I will take a look at the documentation. However, I don't really understand why
it works as soon as I get it in a static inventory, as all of the machines
(including controller) are using same DNS.
___
FreeIPA-users mailing list -- freeipa-users@lists.f
On Mon, Apr 17, 2023 at 2:08 PM Finn Fysj via FreeIPA-users
wrote:
>
> Yes, so I do not want to use FreeIPA as DNS, since the cloud provider already
> fix this when I provision the machines + the dyanmic inventory. I've tried to
> modify the /etc/hosts on both machines to include each other as I
Yes, so I do not want to use FreeIPA as DNS, since the cloud provider already
fix this when I provision the machines + the dyanmic inventory. I've tried to
modify the /etc/hosts on both machines to include each other as I remember this
was somewhat "good practice" from an earlier colleague.
___
TYPO!
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
On Mon, Apr 17, 2023 at 1:14 PM Finn Fysj via FreeIPA-users
wrote:
>
> Maybe I'm mistaken, however:
>
> Playbook:
> - hosts:
> - master2.example.com
Is it a typo, or you are using the same host for both ipaserver and ipareplica?
> roles:
> - role: freeipa.ansible_freeipa.ipaserver
Error when using dynamic inventory:
fatal: [master2.example.com]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"all_ip_addresses": false,
"ca_cert_files": null,
"configure_firefox": false,
"domain": "example.com",
Maybe I'm mistaken, however:
Playbook:
- hosts:
- master2.example.com
roles:
- role: freeipa.ansible_freeipa.ipaserver
vars:
ipaserver: "{{ inventory_hostname }}"
ipaserver_hostname: "{{ inventory_hostname }}"
ipadm_password: SuperSecret123
ipaad
On 4/17/23 14:45, Finn Fysj via FreeIPA-users wrote:
So... We're using dynamic-inventory... And when I tried creating a static
inventory dividing my hosts into the groups [ipaserver] and [ipareplicas] this
worked... Without using these groups specifically my vars got ignored..?
How did you se
So... We're using dynamic-inventory... And when I tried creating a static
inventory dividing my hosts into the groups [ipaserver] and [ipareplicas] this
worked... Without using these groups specifically my vars got ignored..?
___
FreeIPA-users mailing l
Finn Fysj via FreeIPA-users wrote:
> Yes, so I managed to successfully install IPA server and replica using the
> two roles.
> They're both master?
>
> I know the replicas configuration is based on the Master, but one of my
> problem is that:
> - I use Idstart 6000 on my IPA server (master) and
On Mon, Apr 17, 2023 at 3:50 AM Finn Fysj via FreeIPA-users
wrote:
>
> Also... It's required to have IPA client installed on the replica?.. Would it
> still be considered a "master"?
> I had to manually join as I get the following error running ipareplica role:
>
> FAILED! => {"changed": false, "
I tried to login into both IPA servers through web ui just to "test", and
noticed this diff. Seems like "idstart" isn't replicated to the replica server?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email
Hi,
On Sun, Apr 16, 2023 at 10:10 PM Finn Fysj via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Yes, so I managed to successfully install IPA server and replica using the
> two roles.
> They're both master?
>
> I know the replicas configuration is based on the Master, but one of
Also... It's required to have IPA client installed on the replica?.. Would it
still be considered a "master"?
I had to manually join as I get the following error running ipareplica role:
FAILED! => {"changed": false, "msg": "Unable to find IPA Server to join"}
MANUALLY JOIN:
$ sudo ipa-client-
Yes, so I managed to successfully install IPA server and replica using the two
roles.
They're both master?
I know the replicas configuration is based on the Master, but one of my problem
is that:
- I use Idstart 6000 on my IPA server (master) and my replica does not follow
this configuration, m
Hello Finn,
On 4/14/23 10:10, Finn Fysj via FreeIPA-users wrote:
Hi,
I'm new to FreeIPA and the ansible-freeipa collection.
I can successfully install IPA server using the role ipaserver. However, I want
to setup a multi-master replication with failover.
As far as I know I need to install ipa
On Fri, Apr 14, 2023 at 5:10 AM Finn Fysj via FreeIPA-users
wrote:
>
> Hi,
>
> I'm new to FreeIPA and the ansible-freeipa collection.
> I can successfully install IPA server using the role ipaserver. However, I
> want to setup a multi-master replication with failover.
>
> As far as I know I need
Hello Nathanael,
On Wed, Oct 13, 2021 at 6:55 PM Nathanaël Blanchet via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
>
> Hello,
>
> I'm used to get informations/facts from any API based product such as
> ovirt or awx with either a module (ovirt_vm_info ) or either a lookup
> plugin
Hello Dominik,
ipaconfig is available since 0.1.10 release, and iparole since 0.2.0
release, but there is currently no plan to rebase the ansible-freeipa that
comes in RHEL 8.1.
To be able to use both roles you might need to wait for RHEL 8.4, as 8.3
has version 0.1.12, and does not have iparole.
Thank you for this. I can definitely use this and will provide feedback
-g
> On Oct 5, 2017, at 10:45 AM, Alexander Bokovoy via FreeIPA-users
> wrote:
>
>> On to, 05 loka 2017, Mark Haney wrote:
>> I'm fine with that. Just that IPA's implementation is very much end-user
>> specific. I really
On to, 05 loka 2017, Mark Haney wrote:
I'm fine with that. Just that IPA's implementation is very much end-user
specific. I really doubt you could abstract the playbook enough to make it
viable for even a majority of users.
That's why we want to make it possible to reference individual steps
p
Mark Haney via FreeIPA-users wrote:
> I'm fine with that. Just that IPA's implementation is very much
> end-user specific. I really doubt you could abstract the playbook
> enough to make it viable for even a majority of users.
Can you expand on why?
Is it that no playbook could be viable for
I'm fine with that. Just that IPA's implementation is very much end-user
specific. I really doubt you could abstract the playbook enough to make it
viable for even a majority of users.
Then again, what do I know, I'm just an engineer with 20+ years
experience.
On Thu, Oct 5, 2017 at 12:41 PM, A
On to, 05 loka 2017, Mark Haney via FreeIPA-users wrote:
I never said I didn't like. Just that it's not that complicated to setup a
playbook to do what you're doing.
There is a context to Thomas' message, Mark. We are trying to create a
set of playbooks that would be supported by FreeIPA develop
I never said I didn't like. Just that it's not that complicated to setup a
playbook to do what you're doing.
On Thu, Oct 5, 2017 at 11:17 AM, Thomas Woerner wrote:
> Hello Mark,
>
> On 10/05/2017 03:57 PM, Mark Haney wrote:
> > I've been doing this using a custom Ansible playbook for over a mon
Hello Mark,
On 10/05/2017 03:57 PM, Mark Haney wrote:
> I've been doing this using a custom Ansible playbook for over a month now.
> It appears to me to be very variable dependent.
>
For the full autodetection case you do not need more than the client hostname
and the admin password/keytab (with
I've been doing this using a custom Ansible playbook for over a month now.
It appears to me to be very variable dependent.
On Thu, Oct 5, 2017 at 7:04 AM, Thomas Woerner via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Hello,
>
> we have made big progress with ansible-freeipa to
27 matches
Mail list logo