I'm setting up a freeIPA replica topology in AWS, and need to have replicas
in different regions, and clients will be in different regions. The IPA
servers will have an external IP, but the hostname of the servers are going
to resolve to the internal IP. I am going to have a domain name for both
the internal and external address, such as ipa01.internal.example.com and
ipa01.public.example.com respectivly.

When preparing the replica for a server in another region, I make sure the
connection check works when using the public domain name (
ipa01.public.example.com), and create the replica file. When installing the
file on the replica, it stops, with the following error message:

This replica was created for 'ipa01.public.example.com' but this machine is
> named ipa01.internal.example.com'

I can get around this by editing /etc/hosts, and I guess I could set up
different DNS Views for different regions, but in reading the freeIPA
<http://www.freeipa.org/page/DNS#DNS_views_.2F_split-horizon_DNS>, DNS
Views / Split Horizon are not recommended. What's the recommended procedure
for a setup like this?

Can anyone point me to documentation that will solve my problem? Has anyone
done a cross-region AWS replication setup?


Steven Viola
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to