Thanks Rafael. I was hoping to do it in place if at all possible because where things get complicated is the 4.5.4 server is also the internal DNS server that everyone utilizes (we have multiple but people just use the 1 mainly). It really was their "main" server. I added the other two replicas a few years ago to make sure we had something. They contacted me and wanted help to upgrade everything so here I am. Making any modifications to it will probably make everything go heywire (or at least break DNS for everyone). That is unless I get it back immediately by
1. adding a 4th server 2. promoting the 4th server to master 3. decommission the 4.5.4 server 4. reassign the 4th server the same IP as the old 4.5.4 server? 5. upgrade rest of servers Any thoughts? recommendations? On Wed, Feb 8, 2023 at 5:43 AM Rafael Jeffman <rjeff...@redhat.com> wrote: > > > On Tue, Feb 7, 2023 at 6:29 PM Kevin Vasko via FreeIPA-users < > freeipa-users@lists.fedorahosted.org> wrote: > > > > We have a set of 3x freeIPA servers that have outdated (everything) in a > development/test environment that need to be updated. > > > > It seems that 4.6.8-5.el7.centos.12 is the latest version available on > CentOS 7? > > > > We are at on the 3 servers: > > 4.5.4-10.el7.centos.4.4 > > 4.6.4-10-el7.centos.6 > > 4.6.4-10-el7.centos.6 > > > > For the two 4.6.4 installs, that seems relatively simple upgrade as we > would only be going to a different dot release and a simple "yum update > ipa-server" should handle this? Is there any advisement for/against doing a > full "yum update" on the entire system to get everything updated? > > > > For the 4.5.4 system, is there much of a concern going straight from > 4.5.4 to 4.6.8 straight? I assume the concern would be jumping major > versions and going from say 4.5 to 4.9? > > > > My current plan is to stop at CentOS 7.9 and latest FreeIPA 4.6 release > on CentOS 7.9. But for my own knowledge if I was going to 4.10 wouldn't the > recommendation path to upgrade to 4.10, to install CentOS Stream 9 on a new > server, enroll it, make 4.10 the master and then remove the CentOS 7 > instances? > > > > Assuming you can't have a 4th server, Is it possible for you to have only > 2 replicas for some time? If so, you can remove the 4.5.4 server, fully > (cleanly?) upgrade it, add it back, set it as CA master, and repeat the > procedure with the other servers. > > As you are upgrading the whole OS, this would be more in line with the > current recommendation (see > https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/migrating_to_identity_management_on_rhel_8/migrate-7-to-8_migrating > ). > > Rafael > > > -Kevin > > > > > > _______________________________________________ > > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > > To unsubscribe send an email to > freeipa-users-le...@lists.fedorahosted.org > > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org > > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > > > > -- > Rafael Guterres Jeffman > Senior Software Engineer > FreeIPA - Red Hat >
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
