Dimitar Georgievski wrote:
This question is really about HA of FreeIPA. I've noticed that new
records cannot be added on the replica server while the primary is down.
Ideally these services should be always available even when the Primary
server is down (for maintenance or other reasons).
Is it possible to have another Primary server replicating with the first
Primary or to use one of the Replica servers to manage records while the
Primary server is down.
All servers in IPA are equal masters, the only difference may be the
services running on any given server (DNS and a CA).
The exception is if a master runs out of DNA values or has never been
used to add an entry that requires one and the original IPA master is
down. An IPA server will request a DNA range the first time it needs one
but doesn't get one until then. I'm guessing that is what happened.
I believe IPA 3.3 added some options to ipa-replica-manage to be able to
control the DNA configuration.
rob
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
