the host via ssh: OpenSSH_7.6p1
>> Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
>> debug1: Reading configuration data /home/casibbald/.ssh/config
>> debug1: /home/casibbald/.ssh/config line 1: Applying options for *
>> debug1: Reading configuration data /etc/ssh/ssh_config
>> debug1: /etc/ssh/ssh_config line 19: Applying options for *
>> debug1: auto-mux: Trying existing master
>> debug2: fd 3 setting O_NONBLOCK
>> debug2: mux_client_hello_exchange: master version 4
>> debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
>> debug3: mux_client_request_session: entering
>> debug3: mux_client_request_alive: entering
>> debug3: mux_client_request_alive: done pid = 3029733
>> debug3: mux_client_request_session: session request sent
>> debug1: mux_client_request_session: master session id: 2
>> The hostname resolves to the localhost address (127.0.0.1/::1)
>> Please change your /etc/hosts file so that the hostname
>> resolves to the ip address of your network interface.
>
> You need to modify /etc/hosts to ensure that the host FQDN does not
> point to 127.0.0.1 but to its actual IP address.
>
> rob
>
>> The KDC service does not listen on localhost
>>
>> Please fix your /etc/hosts file and restart the setup program
>> debug3: mux_client_read_packet: read header failed: Broken pipe
>> debug2: Received exit status from master 1
>> The full traceback is:
>> File
>> "/tmp/ansible_ipaserver_prepare_payload_0ik3mxe2/ansible_ipaserver_prepare_payload.zip/ansible/modules/ipaserver_prepare.py",
>> line 350, in main
>> File "/usr/lib/python3.6/site-packages/ipaserver/install/dns.py", line 270,
>> in install_check
>> True, options.ip_addresses)
>> File "/usr/lib/python3.6/site-packages/ipaserver/install/installutils.py",
>> line 484, in get_server_ip_address
>> raise ScriptError()
>> fatal: [freeipa-1]: FAILED! => {
>> "changed": false,
>> "invocation": {
>> "module_args": {
>> "_hostname_overridden": true,
>> "allow_zone_overlap": false,
>> "auto_forwarders": true,
>> "auto_reverse": false,
>> "ca_cert_files": [],
>> "ca_subject": null,
>> "dm_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
>> "domain": "packet.das-schiff.io",
>> "enable_compat": false,
>> "external_ca": false,
>> "external_ca_profile": null,
>> "external_ca_type": null,
>> "external_cert_files": [],
>> "force": false,
>> "forward_policy": null,
>> "forwarders": [],
>> "hostname": "freeipa-1.packet.das-schiff.io",
>> "ip_addresses": [],
>> "netbios_name": null,
>> "no_dnssec_validation": false,
>> "no_forwarders": false,
>> "no_host_dns": true,
>> "no_reverse": false,
>> "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
>> "realm": "PACKET.DAS-SCHIFF.IO",
>> "reverse_zones": [],
>> "rid_base": null,
>> "secondary_rid_base": null,
>> "setup_adtrust": false,
>> "setup_ca": true,
>> "setup_dns": true,
>> "setup_kra": false,
>> "subject_base": null
>> }
>> },
>> "msg": ""
>> }
>> ```
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
