[Freeipa-users] Is systemd really a requirement for freeipa 4.x?

Dmitri Pal dpal at redhat.com
Thu Mar 26 22:14:35 UTC 2015 

On 03/26/2015 08:18 AM, Coy Hile wrote:
>
> Quoting Andrew Holway <andrew.holway at gmail.com>:
>
>>>
>>> When I look at the SPEC file for freeipa-4.1.3, I see requirements
>>>>> around Systemd.  Is that really a hard requirement, or is it 
>>>>> possible to
>>>>> run newer FreeIPA (that is to say 4.x) on a host that hasn't been
>>>>> infested by systemd
>>>>
>>>>
>>> From an SELinux standpoint systemd is far superior to initd as it 
>>> allows
>> far more graceful domain transitions.
>>
>> Apart from the binary logging and it being a bit monolithic; I really 
>> don't
>> understand the anit-systemd crowd problems. Its advantages over the now
>> ancient initd seem to be obvious.
>
> <hijack>
> The binary logging is a big problem. Log to the filesystem usefully, 
> or log to
> syslog. Then one can get that data into Splunk or similar.  Aside from 
> that,
> systemd feels like the answer to the question no one asked.  It's a 
> bit like
> what Oracle has done to bastardize smf(5) in Oracle Solaris 11 over 
> what was
> there in Solaris 10 (and the former OpenSolaris, now illumos). The S10
> incarnation was awesome, even though the definition of service 
> manifests in xml
> makes me want to claw my eyes out. Oracle's Microsoftened embrace and 
> extend?
> Yeah, not so much....
>
> For full disclosure here, the reason I was enquiring about support on 
> CentOS 6 is
> because my virtualization platform of choice is SmartOS.  For CentOS 6 
> and Ubuntu
> 14.04, I am able to use a 'Branded zone' natively without having to 
> add the KVM
> hardware emulation layer in there, implying better network and IO 
> performance.
> That said, for this particular case, the KVM overhead really doesn't 
> matter since
> a box that's only doing LDAP and kerb really needn't be all that 
> beefy.  Hell, I
> could probably run an authoritative KDC for ATHENA.MIT.EDU on an rpi 
> if I were so
> inclined.
> </hijack>
>
> Understanding the reason behind the requirements is quite helpful, so 
> thanks to all
> who provided that.  I'll work with Joyent to add systemd support to 
> the lx brand,
> and in the meantime, I'll just deploy on KVM infrastructure and take 
> the hit.  I
> assume there's no good reason to deploy a net new setup using the 3.x 
> release?
>
> -c
We recommend using latest - 4.1.

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

More information about the Freeipa-users mailing list