But the problem here is that those two commands doesn't show my broken replica
чт, 7 нояб. 2024 г. в 18:27, Florence Blanc-Renaud <f...@redhat.com>:
>
> Hi,
>
> Agreements cannot be deleted directly, you need to use the command "ipa
> topologysegment-del".
> First use "ipa topologysegment-find domain" and "ipa topologysegment-find ca"
> to list the replication segments for IPA data and certs data, then "ipa
> topologysegment-del ipa <name>" and "ipa topologysegment-del domain <name>".
>
> HTH,
> flo
>
> On Thu, Nov 7, 2024 at 7:30 AM alexey safonov via FreeIPA-users
> <freeipa-users@lists.fedorahosted.org> wrote:
>>
>> wow, thanks.
>> that one shows the missed replica, so how to delete this agreement?
>>
>> ср, 6 нояб. 2024 г. в 21:12, Rob Crittenden <rcrit...@redhat.com>:
>> >
>> > alexey safonov wrote:
>> > > I'm not sure what is meto here, as the server name was
>> > > gcp-nas-vm01.int and it was never successfully added/replicated to the
>> > > IPA cluster due to connectivity error. any way, I tried both commands
>> > > and they are giving
>> > >
>> > > ipa server-del metogcp-nas-vm01.int --force
>> > > Removing metogcp-nas-vm01.int.quantbox.in from replication topology,
>> > > please wait...
>> > > ipa: WARNING: Forcing removal of metogcp-nas-vm01.int
>> > > ipa: WARNING: Failed to cleanup metogcp-nas-vm01.int DNS entries: no
>> > > matching entry found
>> > > ipa: WARNING: You may need to manually remove them from the tree
>> > > ipa: WARNING: Server has already been deleted
>> > > -----------------------------------------------------
>> > > Deleted IPA server "metogcp-nas-vm01.int"
>> > > -----------------------------------------------------
>> > > ipa server-del gcp-nas-vm01.int --force
>> > > Removing gcp-nas-vm01.int from replication topology, please wait...
>> > > ipa: WARNING: Forcing removal of gcp-nas-vm01.int
>> > > ipa: WARNING: Failed to cleanup gcp-nas-vm01.int DNS entries: no
>> > > matching entry found
>> > > ipa: WARNING: You may need to manually remove them from the tree
>> > > ipa: WARNING: Server has already been deleted
>> > > -------------------------------------------------
>> > > Deleted IPA server "gcp-nas-vm01.int"
>> > > -------------------------------------------------
>> > >
>> > > but ipa-healtcheck error is still persist
>> >
>> > ipa-replica-manage by itself basically just lists the IPA servers.
>> >
>> > To see the agreements on a server add -v $HOSTNAME.
>> >
>> > rob
>> >
>> > >
>> > > пн, 4 нояб. 2024 г. в 23:00, Rob Crittenden <rcrit...@redhat.com>:
>> > >>
>> > >> alexey safonov via FreeIPA-users wrote:
>> > >>> I tried to play with an additional replica, but in the end decided to
>> > >>> remove it, and now getting
>> > >>>
>> > >>> [
>> > >>> {
>> > >>> "source": "ipahealthcheck.ds.replication",
>> > >>> "check": "ReplicationCheck",
>> > >>> "result": "ERROR",
>> > >>> "uuid": "ad00082d-22ae-4928-ae08-6e7177918fc6",
>> > >>> "when": "20241104091521Z",
>> > >>> "duration": "10.592736",
>> > >>> "kw": {
>> > >>> "key": "DSREPLLE0005",
>> > >>> "items": [
>> > >>> "Replication",
>> > >>> "Agreement"
>> > >>> ],
>> > >>> "msg": "The replication agreement (metogcp-nas-vm01.int) under
>> > >>> \"dc=int\" is not in synchronization,\nbecause the consumer server is
>> > >>> not reachable."
>> > >>> }
>> > >>> }
>> > >>> ]
>> > >>>
>> > >>>
>> > >>> That's correct. Server gcp-nas-vm01.int is not reachable anymore, but
>> > >>> I see no such server in replica-list or agreement list. How can I
>> > >>> clean up/remove that alarm?
>> > >>>
>> > >>> ipa-replica-manage list
>> > >>> qb-mum-vm01.int: master
>> > >>> qb-mum-vm02.int: master
>> > >>> qb-bg-vm01.int: master
>> > >>>
>> > >>>
>> > >>> ipa-csreplica-manage list
>> > >>> Directory Manager password:
>> > >>>
>> > >>> qb-mum-vm01.int: master
>> > >>> qb-mum-vm02.int: CA not configured
>> > >>> qb-bg-vm01.int: CA not configured
>> > >>>
>> > >>
>> > >> How did you remove the replica?
>> > >>
>> > >> You can try running ipa-server-del metogcp-nas-vm01.int --force
>> > >>
>> > >> rob
>> > >>
>> > >
>> >
>> --
>> _______________________________________________
>> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
>> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
>> Fedora Code of Conduct:
>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
>> List Archives:
>> https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
>> Do not reply to spam, report it:
>> https://pagure.io/fedora-infrastructure/new_issue
--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
