[Freeipa-users] Manage records while primary IPA is down
Rob Crittenden
rcritten at redhat.com
Mon Jan 13 18:33:27 UTC 2014
Dimitar Georgievski wrote:
> This question is really about HA of FreeIPA. I've noticed that new
> records cannot be added on the replica server while the primary is down.
>
> Ideally these services should be always available even when the Primary
> server is down (for maintenance or other reasons).
>
> Is it possible to have another Primary server replicating with the first
> Primary or to use one of the Replica servers to manage records while the
> Primary server is down.
All servers in IPA are equal masters, the only difference may be the
services running on any given server (DNS and a CA).
The exception is if a master runs out of DNA values or has never been
used to add an entry that requires one and the original IPA master is
down. An IPA server will request a DNA range the first time it needs one
but doesn't get one until then. I'm guessing that is what happened.
I believe IPA 3.3 added some options to ipa-replica-manage to be able to
control the DNA configuration.
rob
More information about the Freeipa-users
mailing list