subject:"\[Freeipa\-users\] OS migration from Fedora to CentOS\?"

Re: [Freeipa-users] OS migration from Fedora to CentOS?

2016-07-19 Thread Prashant Bapat

I was in the exact same situation. Had to upgraded from FC21 (4.1.4) to
CentOS 7.2 (4.2.0). Upgrade went thru fine thanks to this thread :-)

For migrating the DNA ranges, I used this link
https://blog-rcritten.rhcloud.com/?p=50 Is this fine?

Thanks.

On 10 February 2016 at 15:02, Martin Kosek  wrote:

> On 02/05/2016 11:35 AM, Petr Vobornik wrote:
> > On 02/04/2016 06:14 PM, Christophe TREFOIS wrote:
> >> Hi all,
> >>
> >> We are currently running a 3-replica (all are setup with the —setup-ca
> flag)
> >> cluster on Fedora 21, with FreeIPA 4.1.4.
> >>
> >> We would like to slowly upgrade to the new version and move away from
> Fedora
> >> to CentOS 7.2.
> >>
> >> We were thinking of the following:
> >>
> >> - Create 3 CentOS machines with —setup-ca flag so that our current
> cluster is 6.
> >> The first CentOS VM would then probably update the DB schema to the new
> >> FreeIPA version.
> >> - Remove the Fedora VMs 1 by 1 from the cluster using
> ipa-replica-manage del
> >> 
> >> - Be happy?
> >>
> >>
> >> 1. Could you please advise if this is considered the safest practise?
> >
> > More or less yes:
> >
> > 1. create First IPA 4.2 against some FreeIPA 4.1.4 with CA
> > 2. create the other two against the newly Created CentOS - will verify
> if it is
> > in a good shape
> > 3. set new renewal CRL master:
> > http://www.freeipa.org/page/Howto/Promote_CA_to_Renewal_and_CRL_Master
> > 4. Migrate DNA ranges using ipa-replica-manage tool
> >
> > if all works well, remove all servers:
> >
> > 5. remove CA repl. agreements for old servers using ipa-csreplica-manage
> del
> > 6. remove old servers data and repl. agreements using ipa-replica-manage
> del
> > 7. uninstall old servers using ipa-server-install --uninstall
> >
> >> 2. Do we have to update to intermediate versions and if so how?
> >
> > Should not be necessary.
>
> Some advise is also present in the RHEL official docs:
>
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/upgrading.html#migrating-ipa-proc
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] OS migration from Fedora to CentOS?

2016-02-10 Thread Martin Kosek

On 02/05/2016 11:35 AM, Petr Vobornik wrote:
> On 02/04/2016 06:14 PM, Christophe TREFOIS wrote:
>> Hi all,
>>
>> We are currently running a 3-replica (all are setup with the —setup-ca flag)
>> cluster on Fedora 21, with FreeIPA 4.1.4.
>>
>> We would like to slowly upgrade to the new version and move away from Fedora
>> to CentOS 7.2.
>>
>> We were thinking of the following:
>>
>> - Create 3 CentOS machines with —setup-ca flag so that our current cluster 
>> is 6.
>> The first CentOS VM would then probably update the DB schema to the new
>> FreeIPA version.
>> - Remove the Fedora VMs 1 by 1 from the cluster using ipa-replica-manage del
>> 
>> - Be happy?
>>
>>
>> 1. Could you please advise if this is considered the safest practise?
> 
> More or less yes:
> 
> 1. create First IPA 4.2 against some FreeIPA 4.1.4 with CA
> 2. create the other two against the newly Created CentOS - will verify if it 
> is
> in a good shape
> 3. set new renewal CRL master:
> http://www.freeipa.org/page/Howto/Promote_CA_to_Renewal_and_CRL_Master
> 4. Migrate DNA ranges using ipa-replica-manage tool
> 
> if all works well, remove all servers:
> 
> 5. remove CA repl. agreements for old servers using ipa-csreplica-manage del
> 6. remove old servers data and repl. agreements using ipa-replica-manage del
> 7. uninstall old servers using ipa-server-install --uninstall
> 
>> 2. Do we have to update to intermediate versions and if so how?
> 
> Should not be necessary.

Some advise is also present in the RHEL official docs:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/upgrading.html#migrating-ipa-proc

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] OS migration from Fedora to CentOS?

2016-02-05 Thread Petr Vobornik


On 02/04/2016 06:14 PM, Christophe TREFOIS wrote:

Hi all,

We are currently running a 3-replica (all are setup with the —setup-ca flag) 
cluster on Fedora 21, with FreeIPA 4.1.4.

We would like to slowly upgrade to the new version and move away from Fedora to 
CentOS 7.2.

We were thinking of the following:

- Create 3 CentOS machines with —setup-ca flag so that our current cluster is 6.
The first CentOS VM would then probably update the DB schema to the new FreeIPA 
version.
- Remove the Fedora VMs 1 by 1 from the cluster using ipa-replica-manage del 

- Be happy?


1. Could you please advise if this is considered the safest practise?


More or less yes:

1. create First IPA 4.2 against some FreeIPA 4.1.4 with CA
2. create the other two against the newly Created CentOS - will verify 
if it is in a good shape
3. set new renewal CRL master: 
http://www.freeipa.org/page/Howto/Promote_CA_to_Renewal_and_CRL_Master

4. Migrate DNA ranges using ipa-replica-manage tool

if all works well, remove all servers:

5. remove CA repl. agreements for old servers using ipa-csreplica-manage del
6. remove old servers data and repl. agreements using ipa-replica-manage del
7. uninstall old servers using ipa-server-install --uninstall


2. Do we have to update to intermediate versions and if so how?


Should not be necessary.



Could we do anything else?

Thank you for any hints,

Kind regards,

—
Christophe






--
Petr Vobornik

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] OS migration from Fedora to CentOS?

2016-02-04 Thread Christophe TREFOIS

Hi all,

We are currently running a 3-replica (all are setup with the —setup-ca flag) 
cluster on Fedora 21, with FreeIPA 4.1.4.

We would like to slowly upgrade to the new version and move away from Fedora to 
CentOS 7.2.

We were thinking of the following:

- Create 3 CentOS machines with —setup-ca flag so that our current cluster is 6.
The first CentOS VM would then probably update the DB schema to the new FreeIPA 
version.
- Remove the Fedora VMs 1 by 1 from the cluster using ipa-replica-manage del 

- Be happy?


1. Could you please advise if this is considered the safest practise?
2. Do we have to update to intermediate versions and if so how?

Could we do anything else?

Thank you for any hints,

Kind regards,

—
Christophe
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] OS migration from Fedora to CentOS?

Re: [Freeipa-users] OS migration from Fedora to CentOS?

Re: [Freeipa-users] OS migration from Fedora to CentOS?

[Freeipa-users] OS migration from Fedora to CentOS?

4 matches

Site Navigation

Mail list logo

Footer information