On 04/28/2014 01:03 PM, Bret Wortman wrote:
> We are planning to reconfigure our core Freeipa servers, basically building a 
> replacement infrastructure and migrating to it. What we're planning right now 
> is 
> a core of three Freeipa servers each of which has a CA, with as much 
> distribution of replication as we can manage. I imagine that means one of 
> them 
> replicates to the other two but am open to other ideas.

You can configure them to replica to each other.

> For remote locations, we're planning to stand up caching-only DNS servers, as 
> authenticating back to the main IPA servers works extremely well; it's just 
> DNS 
> that needs a little help.
> 
> Any thoughts before I start setting these servers (VMs, most likely) up?

You may want to read our upstream Deployment Recommendations article, it may
save you some bad decisions from the start:

http://www.freeipa.org/page/Deployment_Recommendations

If we see that we missed anything in this article, it would be great to enhance 
it.

Martin

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to