在安装ipa多主时:
ipa-replica-install –setup-dns –forwarder 8.8.8.8 –setup-ca –auto-reverse –principal admin –admin-password XXXXX
执行以上命令安装时, 一直在报错:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
[28/44]: restarting directory server ipa : CRITICAL Failed to restart the directory server (Command '/bin/systemctl restart dirsrv@YONYOUIUAP-COM.service' returned non-zero exit status 1). See the installation log for details. [29/44]: setting up initial replication [error] error: [Errno 111] 拒绝连接 Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. ipa.ipapython.install.cli.install_tool(Replica): ERROR [Errno 111] 拒绝连接 ipa.ipapython.install.cli.install_tool(Replica): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information [root@freeipa1-iuap-hb2-ali sean]# ipa-replica-install --principal admin --admin-password xxxxxxx ipa.ipapython.install.cli.install_tool(Replica): ERROR IPA server is already configured on this system. If you want to reinstall the IPA server, please uninstall it first using 'ipa-server-install --uninstall'. ipa.ipapython.install.cli.install_tool(Replica): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information |
查了下google, 终于找到一篇文章: https://pagure.io/freeipa/issue/6613
具体就是: pki-tomcat的8009端口没启来, 原因是:
This is a duplicate of https://fedorahosted.org/freeipa/ticket/6575.
We’re working on a fix. As mentioned in comment:16, changing ::1 to localhost or 127.0.0.1 in /var/lib/pki/pki-tomcat/conf/server.xml in ‘address’ field of AJP/1.3 Connector fixes the issue.
netstat -tupnl | grep 8009
开始修改:
vim /var/lib/pki/pki-tomcat/conf/server.xml
将
<Connector port=”8009″ protocol=”AJP/1.3″ redirectPort=”8443″ address=”::1″ />
改为:
<Connector port=”8009″ protocol=”AJP/1.3″ redirectPort=”8443″ address=”127.0.0.1″ />
重启ipa:
ipactl restart
查看端口:
[root@jump1-iuap-hb2-ali tomcat]# netstat -tupnl | grep 8009
tcp 0 0 127.0.0.1:8009 0.0.0.0:* LISTEN 25314/java
8009已经启来了, 再次重试安装replica, 大功告成!
注: 安装replica, 千万别忘加–setup-dns –forwarder 8.8.8.8 –setup-ca 参数!!!!
repelica安装失败, 一般是缺少目录:
2 Comments
Vince Raspberry · 06/22/2020 at 5:35 PM
This will be a terrific website, would you be interested in doing an interview about how you designed it? If so e-mail me!
Anthony Pantaleon · 07/04/2020 at 9:18 PM
It’s actually a nice and useful piece of info. I’m happy that you shared this useful info with us. Please stay us up to date like this. Thank you for sharing.