Thanks Rafael.
I was hoping to do it in place if at all possible because where things get
complicated is the 4.5.4 server is also the internal DNS server that
everyone utilizes (we have multiple but people just use the 1 mainly). It
really was their "main" server. I added the other two replicas a few years
ago to make sure we had something. They contacted me and wanted help to
upgrade everything so here I am. Making any modifications to it will
probably make everything go heywire (or at least break DNS for everyone).
That is unless I get it back immediately by
1. adding a 4th server
2. promoting the 4th server to master
3. decommission the 4.5.4 server
4. reassign the 4th server the same IP as the old 4.5.4 server?
5. upgrade rest of servers
Any thoughts? recommendations?
On Wed, Feb 8, 2023 at 5:43 AM Rafael Jeffman <rjeffman(a)redhat.com> wrote:
On Tue, Feb 7, 2023 at 6:29 PM Kevin Vasko via FreeIPA-users <
freeipa-users(a)lists.fedorahosted.org> wrote:
>
> We have a set of 3x freeIPA servers that have outdated (everything) in a
development/test environment that need to be updated.
>
> It seems that 4.6.8-5.el7.centos.12 is the latest version available on
CentOS 7?
>
> We are at on the 3 servers:
> 4.5.4-10.el7.centos.4.4
> 4.6.4-10-el7.centos.6
> 4.6.4-10-el7.centos.6
>
> For the two 4.6.4 installs, that seems relatively simple upgrade as we
would only be going to a different dot release and a simple "yum update
ipa-server" should handle this? Is there any advisement for/against doing a
full "yum update" on the entire system to get everything updated?
>
> For the 4.5.4 system, is there much of a concern going straight from
4.5.4 to 4.6.8 straight? I assume the concern would be jumping major
versions and going from say 4.5 to 4.9?
>
> My current plan is to stop at CentOS 7.9 and latest FreeIPA 4.6 release
on CentOS 7.9. But for my own knowledge if I was going to 4.10 wouldn't the
recommendation path to upgrade to 4.10, to install CentOS Stream 9 on a new
server, enroll it, make 4.10 the master and then remove the CentOS 7
instances?
>
Assuming you can't have a 4th server, Is it possible for you to have only
2 replicas for some time? If so, you can remove the 4.5.4 server, fully
(cleanly?) upgrade it, add it back, set it as CA master, and repeat the
procedure with the other servers.
As you are upgrading the whole OS, this would be more in line with the
current recommendation (see
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/...
).
Rafael
> -Kevin
>
>
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
> To unsubscribe send an email to
freeipa-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
> Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
Rafael Guterres Jeffman
Senior Software Engineer
FreeIPA - Red Hat