[Freeipa-devel] Locations design v2: LDAP schema & user interface
Simo Sorce
simo at redhat.com
Tue Apr 19 17:17:35 UTC 2016
On Tue, 2016-04-19 at 11:11 +0200, Petr Spacek wrote:
> On 18.4.2016 21:33, Simo Sorce wrote:
> > On Mon, 2016-04-18 at 17:44 +0200, Petr Spacek wrote:
> >> * Find, filter and copy hand-made records from main tree into the
> >> <tt>_locations</tt> sub-trees. This means that every hand-made record
> >> needs to be copied and synchronized N-times where N = number of IPA
> >> locations.
> >
> > This ^^ seem the one that provides the best semantics for admins and the
> > least unexpected results.
> >
> >> My favorite option for the first version is 'document that enabling
> >> DNS location will hide hand-made records in IPA domain.'
> >
> > I do not think this is acceptable, sorry.
> >
> >> The feature is disabled by default and needs additional configuration
> >> anyway so simply upgrading should not break anything.
> >
> > It is also useless this way.
> >
> >> I'm eager to hear opinions and answers to questions above.
> >
> > HTH,
>
> Well it does not help because you did not answer the questions listed in the
> design page.
>
> Anyway, here is third version of the design. It avoids copying user-made
> records (basically 2 DNAMEs were replaced with bunch of CNAMEs):
>
> http://www.freeipa.org/page/V4/DNS_Location_Mechanism#Design_.28Version_3:_CNAME_per_service_name.29
>
> It seems like a good middle ground:
> http://www.freeipa.org/page/V4/DNS_Location_Mechanism#Comparison_of_proposals
It does seem like a decent middle ground.
And I guess an admin would be able to add custom templates if he wants
to have specific services forwarded to the location specific subtree ?
> This required changes in RecordGenerator design, too:
> https://fedorahosted.org/bind-dyndb-ldap/wiki/Design/RecordGenerator
I do not see where you specify the specific record names you forward to
the location trees here?
> Also, CLI was updated to follow Honza's recommendations from previous e-mails:
> http://www.freeipa.org/page/V4/DNS_Location_Mechanism#CLI
Thanks for updating all designs in concert.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list