On Thu, 2015-06-11 at 12:38 +0200, Petr Spacek wrote: > On 9.6.2015 15:06, Simo Sorce wrote: > > On Tue, 2015-06-09 at 10:30 +0200, Petr Spacek wrote: > >> Hello, > >> > >> I would like to discuss > >> https://bugzilla.redhat.com/show_bug.cgi?id=1211366 > >> "Error creating a user when jumping from an original server to replica". > >> > >> Currently the DNA ranges are distributed from master to other replicas on > >> first attempt to get a number from particular range. > >> > >> This works well as long as the original master is reachable but fails > >> miserably when the master is not reachable for any reason. > >> > >> It is apparently confusing to users [1][2] because it is counter-intuitive. > >> They have created a replica to be sure that everything will work when the > >> first server is down, right? > >> > >> Remediation is technically simple [3] (just assign a range to the new > >> replica) > >> but it is confusing to the users, error-prone, and personally I feel that > >> this > >> is an unnecessary obstacle. > >> > >> It seems to me that the original motivation for this behavior was that the > >> masters were not able to request range back from other replicas when a > >> local > >> range was depleted. > >> > >> This deficiency is tracked as > >> https://bugzilla.redhat.com/show_bug.cgi?id=1029640 and it is slated for > >> fix > >> in 4.2.x time frame. > >> > >> Can we distribute ranges to the replicas during ipa-replica-install when we > >> fix bug 1029640? > > > > That was not the only reason, another reason is that you do not want to > > distribute and fragment ranges to replicas that will never be used to > > create users. What we should do perhaps, is to automatically give a > > range to CA enabled masters so that at least those servers have a range. > > If all your CAs are unavailable you have major issues anyway. > > > > Though it is a bit bad to have magic behaviors, maybe we should have a > > "main DNA range holder" role that can be assigned to arbitrary servers > > (maybe the first replica gets it by default), and when done the server > > acquire part of the range if it has none. > > This concept sounds good to me! > > I would only reverse the default, i.e. distribute ranges by default to all > replicas and let admin to toggle a knob if he feels that his case really needs > to limit range distribution.
By the time you *feel* that it may be too late. > > Another option is that a replica can instantiate a whole new range if > > all the range bearing servers are not around, but that also comes with > > its own issues. > > > > In general I wouldn't want to split by default, because in domains with > > *many* replicas most of them are used for load balancing and will never > > be used to create users, so the range would be wasted. > > This should not be an issue when > https://bugzilla.redhat.com/show_bug.cgi?id=1029640 is fixed because replicas > will be able to request range back if the local chunk is depleted. > > Is that correct? To some degree, the main issue is when replicas get removed abruptly and are not around to "give back" anything. We would need to start working on a range-scavenging tool to reclaim "lost" ranges if you go and automatically distribute ranges to every replica that ever pops up. Simo. -- Simo Sorce * Red Hat, Inc * New York -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
