> Hi again,
> A lot of this information has been very useful. I did have a question I
> could not answer. I noticed in the Deployment Recommendations docs, it
> says not to have any more than 4 replication agreements. Perhaps I am
> missing something, but I don't see how to get a replica to be a master
> to be able to create another replicate? Am I missing something obvious
Every IPA install is a master. The only distinction between servers are
the optional services of DNS and a CA. So don't get confused by replica
vs master. Once an IPA server is up it is a master.
We don't recommend any one master to have more than 4 agreements. Each
agreement adds a bit more load on the server to calculate the
differences to send to each one, so you want to keep it reasonable. I'd
recommend making a map of your topology to ensure that no master ends up
alone, or one ends up being overloaded. You can use ipa-replica-manage
to control the replication topology. By default a single agreement is
set up between a new master and the one that created it.
Any master can create a new master.
As you do your installations be sure to have at least 2 masters with a
CA on it to avoid a single point of failure.
> Thank you,
> On 10/13/14 3:18 PM, Dmitri Pal wrote:
>> On 10/12/2014 08:07 PM, James wrote:
>>> On 12 October 2014 19:55, Janelle <janellenicol...@gmail.com> wrote:
>>>> Hi again,
>>>> I was wondering if there were any suggestions for performance of IPA
>>>> settings to sysctl and maybe limits.conf? I tried the website, but
>>>> did not
>>>> see anything. Have about 3000 servers that will be talking to 3-4
>>>> masters/replicas. Are there any formulas to follow?
>>> If you get an answer to this, or if you know of any other performance
>>> tuning params, let me know and I'll build it in to puppet-ipa.
>> I do not think it is easy automatable.
>> Please see http://www.freeipa.org/page/Deployment_Recommendations and
>> part about replicas.
>> If 3000 in one datacenter then 3 is good enough or 4 if you are very
>> LDAP heavy (some applications are like Jira for example).
>> If you have 2 data center I would go for 2+2.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project