[Freeipa-devel] disabling topology segment has no effect

Oleg Fayans ofayans at redhat.com
Wed Jun 17 14:49:57 UTC 2015 


On 06/17/2015 04:31 PM, Simo Sorce wrote:
> On Wed, 2015-06-17 at 16:15 +0200, Ludwig Krispenz wrote:
>> On 06/17/2015 03:37 PM, Oleg Fayans wrote:
>>> Hi Ludwig, Petr,
>>>
>>> Presently I have noticed that disabling a segment, using `ipa
>>> topologysegment-mod realm replica1-to-replica2
>>> --enabled=off` does not have effect on the way the data is replicated.
>>>
>>> I mean that if we have the following tolopogy:
>>> master <-> replica1 <-> replica2
>> on which server did you apply the mod ?
>>> and disable one of the segments, one would expect the changes
>>> implemented on master would not be replicated to other nodes (or do I
>>> misunderstand the concept of disabling a segment?). However, in
>>> reality any changes in master do get replicated despite the segment is
>>> disabled.
>>>
>>> Is it a correct behavior?
>>>
>>> The second question is: if disabled segments should not let the
>>> changes through, then we probably should implement a check for
>>> topology disconnection in similar way as `ipa topologysegment-del`
>>> does. I mean, whenever a user tries to disable a segment, the plugin
>>> should probably check whether it disconnects any of the nodes.
>> well, I think disabling should be temporary, you want to disconnect for
>> some time. eg for debugging, not deleting the agreement completely, I
>> would allow this.
> Too dangerous, I would honestly not even offer the option to disable
> anything via the framework for now.
+1
Anyway, if the feature does not work as expected for now, I would 
disable it rather than fixing, as it's not a critical functionality for 
alpha.

>
> Do we really want to allow an admin to cause split brains ?
> If an admin forgets to re-enable a segment pretty quickly you get in a
> very undesirable state if that segment caused a split brain.
>
> It may make sense if it were some time-based command, where you must
> enter a (short) time period when the segment is disabled, so that it
> re-enabled automatically when the window expires, but that is not
> something we are getting in the short term.
>
> My 2c,
> Simo.
>
+ 1 for implementing time-based segment disabling.



-- 
Oleg Fayans
Quality Engineer
FreeIPA team
RedHat.

More information about the Freeipa-devel mailing list