On Fri, Apr 14, 2023 at 5:10 AM Finn Fysj via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
Hi,
I'm new to FreeIPA and the ansible-freeipa collection.
I can successfully install IPA server using the role ipaserver. However, I want to setup
a multi-master replication with failover.
As far as I know I need to install ipaserver on all of my masters/replication and then
the replica role?
How does the master nodes establish a relationship? Is this done using IPA client?
For the first server you use the ipaserver role, as you did. For all
other servers in the domain, use the ipareplica role.
Make sure to check upstream or RHEL documentation.
I have some examples on setting up an IPA cluster here:
https://rafaeljeffman.com/projects/freeipa/en/cluster-deployment-ansible....
It might seem weird, but my goal is to setup the IPA server purely as
a LDAP server using external CA.
This is because we want to have the ability to have a user interface like the web gui.
If you are already using ansible-freeipa to deploy your servers, you
can also use it to manage the domain, using Ansible. ansible-freeipa
already have a good coverage of FreeIPA commands.
Rafael
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
Rafael Guterres Jeffman
Senior Software Engineer
FreeIPA - Red Hat