On 03/25/2017 12:55 AM, Terence Kent wrote:
We've been using the FreeIPA docker image for a few years now with
great success. I really can't overstate how much we get by using a
container deployment for FreeIPA. We can now easily test anything from
version upgrades to orchestration code against either test data and
our production data set. That, and we get all the typical docker
goodness (we can easily move the container between hosts, change the
underlying OS independently, etc, etc).
That said, lots of the work in the freeipa docker image's gitrepo are
things that seem like they belong in the freeipa main codebase. We've
had to trace through the freeipa-container source from time to time to
diagnose issues and we see situations where the docker build file
actually modifies python code using text replaces.
This seems both easily breakable and like a lot more work than just
modifying the source file to optionally support whatever a
containerized environment needs. Is there a reason to keep container
support out of the main freeipa project?
we have plans to update FreeIPA codebase to avoid hacks in Docker, but
we had more prioritized tasks to do. However we are looking forward to
merging community patches to have synchronized FreeIPA code base and
It was separated due rapid FreeIPA container development to make it
possible to work ASAP without waiting for FreeIPA core.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project