On Аўт, 10 вер 2024, N A via FreeIPA-users wrote:
Alexander, thank you for your time looking over this issue and posting
your suggestion. We have some followup questions regarding this method.
How long does the upgrade take, and will the IPA server be unavailable
during that time? Do we have to do this on both FreeIPA instances?
If the upgrade errors, is it easy to revert or might we get stuck in a
bad state?
The documentation has more details and suggestions. I was unable to find
a similar document for RHEL 7 in a quick search, so there is RHEL 9
version:
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/installing_identity_management/update-downgrade-ipa_installing-identity-management#updating_idm_packages
ipa-server-upgrade is typically run behind the scenes during each
package upgrade. If IPA detects that a particular system has RPM
packages upgraded, on next IPA service restart it will run
ipa-server-upgrade automatically.
IPA server will be unavailable for operations during the time when
ipa-server-upgrade runs.
Typically, again, data upgrade should not lead to a broken situation --
no more than it was before the upgrade started. Especially in this case
where you are not updating actual executables but rather would be
running upgrade process to identify and add missing entries.
There is no guarantee. After all, FreeIPA is provided under GNU GPL v3
licence which has sections 15-17 that are explicit about disclaimer of
warranty, limitation of liability, and their interpretation.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
