Installation troubleshooting

This page goes through common encountered problems during installation and how to deal with these. For troubleshooting problems after installation, please refer to troubleshooting

Installation fails due to repo or meta data

Installation fails with a message that a repo or meta data could not be reached. As a result a package could not be installed

TASK [trinity/openldap : Install OpenLDAP packages] *****************************************************************************************************************************************
fatal: [controller1]: FAILED! => {"changed": false, "msg": "Failed to download metadata for repo 'plus': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried", "rc": 1, "results": []}

This tends to happen on occasion where we rely on external distribution repositories to be available. When one of the mirrors is temporarily unavailable, it causes the errors seen. A rerun of the playbook is the best approach; a simple retry.

Could not bind to openldap

TASK [trinity/sssd : Adding access controler groups to the system] **********************************************************************************************************************
failed: [controller1] (item=admins) => {"ansible_loop_var": "item", "changed": true, "cmd": "/usr/local/sbin/obol group list | grep admins || /usr/local/sbin/obol group add admins", "delta": "0:00:00.195545", "end": "2025-02-10 13:25:41.418735", "item": "admins", "msg": "non-zero return code", "rc": 1, "start": "2025-02-10 13:25:41.223190", "stderr": "[ConnectionError] Failed binding to ldap\n[ConnectionError] Failed binding to ldap", "stderr_lines": ["[ConnectionError] Failed binding to ldap", "[ConnectionError] Failed binding to ldap"], "stdout": "", "stdout_lines": []}

This almost certainly is caused by having a previous openldap configuration in place where a certificate mismatch prevents connecting to the openldap backend. Make sure that there is no legacy in place while trying a complete (re)install of TrinityX.

Details: The symlink to an existing openldap is not present and will be placed. However no files/config is being regenerated. Also see the Installation notes

# ls -l /etc/openldap/
total 20
# the clashing certificates:
drwxr-xr-x. 2 root root 4096 Feb 11 01:44 certs
-rw-r--r--. 1 root root  121 Jul 26  2024 check_password.conf
-rw-r--r--. 1 root root 1545 Feb 11 01:45 ldap.conf
-rw-r--r--. 1 root root  900 Apr 30  2024 ldap.conf.ipabkp
drwxr-xr-x. 2 root root 4096 Feb 11 01:48 schema
# this link:
lrwxrwxrwx. 1 root root   35 Feb 11 01:44 slapd.d -> /trinity/local/etc/openldap/slapd.d