[Freeipa-devel] Domain level for topology plugin = 2
Petr Spacek
pspacek at redhat.com
Thu May 28 07:05:34 UTC 2015
On 28.5.2015 08:55, Jan Cholasta wrote:
> Dne 26.5.2015 v 16:32 Petr Spacek napsal(a):
>> On 26.5.2015 16:16, Martin Kosek wrote:
>>> On 05/26/2015 04:13 PM, thierry bordaz wrote:
>>>> On 05/26/2015 02:12 PM, Petr Spacek wrote:
>>>>> Hello,
>>>>>
>>>>> it came to my mind that domain level for topology plugin should actually be
>>>>> number 2, not 1.
>>>>>
>>>>> We already used number 1 for incompatible changes in DNS tree and I believe
>>>>> that it is not a good idea to have two places which say 'version 1' but and
>>>>> actually mean two different things. (DNS tree version 1 + domain level 1)
>>>>>
>>>>> Patch is attached.
>>>>>
>>>>>
>>>>>
>>>> Hello,
>>>> The fix looks good but that seems strange to have to set the initial
>>>> version of
>>>> the topology plugin to 2.0. (IIUC That is the version that will be written in
>>>> dse.ldif)
>>>> I would rather expects that topology plugin 1.0, would activate itself if the
>>>> DomainLevel is 2.0 or more.
>>>> If topology plugin 1.0 sets an internal DomainLevel_trigger=2.0 then activate
>>>> itself if DomainLevel >= DomainLevel_trigger.
>>>>
>>>> Let's wait for Ludwig feedback.
>>>>
>>>> thanks
>>>> thierry
>>>
>>> My personal opinion on this is to start with Domain Level 1 regardless. We
>>> already "solved" the DNS forwarders otherwise, with docs, async updates etc. I
>>> do not think we will be returning to implementing proper Domain Level support
>>> for that anyway.
>>>
>>> So I rather think that all the "Domain Level starts with 0, 1 is unused, 2 is
>>> the top one" will cause unforeseen issues I would rather like to avoid.
>>
>> I'm more worried about confusion in future. To to me it simply seems easier to
>> bump one integer now than to document and explain (to users & new developers)
>> why we have two "ones" which mean something else.
>>
>> Code-wise it is just an integer.
>>
>> Also, it can simplify logic in future when we decide to do another
>> incompatible change in DNS tree because we will have only one integer to test
>> (instead of checking two separate version attribute in DNS tree & domain
>> level).
>
> +1, but I think the minimum supported domain level should be 1, not 0, because
> 0 means the server uses the old DNS schema, which we do not support anymore,
> right?
Good point!
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list