I posted the following in IRC. The question was so involved that I decided
it would probably be best to just join the users mailing list and ask
here. So, here I am.
Please let me know your thoughts/questions/comments.
[22:29] <wrale-josh> hello.. i'm building an virtualization cluster of six
nodes [on a common 10GbE LAN] to house administrative functions (e.g.
logstash) for a mid-size environment.. i'm using gluster (replica 3), ovirt
self-hosted engine and freeipa. fencing will be done via ipmi. distro is
Fedora 19. Anyway, because FreeIPA is so fundamental to the cluster and
the environment at large, I'm thinking of having replicas on all six
servers (bare metal).. (cont.)
[22:30] <wrale-josh> I read some about the trust relationships. I read on
the mailing list that upwards of 20 server environments have been tested. What
kind of method of trust should i use so that any two servers can be down at
any given time, with no loss of service?
[22:32] <wrale-josh> I think I'd need a minimum of three FreeIPA servers to
gain the ability to lose two servers without service interruption. Should
I, for example, make nodes 2 and 3 have trust with node 1 but not each
[22:33] <wrale-josh> And if I were to do six nodes, what should that look
like, so far as trust is conerned?
[22:36] <wrale-josh> Ahem.. And is there any odd vs. even quantity for
quorum analog here (ala gluster wanting even number of nodes, vs. zookeeper
wanting an odd number of nodes)?
[22:36] <wrale-josh> (i think i'll just send this to the mailing list).. :)
Freeipa-users mailing list