OK - thanks.
But is there any way IPA can be tweaked to do this without an "external"
product (albeit a Red Hat one)? Is it possible for the sssd clients to
round-robin their requests between 2 or more servers? Is this an sssd
question or generic enough to be in this list? Would this
functionallity be of use to freeIPA in general? (my view = yes)
Duncan Innes | Linux Architect
From: Mark St. Laurent [mailto:mstla...@redhat.com]
Sent: 20 August 2012 15:15
To: Innes, Duncan
Subject: Re: [Freeipa-users] Specifying load balancing to SSSD
Norman "Mark" St. Laurent
Federal Team: Senior Solutions Architect
8260 Greensboro Drive, Suite 300
McLean VA, 22102
Check this Link out!!! Cool Stuff: http://mil-oss.org/
From: "Duncan Innes" <duncan.in...@virginmoney.com>
Sent: Monday, August 20, 2012 9:48:30 AM
Subject: [Freeipa-users] Specifying load balancing to SSSD
Hopefully this isn't a dumb question, but I'm constrained by a
things on my estate and would be looking to deploy something
2 IPA servers at each datacentre
ipa1.domain.com \_ datacentre A
ipa3.domain.com \_ datacentre B
The datacentres are linekd, but bandwidth not great.
Client's in datacentre A should therefore use ipa1.domain.com
ipa2.domain.com as primary servers and only fail over to ipa3 &
when both 1 & 2 are out of action. Clients would revert to
ipa1/ipa2 whenever either of them came back online.
I understand this configuration has already been done as part of
What I'm wondering is if I can force my clients to load balance
communication between ipa1 & ipa2.
I don't have the ability to use the _srv_ records in DNS as
up for the AD servers on our network. I also can't create
servers for the Linux estate (not that I'd particularly want
Is there any current configuration that I can use to force load
balancing between ipa1/ipa2 under ideal conditions. Falling
ipa2 when ipa1 is out of action. Falling back to (load balanced
perhaps?) ipa3/ipa4 when ipa1 & ipa2 are both out of action.
Hope the description is reasonable.
Duncan Innes | Linux Architect
Northern Rock plc is part of the Virgin Money group of companies.
This e-mail is intended to be confidential to the recipient. If you receive a
copy in error, please inform the sender and then delete this message.
Virgin Money Personal Financial Service Limited is authorised and regulated by
the Financial Services Authority. Company no. 3072766.
Virgin Money Unit Trust Managers Limited is authorised and regulated by the
Financial Services Authority. Company no. 3000482.
Virgin Money Cards Limited. Introducer appointed representative only of Virgin
Money Personal Financial Service Limited. Company no. 4232392.
Virgin Money Management Services Limited. Company no. 3072772.
Virgin Money Holdings (UK) Limited. Company no. 3087587.
Each of the above companies is registered in England and Wales and has its
registered office at Discovery House, Whiting Road, Norwich NR4 6EJ.
Northern Rock plc. Authorised and regulated by the Financial Services
Authority. Registered in England and Wales (Company no. 6952311) with its
registered office at Northern Rock House, Gosforth, Newcastle upon Tyne NE3
The above companies use the trading name Virgin Money.
Freeipa-users mailing list