[Freeipa-devel] [PATCH 0090] show optionally configured components in server-find/show command output

[Martin Kosek]

On 11/02/2015 06:10 AM, Jan Cholasta wrote:
> Hi,
> 
> On 22.10.2015 10:44, Martin Babinsky wrote:
>> https://fedorahosted.org/freeipa/ticket/5181
> 
> This should be handled by a separate object plugin:
> 
> $ ipa servercomponent-find master.ipa.test
> ---------------------------
> 6 server components matched
> ---------------------------
>   Component name: CA
>   Enabled: TRUE
>   Start order: 50
> 
>   Component name: KDC
>   Enabled: TRUE
>   Start order: 10
> 
>   Component name: KPASSWD
>   Enabled: TRUE
>   Start order: 20
> 
>   Component name: MEMCACHE
>   Enabled: TRUE
>   Start order: 39
> 
>   Component name: OTPD
>   Enabled: TRUE
>   Start order: 80
> 
>   Component name: HTTP
>   Enabled: TRUE
>   Start order: 40
> ----------------------------
> Number of entries returned 6
> ----------------------------
> 
> This will allow us to consolidate all the ad-hoc component-related code
> scattered throughout IPA (search for enabled component, enable/disable
> component, ...) into IPA command calls.
> 
> I'm not opposed to showing a summary in server-show (although we don't do
> anything like this for any other hierarchical objects), but it should be done
> just for the users' sake, not for internal use (the ticket suggests to use this
> for topology visualisation).
> 
> BTW as far as the scalability of the current solution goes, you should have a
> list of all the *non*-optional components and display everything else.
> 
> Honza
> 

The API proposal should be in line with our future extensions of the API. We
for example want to move "ipa-csreplica-manage" set-renewal-master command to
API call. Or DNSSEC generation master. Or we may want to change some other
flag/role of a master via this interface.

So we will need something like
$ ipa server-add-role ipa.example.com --role "ca-renewal-master"
or
$ ipa servercomponent-add-role ipa.example.com CA --role=renewal-master

Martin