[Freeipa-devel] DNA range distribution to replicas by default
Petr Spacek
pspacek at redhat.com
Tue Jun 9 08:30:18 UTC 2015
Hello,
I would like to discuss
https://bugzilla.redhat.com/show_bug.cgi?id=1211366
"Error creating a user when jumping from an original server to replica".
Currently the DNA ranges are distributed from master to other replicas on
first attempt to get a number from particular range.
This works well as long as the original master is reachable but fails
miserably when the master is not reachable for any reason.
It is apparently confusing to users [1][2] because it is counter-intuitive.
They have created a replica to be sure that everything will work when the
first server is down, right?
Remediation is technically simple [3] (just assign a range to the new replica)
but it is confusing to the users, error-prone, and personally I feel that this
is an unnecessary obstacle.
It seems to me that the original motivation for this behavior was that the
masters were not able to request range back from other replicas when a local
range was depleted.
This deficiency is tracked as
https://bugzilla.redhat.com/show_bug.cgi?id=1029640 and it is slated for fix
in 4.2.x time frame.
Can we distribute ranges to the replicas during ipa-replica-install when we
fix bug 1029640?
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1211366#c0
[2] https://www.redhat.com/archives/freeipa-users/2015-May/msg00515.html
[3] http://blog-rcritten.rhcloud.com/?p=50
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list