[Freeipa-devel] IPA server virtual appliance
Mark McLoughlin
markmc at redhat.com
Fri Dec 21 14:19:30 UTC 2007
Hey,
I've been working on building a virtual appliance using the IPA server.
The idea is that you should be able to download a pre-built image, run
it under kvm/xen/vmware and quickly have IPA up and running.
The current progress is available in this git repository:
http://markmc.fedorapeople.org/ipa/ipa-appliance.git
Check it out, run "make" and, as root, "make buildrepo image" and you
should be able to run the image under kvm with:
$> virt-image -n IPA --vnc ipa-appliance.xml[1]
$> virt-viewer -c qemu:///system IPA
You can then login as root, run ipa-server-install, obtain a kerberos
ticket for the admin user and play around with the web interface as
usual.
One thing to note about this is that it uses readonly-root so that the
system image itself is kept read-only and all data is stored on a
separate disk image. This means that you should be able to update to a
newer version of the appliance simply by grabbing a new system image.
Now that the basic infrastructure is done, I'm planning on starting to
make it a bit more usable as an appliance by:
1) Adding a "first boot" type web interface to replace
ipa-server-install.
The idea is we'd have something like ipa-server-install do
whatever it can at build time and configure a basic web interface
with e.g. no kerberos auth, and its with that web interface you'd
choose the realm name, directory server and admin passwords etc.
2) Allowing everything that can be configured through this first boot
interface to be changed later - e.g. an admin should be able to
change the kerberos realm (yes, this is non-trivial)
3) Adding system configuration to the web interface - e.g. you should
be able to change network/timezone configuration through the web
interface.
Comments, thoughts, ideas etc. very welcome ...
Cheers,
Mark.
[1] - Note: virt-image seems to be broken in rawhide, but the latest
version from mercurial is fine.
More information about the Freeipa-devel
mailing list