Hi,
I'm new to ansible and FreeIPA project, and I'm currently trying to setup HBAC and
SUDO rules to my primary server and the replicas.
Is the practice to only apply rules to the primary server and let it replicate to the
replicas? The reason I'm asking is because when I try to create HBAC/SUDO rules on the
primary and the replicas I get an error in ansible saying:
changed: [192.168.204.10]
fatal: [192.168.204.11]: FAILED! => {"changed": false, "msg":
"sudorule_add: test_rule: sudo rule with name \"test_rule\" already
exists"}
However, if I try to retun the play it will work as an idempotently:
ok: [192.168.204.10]
ok: [192.168.204.11]
Question:
What's the practice when running a replicas, should only the "main" master
be updated?
Show replies by date