I recently tried to install freeipa with ansible this collection, but i have some troubles. My server get's an error:
TASK [freeipa.ansible_freeipa.ipaserver : Install - Setup CA] **************************************************************************************************************************************************
fatal: [freeipa.local]: FAILED! => {"changed": false, "module_stderr": "Shared connection to 10.10.10.10 closed.\r\n", "module_stdout": "Failed to configure CA instance\r\nSee the installation logs and the following files/directories for more information:\r\n /var/log/pki/pki-tomcat\r\nTraceback (most recent call last):\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1715091297.839199-16334-267785926845212/AnsiballZ_ipaserver_setup_ca.py\", line 107, in <module>\r\n _ansiballz_main()\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1715091297.839199-16334-267785926845212/AnsiballZ_ipaserver_setup_ca.py\", line 99, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1715091297.839199-16334-267785926845212/AnsiballZ_ipaserver_setup_ca.py\", line 48, in invoke_module\r\n run_name='__main__', alter_sys=True)\r\n File \"/usr/lib64/python3.6/runpy.py\", line 205, in run_module\r\n return _run_module_code(code, init_globals, run_name, mod_spec)\r\n File \"/usr/lib64/python3.6/runpy.py\", line 96, in _run_module_code\r\n mod_name, mod_spec, pkg_name, script_name)\r\n File \"/usr/lib64/python3.6/runpy.py\", line 85, in _run_code\r\n exec(code, run_globals)\r\n File \"/tmp/ansible_freeipa.ansible_freeipa.ipaserver_setup_ca_payload_ek7epr3z/ansible_freeipa.ansible_freeipa.ipaserver_setup_ca_payload.zip/ansible_collections/freeipa/ansible_freeipa/plugins/modules/ipaserver_setup_ca.py\", line 417, in <module>\r\n File \"/tmp/ansible_freeipa.ansible_freeipa.ipaserver_setup_ca_payload_ek7epr3z/ansible_freeipa.ansible_freeipa.ipaserver_setup_ca_payload.zip/ansible_collections/freeipa/ansible_freeipa/plugins/modules/ipaserver_setup_ca.py\", line 379, in main\r\n File \"/usr/lib/python3.6/site-packages/ipaserver/install/ca.py\", line 355, in install_step_0\r\n pki_config_override=options.pki_config_override,\r\n File \"/usr/lib/python3.6/site-packages/ipaserver/install/cainstance.py\", line 501, in configure_instance\r\n self.start_creation(runtime=runtime)\r\n File \"/usr/lib/python3.6/site-packages/ipaserver/install/service.py\", line 635, in start_creation\r\n run_step(full_msg, method)\r\n File \"/usr/lib/python3.6/site-packages/ipaserver/install/service.py\", line 621, in run_step\r\n method()\r\n File \"/usr/lib/python3.6/site-packages/ipaserver/install/cainstance.py\", line 627, in __spawn_instance\r\n nolog_list=nolog_list\r\n File \"/usr/lib/python3.6/site-packages/ipaserver/install/dogtaginstance.py\", line 227, in spawn_instance\r\n self.handle_setup_error(e)\r\n File \"/usr/lib/python3.6/site-packages/ipaserver/install/dogtaginstance.py\", line 606, in handle_setup_error\r\n ) from None\r\nRuntimeError: CA configuration failed.\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
And logs from ipaserver-install:
INFO: Enabling CA subsystem
INFO: Creating /etc/pki/pki-tomcat/Catalina/localhost/ca.xml
INFO: Starting PKI server
DEBUG: Command: systemctl start pki-tomcatd@pki-tomcat.service
INFO: Waiting for PKI server to start
INFO: Waiting for PKI server to start (16s)
INFO: Waiting for PKI server to start (32s)
INFO: Waiting for PKI server to start (48s)
INFO: Waiting for PKI server to start (64s)
INFO: Waiting for PKI server to start (80s)
INFO: Waiting for PKI server to start (96s)
INFO: Waiting for PKI server to start (112s)
Exception: Server did not start after 120s
File "/usr/lib/python3.6/site-packages/pki/server/pkispawn.py", line 575, in main
scriptlet.spawn(deployer)
File "/usr/lib/python3.6/site-packages/pki/server/deployment/scriptlets/configuration.py", line 703, in spawn
timeout=deployer.request_timeout)
File "/usr/lib/python3.6/site-packages/pki/server/__init__.py", line 365, in start
max_wait) from e
2024-05-07T14:17:56Z CRITICAL Failed to configure CA instance
2024-05-07T14:17:56Z CRITICAL See the installation logs and the following files/directories for more information:
2024-05-07T14:17:56Z CRITICAL /var/log/pki/pki-tomcat
2024-05-07T14:17:56Z DEBUG Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", line 635, in start_creation
run_step(full_msg, method)
File "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", line 621, in run_step
method()
File "/usr/lib/python3.6/site-packages/ipaserver/install/cainstance.py", line 627, in __spawn_instance
nolog_list=nolog_list
File "/usr/lib/python3.6/site-packages/ipaserver/install/dogtaginstance.py", line 227, in spawn_instance
self.handle_setup_error(e)
File "/usr/lib/python3.6/site-packages/ipaserver/install/dogtaginstance.py", line 606, in handle_setup_error
) from None
RuntimeError: CA configuration failed.
2024-05-07T14:17:56Z DEBUG [error] RuntimeError: CA configuration failed.
2024-05-07T14:17:56Z DEBUG Removing /root/.dogtag/pki-tomcat/ca
Debug log from service (/var/log/pki/pki-tomcat/ca/debug.2024-05-07.log) i got:
As you can see the server tomcat is started but, i am getting "Exception: Server did not start after 120s". How can I repair this issue, or resolve problem? When i am running install playbook once again almost all tasks are skipped.
I recently tried to install freeipa with ansible this collection, but i have some troubles. My server get's an error:
And logs from ipaserver-install:
Debug log from service (/var/log/pki/pki-tomcat/ca/debug.2024-05-07.log) i got:
As you can see the server tomcat is started but, i am getting "Exception: Server did not start after 120s". How can I repair this issue, or resolve problem? When i am running install playbook once again almost all tasks are skipped.