[SSSD-users] sssd database backup / restore (or transplant to another client)

Thu, 03 Jan 2019 00:02:28 -0800 

Good morning list,

I have an idea, which I would like to experiment with, but experts
advise may save me lots of time.

The scenario I have in mind is like this:

(assume OS and vers are latest RHEL/Centos)

I join a client to an IPA server. After joining, in the
/var/lib/sss/db/ directory, a database per domain is expected. (or
perhaps populated after the first request to the IPA server for
example id some-username)

Now the question is:
If I stop the sssd client service, may I copy the content of this
directory to another client (which is already registered as well to
the same IPA server) and save some time from the initial database
population?
You may say that this operation is not time-consuming etc, but in my
case, I have to spin up some thousands of machines as fast as possible
which are practically diskless. Meaning that the whole party has to
happen as fast as possible and at the end, I have a ddos attack
against my IPA servers and their replicas with a boom of (let's say)
3K clients asking more or less the same things (mostly ldap
verification queries).

So a first question to address my situation would be: Is the sssd db
unique per client or may I "transplant" it to other clients as well?

There is also a feature in the sssd.conf file to manipulate the order
that the IPA clients will ask specific IPA servers with specific order
which I could randomise (say round robin) but I would like to do it as
a second experiment

Thanks in advance for reading so far.

Happy New Year

Nikos

########################################3
Zaharioudakis Nikos, RHC{A,DS,E,VA,X,I}, VCP(4,5},VCI, Mentor VCI,
Zimbra Instructor
https://www.redhat.com/rhtapps/verify/?certId=100-001-262
Public  Calendar :
https://www.google.com/calendar/embed?src=nzahar%40gmail.com&ctz=Europe/Athens
+30 694 720 40 63
http://zimbra.wikidot.com/zimbra-installations-in-greece
_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org

Reply via email to