Hi, I was not able to reproduce this issue: # ipa host-add myhost.ipa.test --ip-address $IP # ipa dnsrecord-find ipa.test >> shows myhost.ipa.test has been added
# ipa host-add-principal myhost host/myalias.ipa.test # ipa dnsrecord-find ipa.test >> no new record added DNS records are added when the command "ipa host-add --ip-address" is used, when a host is joined with ipa-client-install, or when "ipa dnsrecord-add" is called. You can check in /var/log/httpd/error_log if you find trace of such a command. flo On Mon, Sep 13, 2021 at 1:46 PM Buckley Ross via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote: > Hello, > > I'm trying to provision an HTTP service principal for a containerized > service. The host on which the container is running also has a kerberized > HTTP service running on it with a separate service principal (both services > are highly critical, but for different systems, and thus should probably > have separate keytabs). > > Since both services share an IP address (but are serving HTTP on different > ports), this seemed like a perfect application of kerberos host aliases. > However, when I provisioned a host alias with `ipa host-add-principal > myHost host/myAlias.domain.com`, I found that on DNS records were > provisioned for `myAlias.domain.com`, thus making the alias completely > useless for resolving to the container. Is this a bug in the host-alias > system, or am I missing something? > > Thank you for your time. > > Thank you, > Buckley Ross > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure >
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure