I have a nice hard working cluster of 3 FreeIPA servers in an AWS
account and VPC; all fully patched and updated as of yesterday.
However we have a fancy new "Shared Services" AWS account and central
VPC all wired up via Transit Gateway to be reachable by all of our other
accounts and environments and I need to start the process of moving the
FreeIPA cluster into the new SharedServices environment. Moving FreeIPA
into the new shared environment will extend our RBAC abilities
automatically into any new AWS environment we build which would be
really nice.
I've got an AWS AMI image of each of the FreeIPA systems taken last
night; was thinking of just launching the AMI in the new AWS account and
altering DNS to point to the new IP address it will receive. If I move
one server at a time very slowly I was thinking that replication would
catch up and things would be OK.
Is this sensible? Or am I better off building a fresh servers with new
replication agreements and then slowly sun-setting the original cluster
node members over time?
TL/DR: what is the risk of booting up a configured FreeIPA server with a
new IP address? Thanks!
Regards
Chris
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
