Account provider migration fails after NS8 reboot

[DavidePrincipi]

The Account Provider sync fails if the NS8 node is rebooted.

Steps to reproduce

• Connect a NS8 cluster from the migration tool
• Start migration of OpenLDAP
• Sync data
• Reboot the NS8 node
• Sync data

Expected behavior

The Sync run works

Actual behavior

The Sync fails.

In /var/log/ns8-migration.log:

=========== Join cluster Wed, 05 Jun 2024 10:15:23 +0000
ns8-join: The cluster VPN endpoint name cannot be resolved. Please check DNS record and resolution of: rl1.dom.test
=========== Join cluster Wed, 05 Jun 2024 10:16:57 +0000
Joined to cluster leader rl1.dom.test
----------- start account-provider Wed, 05 Jun 2024 10:28:04 +0000
mkdir: created directory ‘/var/lib/nethserver/nethserver-ns8-migration/account-provider’
mkdir: created directory ‘/var/lib/nethserver/nethserver-ns8-migration/account-provider/ldap’
[INFO] Created remote module instance openldap1
[INFO] App account-provider/ldap is bound to rsync://openldap1@10.5.4.1:20013, waiting for task module/openldap1/task/765408bd-721e-4de8-a5bd-bb84481739b3
‘bind.env’ -> ‘ldap/bind.env’
----------- sync account-provider Wed, 05 Jun 2024 10:28:22 +0000
66603dc6 hdb_db_open: warning - no DB_CONFIG file found in directory /var/lib/ldap: (2).
Expect poor performance for suffix "dc=directory,dc=nh".
<f+++++++++ import.env
<f+++++++++ dump-mdb0.ldif
removed ‘dump-mdb0.ldif’
removed ‘import.env’
----------- sync account-provider Wed, 05 Jun 2024 10:29:22 +0000
----------- sync account-provider Wed, 05 Jun 2024 10:35:01 +0000

In /var/log/messages:

Jun  5 10:29:27 nscom2 cockpit-bridge: rsync error: timeout waiting for daemon connection (code 35) at socket.c(281) [sender=3.1.2]
Jun  5 10:29:27 nscom2 cockpit-bridge: /usr/sbin/ns8-check-import: line 47: /usr/share/nethesis/nethserver-ns8-migration/apps/account-provider/bind.env: No suc
h file or directory

By repeating the command on the CLI I get more information:

[root@nscom2 ~]#  echo '{"app":"account-provider","action":"sync"}' | /usr/bin/setsid /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-ns8-migration/migrat
ion/update | jq
{
  "progress": "0.00",
  "time": "0.0",
  "exit": 0,
  "event": "migration-sync",
  "state": "running",
  "step": 0,
  "pid": 0,
  "action": ""
}
rsync: failed to connect to 10.5.4.1 (10.5.4.1): Connection refused (111)
rsync error: error in socket IO (code 10) at clientserver.c(126) [sender=3.1.2]
/usr/sbin/ns8-check-import: line 47: /usr/share/nethesis/nethserver-ns8-migration/apps/account-provider/bind.env: No such file or directory
{
  "pid": 0,
  "status": "failed",
  "event": "migration-sync"
}
{
  "id": "1717583701",
  "type": "ApiFailed",
  "message": "sync account-provider failed"
}

Components

• nethserver-ns8-migration-1.0.12
• core 2.8.1

See also

• https://community.nethserver.org/t/ns7-ns8-migration-stuck-at-last-step/23754

---

Thanks to Andy (issue reported for Samba, instead)

[DavidePrincipi]

Test case 1

Install NS7 with Samba AD + Mail and submodules+(one or more of its submodules, SOGo, Webtop, Connetor, Roundcube). The Mail stack has the same implementation of Account Provider, and the fix involves also that part.

Install also another module, like Nextcloud.

Ensure the bug is not reproducible with Mail and Nextcloud

• start sync of Mail and Nextcloud
• reboot NS8 node
• sync again

...and Finish migration.

Test case 2

Continue from the previous test with the migration of Samba Account Provider.

• start sync of Samba
• reboot NS8 node
• sync again

Finish migration of the Account Provider.

[nethbot]

in 7.9.2009/testing:

• nethserver-ns8-migration-1.0.12-1.13.g12e7dbc.ns7.x86_64.rpm x86_64

[nrauso]

test case 1: VERIFIED

test case 2: VERIFIED

[nethbot]

in 7.9.2009/updates:

• nethserver-ns8-migration-1.0.13-1.ns7.x86_64.rpm x86_64