rpms/ipa
5
0
Fork 0
Code Issues Pull Requests Releases Activity
c10s
ipa/0068-Align-startup_timeout-with-the-systemd-default-and-d.patch
Florence Blanc-Renaud 73e3a943d0 ipa-4.12.2-14 
- Resolves: RHEL-78766 Include latest fixes in python3-ipatests package
- Resolves: RHEL-77965 ipa-server-install failing on slow hsm

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2025-02-11 18:09:01 +01:00

85 lines
4.3 KiB
Diff
Raw Permalink Blame History

From 22cbc5ed4889d6c66e2916d5acde582b1868fbc9 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Mon, 10 Feb 2025 10:45:39 -0500
Subject: [PATCH] Align startup_timeout with the systemd default and document
it
We had it set to 120 seconds while the systemd default is 90.
They should be the same because the first one that times out "wins".
Move where during the installation we create the systemd override
file so that the timeout will be applied across all subsequent
server starts during and post installation.
Fixes: https://pagure.io/freeipa/issue/9743
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
---
client/man/default.conf.5 | 2 +-
ipalib/constants.py | 5 +++--
ipaserver/install/cainstance.py | 3 ++-
3 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/client/man/default.conf.5 b/client/man/default.conf.5
index e0aec21f725d88ce2ba3cf52901fb15575892cde..461c60134124ed3e31e17ac350576487fda4c46e 100644
--- a/client/man/default.conf.5
+++ b/client/man/default.conf.5
@@ -191,7 +191,7 @@ Specifies the IPA Server hostname.
Skip client vs. server API version checking. Can lead to errors/strange behavior when newer clients talk to older servers. Use with caution.
.TP
.B startup_timeout <time in seconds>
-Controls the amount of time waited when starting a service. The default value is 120 seconds.
+Controls the amount of time waited when starting a service. The default value is 90 seconds, the same as the default systemd startup timeout. If configuring a CA the startup_timeout value will be added as an override for TimeoutStartSec in systemd. If installation times out when starting the CA create /etc/ipa/installer.conf with this value set.
.TP
.B startup_traceback <boolean>
If the IPA server fails to start and this value is True the server will attempt to generate a python traceback to make identifying the underlying problem easier.
diff --git a/ipalib/constants.py b/ipalib/constants.py
index c90caa22149ec3d93d45fcb5480f7401e4555799..2e4c9a8336efae9e02febd6d04ec226c84af255f 100644
--- a/ipalib/constants.py
+++ b/ipalib/constants.py
@@ -189,8 +189,9 @@ DEFAULT_CONFIG = (
# Time to wait for a service to start, in seconds.
# Note that systemd has a DefaultTimeoutStartSec of 90 seconds. Higher
- # values are not effective unless systemd is reconfigured, too.
- ('startup_timeout', 120),
+ # values are not effective unless systemd is reconfigured, too. Or you
+ # can update the systemd service file with its own TimeoutStartSec.
+ ('startup_timeout', 90),
# How long http connection should wait for reply [seconds].
('http_timeout', 30),
# How long to wait for an entry to appear on a replica
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index c8ecde8f2e9649d57012fcda937ee5816105df4e..3466c308829a576589874015542da9ea88bc2a2f 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -453,6 +453,7 @@ class CAInstance(DogtagInstance):
if promote:
self.step("destroying installation admin user",
self.teardown_admin)
+ self.step("updating IPA configuration", update_ipa_conf)
# Materialize config changes and new ACLs
self.step("starting certificate server instance",
self.start_instance)
@@ -480,7 +481,6 @@ class CAInstance(DogtagInstance):
self.step("configure certificate renewals", self.configure_renewal)
self.step("Configure HTTP to proxy connections",
self.http_proxy)
- self.step("updating IPA configuration", update_ipa_conf)
self.step("enabling CA instance", self.__enable_instance)
if not promote:
if self.clone:
@@ -2453,6 +2453,7 @@ def update_ipa_conf(ca_host=None):
parser.set('global', 'enable_ra', 'True')
parser.set('global', 'ra_plugin', 'dogtag')
parser.set('global', 'dogtag_version', '10')
+ parser.set('global', 'startup_timeout', api.env.startup_timeout)
if ca_host is None:
parser.remove_option('global', 'ca_host')
else:
--
2.48.1
Reference in New Issue View Git Blame Copy Permalink