periodic-tripleo-ci-centos-8-standalone-on-multinode-ipa-${release} and periodic-tripleo-ci-centos-8-ovb-3ctlr_1comp_1supp-featureset039-${release} jobs are failing when configuring IPA server. These jobs have been using 1.1.1.1 as their DNS forwarder.
Logs are linked below:
https://logserver.rdoproject.org/openstack-periodic-integration-main/opendev.org/openstack/tripleo-ci/master/periodic-tripleo-ci-centos-8-standalone-on-multinode-ipa-master/955ad83/job-output.txt
2021-10-14 09:32:36.747754 | primary | TASK [ipa-multinode : configure FreeIPA - with unbound forwarder] **************
2021-10-14 09:32:36.747798 | primary | Thursday 14 October 2021 09:32:36 +0000 (0:00:00.919) 0:02:46.266 ******
2021-10-14 09:33:03.433361 | primary | fatal: [subnode-1]: FAILED! => {
2021-10-14 09:33:03.433706 | primary | "changed": true,
2021-10-14 09:33:03.433742 | primary | "cmd": "ipa-server-install --realm OOO.TEST --ds-password fce95318204114530f31f885c9df588f --admin-password fce95318204114530f31f885c9df588f --hostname ipa.ooo.test --setup-dns --forwarder 1.1.1.1 --unattended --ip-address 38.102.83.221\n",
2021-10-14 09:33:03.433795 | primary | "delta": "0:00:26.180424",
2021-10-14 09:33:03.433811 | primary | "end": "2021-10-14 09:33:03.384398",
2021-10-14 09:33:03.433847 | primary | "rc": 1,
2021-10-14 09:33:03.433890 | primary | "start": "2021-10-14 09:32:37.203974"
2021-10-14 09:33:03.433910 | primary | }
....
2021-10-14 09:33:03.434193 | primary | Checking DNS domain ooo.test., please wait ...
2021-10-14 09:33:03.434199 | primary | DNS check for domain ooo.test. failed: The DNS operation timed out after 24.011840343475342 seconds.
2021-10-14 09:33:03.434221 | primary | DNS server 1.1.1.1: query '. SOA': All nameservers failed to answer the query . IN SOA: Server 1.1.1.1 UDP port 53 answered A DNS query response does not respond to the question asked.
2021-10-14 09:33:03.434239 | primary | DNS server 1.1.1.1: query '. SOA': All nameservers failed to answer the query . IN SOA: Server 1.1.1.1 UDP port 53 answered A DNS query response does not respond to the question asked.
2021-10-14 09:33:03.434248 | primary | The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information
https://logserver.rdoproject.org/91/33791/3/check/periodic-tripleo-ci-centos-8-ovb-3ctlr_1comp_1supp-featureset039-wallaby/14e49e5/logs/supplemental/var/log/ipaserver-install.log.txt.gz
2021-10-14 09:33:03.434193 | primary | Checking DNS domain ooo.test., please wait ...
2021-10-14 09:33:03.434199 | primary | DNS check for domain ooo.test. failed: The DNS operation timed out after 24.011840343475342 seconds.
2021-10-14 09:33:03.434221 | primary | DNS server 1.1.1.1: query '. SOA': All nameservers failed to answer the query . IN SOA: Server 1.1.1.1 UDP port 53 answered A DNS query response does not respond to the question asked.
2021-10-14 09:33:03.434239 | primary | DNS server 1.1.1.1: query '. SOA': All nameservers failed to answer the query . IN SOA: Server 1.1.1.1 UDP port 53 answered A DNS query response does not respond to the question asked.
2021-10-14 09:33:03.434248 | primary | The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information
The following patch switches the DNS forwarders for fs039. See also comment to use vexxhost resolvers.
https://review.opendev.org/c/openstack/tripleo-ci/+/813627
Please check in afaranha and lance on this - see patch mentioned above