Cloned from: https://pagure.io/freeipa/issue/9504
### Issue
The following two tests randomly failed. The root cause is that it didn't wait enough until the dns entry update on replica after nsupdate command.
Currently it depends on the timeout (at least 30 secs) in resolve_records_from_server() via _test_A_rec_against_server() or _test_SRV_rec_against_server(). But, sometime it can time out before the dns entry is updated on replica.
test_integration/test_dns_locations.py::TestDNSLocations::()::test_ipa_ca_records
~~~
self = <ipatests.test_integration.test_dns_locations.TestDNSLocations object at 0x7f70d8d75390>
def test_ipa_ca_records(self):
""" Test ipa-ca dns records with firstly removing the records and then
using the nsupdate generated by dns-update-system-records"""
self.delete_update_system_records(rnames=IPA_CA_A_REC)
expected_servers = (self.master.ip, self.replicas[1].ip)
for ip in (self.master.ip, self.replicas[0].ip, self.replicas[1].ip):
> self._test_A_rec_against_server(ip, self.domain, expected_servers)
expected_servers = ('10.0.197.105', '10.0.197.219')
ip = '10.0.197.42'
self = <ipatests.test_integration.test_dns_locations.TestDNSLocations object at 0x7f70d8d75390>
test_integration/test_dns_locations.py:538:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
test_integration/test_dns_locations.py:182: in _test_A_rec_against_server
name_abs, 'A', server_ip)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
rname = <DNS name ipa-ca.testrelm.test.>, rtype = 'A'
nameserver = '10.0.197.42'
def resolve_records_from_server(rname, rtype, nameserver):
error = None
res = DNSResolver()
res.nameservers = [nameserver]
res.lifetime = 30
logger.info("Query: %s %s, nameserver %s", rname, rtype, nameserver)
# lets try to query 3x
for _i in range(3):
try:
ans = res.resolve(rname, rtype)
logger.info("Answer: %s", ans.rrset)
return ans.rrset
except (dns.resolver.NXDOMAIN, dns.resolver.Timeout) as e:
error = e
time.sleep(10)
pytest.fail("Query: {} {}, nameserver {} failed due to {}".format(
> rname, rtype, nameserver, error))
E Failed: Query: ipa-ca.testrelm.test. A, nameserver 10.0.197.42 failed due to The DNS query name does not exist: ipa-ca.testrelm.test.
_i = 2
error = NXDOMAIN('The DNS query name does not exist: ipa-ca.testrelm.test.',)
nameserver = '10.0.197.42'
res = <ipapython.dnsutil.DNSResolver object at 0x7f70d732f588>
rname = <DNS name ipa-ca.testrelm.test.>
rtype = 'A'
~~~
test_integration/test_dns_locations.py::TestDNSLocations::()::test_adtrust_system_records
~~~
self = <ipatests.test_integration.test_dns_locations.TestDNSLocations object at 0x7f70d73136a0>
def test_adtrust_system_records(self):
""" Test ADTrust dns records with firstly installing a trust then
removing the records and using the nsupdate generated by
dns-update-system-records."""
self.master.run_command(['ipa-adtrust-install', '-U',
'--enable-compat', '--netbios-name', 'IPA',
'-a', self.master.config.admin_password,
'--add-sids'])
# lets re-kinit after adtrust-install and restart named
tasks.kinit_admin(self.master)
tasks.restart_named(self.master)
time.sleep(5)
self.delete_update_system_records(rnames=(r[0] for r in
IPA_DEFAULT_ADTRUST_SRV_REC))
expected_servers = (
(self.PRIO_HIGH, self.WEIGHT, DNSName(self.master.hostname)),
)
for ip in (self.master.ip, self.replicas[0].ip, self.replicas[1].ip):
self._test_SRV_rec_against_server(
ip, self.domain, expected_servers,
> rec_list=IPA_DEFAULT_ADTRUST_SRV_REC)
expected_servers = ((0, 100, <DNS name master.testrelm.test>),)
ip = '10.0.197.42'
self = <ipatests.test_integration.test_dns_locations.TestDNSLocations object at 0x7f70d73136a0>
test_integration/test_dns_locations.py:563:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
test_integration/test_dns_locations.py:196: in _test_SRV_rec_against_server
name_abs, 'SRV', server_ip)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
rname = <DNS name _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.testrelm.test.>
rtype = 'SRV', nameserver = '10.0.197.42'
def resolve_records_from_server(rname, rtype, nameserver):
error = None
res = DNSResolver()
res.nameservers = [nameserver]
res.lifetime = 30
logger.info("Query: %s %s, nameserver %s", rname, rtype, nameserver)
# lets try to query 3x
for _i in range(3):
try:
ans = res.resolve(rname, rtype)
logger.info("Answer: %s", ans.rrset)
return ans.rrset
except (dns.resolver.NXDOMAIN, dns.resolver.Timeout) as e:
error = e
time.sleep(10)
pytest.fail("Query: {} {}, nameserver {} failed due to {}".format(
> rname, rtype, nameserver, error))
E Failed: Query: _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.testrelm.test. SRV, nameserver 10.0.197.42 failed due to The DNS query name does not exist: _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.testrelm.test.
_i = 2
error = NXDOMAIN('The DNS query name does not exist: _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.testrelm.test.',)
nameserver = '10.0.197.42'
res = <ipapython.dnsutil.DNSResolver object at 0x7f70d7347b38>
rname = <DNS name _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.testrelm.test.>
rtype = 'SRV'
~~~
This is related to https://issues.redhat.com/browse/FREEIPA-10544.
Bug
Normal
RHSA-2023:121880
ipa bug fix and enhancement update
