Hi,
I’m trying to install FreeIPA on CentOS 8.2 with the ansible-freeipa module.
After a few hiccups, it seems to work now.
I want to run three masters in the end.
Using the cluster-playbook, it looks like (from the Topology-Graph in the Web-GUI) that I end up with something like this:
3 < -- > 1 < -- > 2
Which seems to indicate that 3 does not talk to 2.
From the documentation, it looks like I want/need replication agreements between 1+2, 1+3 and 2+3 so that if 1 is down, 2 and 3 can still be updated and talk to each other.
This would - as far as I have understood the documentation - result in a playbook like this:
--- - name: Add topology segments hosts: ipaserver become: true gather_facts: false
vars: ipatopology_segments: - {suffix: domain+ca, left: ipa-ansible1.ipa.example.org, right: ipa-ansible2.ipa.example.org} - {suffix: domain+ca, left: ipa-ansible1.ipa.example.org, right: ipa-ansible3.ipa.example.org} - {suffix: domain+ca, left: ipa-ansible2.ipa.example.org, right: ipa-ansible3.ipa.example.org}
tasks: - name: Add topology segment ipatopologysegment: ipaadmin_password: "{{ ipaadmin_password }}" suffix: "{{ item.suffix }}" name: "{{ item.name | default(omit) }}" left: "{{ item.left }}" right: "{{ item.right }}" state: checked loop: "{{ ipatopology_segments | default([]) }}“
However, when I run that, it doesn’t seem to do anything.
Maybe somebody can add some information here?
Rainer