We've been using the FreeIPA docker image for a few years now with great
success. I really can't overstate how much we get by using a container
deployment for FreeIPA. We can now easily test anything from version
upgrades to orchestration code against either test data and our
production data set. That, and we get all the typical docker goodness
(we can easily move the container between hosts, change the underlying
OS independently, etc, etc).
That said, lots of the work in the freeipa docker image's gitrepo are
things that seem like they belong in the freeipa main codebase. We've
had to trace through the freeipa-container source from time to time to
diagnose issues and we see situations where the docker build file
actually modifies python code using text replaces.
This seems both easily breakable and like a lot more work than just
modifying the source file to optionally support whatever a containerized
environment needs. Is there a reason to keep container support out of
the main freeipa project?
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project