[Freeipa-devel] provisioning and RetroCL/Content_Sync
thierry bordaz
tbordaz at redhat.com
Wed Jun 15 13:50:52 UTC 2016
Hello,
The subject of provisioning was discussed
https://www.redhat.com/archives/freeipa-devel/2016-May/msg00065.html. The
documentation of the provisioning procedure is still going on but
reviewing it I have a doubt about RetroCL/Content_Sync.
Provisioning will be done with high recommendations/constraints:
* The provisioned instance should not be accessed by ldap client
during provisioning.
* The IPA deployment should contain only one server (the one used
for provisioning) in order to prevent replication latency
During provisioning, disabling RetroCL/Content_Sync gives a ~10%
improvements (reducing the #ADD).
The drawback of disabling RetroCL/Content_Sync is that the
provisioned instance will not be able to send provisioned entries
through syncRepl.
Now considering that the provisioned instance is unique in the
topology and will do full init of replicas, I think SyncRepl is
useless and then we can disable RetroCL/Content_Sync during
provisioning.
Anyone is seeing a problem if those plugins are disabled during
provisioning ?
thanks
thierry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160615/0c428c7d/attachment.htm>
More information about the Freeipa-devel
mailing list