Univention Bugzilla – Bug 55137
[4.4] School replica join: 97univention-s4-connector.inst DNS configuration times out in big environments
Last modified: 2023-03-14 13:26:19 CET
We should backport this fix, some bigger customers are affected and cannot upgrade to 5.0 yet +++ This bug was initially created as a clone of Bug #54791 +++ At a school customer, with ~150.000 users, we've seen the following error pretty often during the join of a new school replica server: Wait for bind9: .Restarting bind9 (via systemctl): bind9.service. Restarting samba-ad-dc (via systemctl): samba-ad-dc.service. ....................................................................................................Restarting bind9 (via systemctl): bind9.service. ....................................................................................................Restarting bind9 (via systemctl): bind9.service. See "systemctl status bind9.service" and "journalctl -xe" for details. failed! ************************************************************** * ERROR: Failed to configure Samba4 as backend for bind. * * Please check the samba and the s4-connector logfile.* ************************************************************** This happened, because during the join thousands of objects have been created in UCS and have been added as pickle files for the s4connector. When starting the s4connector during the join, all those files are then processed in order of creation. Oftentimes, the DNS zones necessary for this joinscript are not synced before the timeout of ~20 minutes is reached. The customer then has to wait until the zone is synced and restart the join. It would be good if we could sync the objects needed for the join to complete earlier than the other less important objects.
univention-squid-kerberos.yaml 47523d2cdcda | Bug #55137: yaml univention-squid-kerberos (8.0.0-2) 929b1b729def | Bug #55137: Fix join speed for school systems with s4 on primary univention-squid-kerberos (8.0.0-1) ff2c573d3799 | Bug #55137: schoolserver join often fails in big environments univention-samba4.yaml 47523d2cdcda | Bug #55137: yaml univention-samba4 (8.0.0-38) 929b1b729def | Bug #55137: Fix join speed for school systems with s4 on primary univention-samba4 (8.0.0-37) ff2c573d3799 | Bug #55137: schoolserver join often fails in big environments univention-s4-connector.yaml 47523d2cdcda | Bug #55137: yaml univention-s4-connector (13.0.2-90) ff2c573d3799 | Bug #55137: schoolserver join often fails in big environments
The patch for bug #54791 has now also been backported to UCS 4.4 to prevent the DNS timeout when joining a new school replica server into a very large environment
Sorry for taking so long. As this backport was not prioritised I had to push it away all the time.. School replica join with S4 on master: OK School replica join without S4 on master: OK Join performance increased significantly: OK Jenkins: OK Yaml: OK Verified
<https://errata.software-univention.de/#/?erratum=4.4x1343> <https://errata.software-univention.de/#/?erratum=4.4x1344> <https://errata.software-univention.de/#/?erratum=4.4x1345>