[Freeipa-devel] [PATCH] 873-874 ipa-replica-manage: adjust del to work with managed topology
Ludwig Krispenz
lkrispen at redhat.com
Fri Jun 12 14:45:22 UTC 2015
On 06/12/2015 04:18 PM, Petr Vobornik wrote:
> Some notes:
>
> 1. As mentioned in the WIP patch thread: original 'del' worked also
> with winsync agreements. I'm not sure why is that. Shouldn't
> 'disconnect' be used for winsync agreements? At least man page says
> that. This patch doesn't support it if domain level > 0. Is it a blocker?
>
> Following should be addressed in beta:
>
> 2. If `ipa-replica-manage del` is run before `ipa-csreplica-manage
> del` then the `ipa-csreplica-manage del` will fail unless run with
> --force options.
>
> 3. Check for orphaned server is missing. I want to use proper graph
> traversing algorithm for that given that we have the whole topology.
>
> 4. Probably a work for topology plugin: I've seen that the removed
> master doesn't remove its segments and agreements even though that it
> knows about its removal (doesn't have its own entry in cn=masters). It
> leads to failed replication connection attempts. Not a big issue, but
> also not wanted.
>
>
4. is tough. it also depends on where you remove the master entry.
the removal of the master entry triggers the removal of the segments,
which triggers the removal of the agreement, and the agreement could be
removed before the segment removal is replicated (it is a race).
So, on purpose, the removal of the segments is only triggered on the
servers in the remaining topology, it also will remove the credentials
of the removed replica, so it will no longer be able to replicate back
into the remaining topology.
The assumption was that a removed replica will be really removed and
focus was, remove any info on the removed replica from the remaining
topology and prevent any updates from the removed replica.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150612/df98b0d1/attachment.htm>
More information about the Freeipa-devel
mailing list