On 03/25/2017 12:55 AM, Terence Kent wrote:

We've been using the FreeIPA docker image for a few years now with great success. I really can't overstate how much we get by using a container deployment for FreeIPA. We can now easily test anything from version upgrades to orchestration code against either test data and our production data set. That, and we get all the typical docker goodness (we can easily move the container between hosts, change the underlying OS independently, etc, etc).

That said, lots of the work in the freeipa docker image's gitrepo are things that seem like they belong in the freeipa main codebase. We've had to trace through the freeipa-container source from time to time to diagnose issues and we see situations where the docker build file actually modifies python code using text replaces.

This seems both easily breakable and like a lot more work than just modifying the source file to optionally support whatever a containerized environment needs. Is there a reason to keep container support out of the main freeipa project?



we have plans to update FreeIPA codebase to avoid hacks in Docker, but we had more prioritized tasks to do. However we are looking forward to merging community patches to have synchronized FreeIPA code base and containerized FreeIPA

It was separated due rapid FreeIPA container development to make it possible to work ASAP without waiting for FreeIPA core.


Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to