Hi,
Am 02.08.2022 um 15:32 schrieb lol lol via FreeIPA-users:
Hello, I'd like to run IPA server in a vm and at the same time
use the host OS as an IPA client for a uniform set-up of DNS, NTP, SSO etc across the
board.
I'm running something similar here: FreeIPA in a docker container, the
host running the container is an IPA client.
I have a replica but let's imagine that I don't. So I have
only one IPA server running on as a guest on an IPA client host.
I imagine that I would encounter issues at start-up since IPA client services should
start AFTER the VM is up and running.
I don't see any problems here as long as I don't do anything that needs
KRB5 tokens and/or user data until after the container is up and running
properly.
What would be your recommendation of going about it? Should I start
libvirt before IPA client services in boot chain (and what exact services?) and then sleep
long enough so that VM has the time to start?
Or maybe be I should just restart some IPA client services after booting?
I don't really need any of that here, and it *does* take up to 5 minutes
after boot until the ipa server is actually responsive (old, cripply
hardware).
The only problem I have here is that I had to move my SMB server to a
different host - SMB as ipa client with the SMB/IPA/AD Controller inside
a container on the same host gave me any number of certificate- and
KRB5-related headaches.
cheers
MH
--
Mathias Homann
Mathias.Homann(a)openSUSE.org
Jabber (XMPP): lemmy(a)tuxonline.tech
IRC: [Lemmy] on freenode and ircnet (bouncer active)
keybase:
https://keybase.io/lemmy
gpg key fingerprint: 8029 2240 F4DD 7776 E7D2 C042 6B8E 029E 13F2 C102