Hello,
The subject of provisioning was discussed
https://www.redhat.com/archives/freeipa-devel/2016-May/msg00065.html. The
documentation of the provisioning procedure is still going on but
reviewing it I have a doubt about RetroCL/Content_Sync.
Provisioning will be done with high recommendations/constraints:
* The provisioned instance should not be accessed by ldap client
during provisioning.
* The IPA deployment should contain only one server (the one used
for provisioning) in order to prevent replication latency
During provisioning, disabling RetroCL/Content_Sync gives a ~10%
improvements (reducing the #ADD).
The drawback of disabling RetroCL/Content_Sync is that the
provisioned instance will not be able to send provisioned entries
through syncRepl.
Now considering that the provisioned instance is unique in the
topology and will do full init of replicas, I think SyncRepl is
useless and then we can disable RetroCL/Content_Sync during
provisioning.
Anyone is seeing a problem if those plugins are disabled during
provisioning ?
thanks
thierry
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
