[Freeipa-devel] IPA Server upgrade 4.2 design

Jan Cholasta jcholast at redhat.com
Mon Mar 2 06:49:14 UTC 2015 

Hi,

Dne 24.2.2015 v 19:10 Martin Basti napsal(a):
> Hello all,
>
> please read the design page, any objections/suggestions appreciated
> http://www.freeipa.org/page/V4/Server_Upgrade_Refactoring
>

1)

"
* Merge server update commands into the one command (ipa-server-upgrade)
"

So there is "ipa-server-install" to install the server, 
"ipa-server-install --uninstall" to uninstall the server and 
"ipa-server-upgrade" to upgrade the server. Maybe we should bring some 
consistency here and have one of:

  a) "ipa-server-install [--install]", "ipa-server-install --uninstall", 
"ipa-server-install --upgrade"

  b) "ipa-server-install [install]", "ipa-server-install uninstall", 
"ipa-server-install upgrade"

  c) "ipa-server-install", "ipa-server-uninstall", "ipa-server-upgrade"


2)

"
* Prevent to run IPA service, if code version and configuration version 
does not match
   * ipactl should execute ipa-server-upgrade if needed
"

There should be no configuration version, configuration update should be 
run always. It's fast and hence does not need to be optimized like data 
update by using a monolithic version number, which brings more than a 
few problems on its own.

3)

"
* Prevent user to use ipa-upgradeconfig and ipa-ldap-updater
"

Even without arguments? Is ipactl now the only right place to trigger 
manual update?

4)

"
Plugins are called from update files, using new directive 
update-plugin:<plugin-name>
"

Why "update-plugin" and not just "plugin"? Do you expect other kinds of 
plugins to be called from update files in the future? (I certainly don't.)

5)

"
New class UpdatePlugin is used for all update plugins.
"

Just reuse the existing Updater class, no need to reinvent the wheel.

6)

I wonder why configuration update is done after data update and not 
before. I know it's been like that for a long time, but it seems kind of 
unnatural to me, especially now when schema update is separate from data 
update. (Rob?)

7)

"
keep --test option and fix the plugins which do not respect the option
"

Just a note, I believe this ticket is related: 
<https://fedorahosted.org/freeipa/ticket/3448>.


Good work overall!

Honza

-- 
Jan Cholasta

More information about the Freeipa-devel mailing list