On to, 15 huhti 2021, iulian roman via FreeIPA-users wrote:
Can anyone confirm if RedHat IDM is supported/recommended to run in
containers in a production environment ? I would like to know if there
are any drawbacks before I'll put any effort in implementing it. I
would like to use it with one replica and trust with Active Directory.
If you are talking about RHEL IdM (as opposed to any other distro
variants), then trust to Active Directory is known to have limitations
with containerised RHEL 7. RHEL 8 does not provide a supported RHEL IdM
container yet. None of the other container environments are supported
either by FreeIPA upstream.
If this is about any other OS than RHEL 7 specifically, I'd avoid using
containers as they aren't really tested for production use yet.
There is a project which builds up OpenShift integration for FreeIPA but
it is not yet at production level either. The freeipa-container project
on github is our best shot but it is ran as a parallel effort and not
included into a regular test matrix for FreeIPA releases. Its own CI
does not include testing with trusted AD environments as well.
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland