[Freeipa-users] Freeipa replica info to clents: guidance

[Rakesh Rajasekharan]

Hi,

My Freeipa setup is on AWS ec2 instances and has been working fine with
just one master for a while now.

I am now trying to setup replica servers which, I was able to and the
replication between both masters go fine.

So, I have a master serer ipa-master-mydomain.com and repilca
ipa-replica-mydomain.com

I am not using DNS and rely on AWS for DNS resolution instead.

My question is , how do I tell clients about the new replica server .

I tried an entry in the sssd.conf domain section of the clients


id_provider = ipa
auth_provider = ipa
ipa_server = _srv_, ipa-master-mydomain.com, repilca
ipa-replica-mydomain.com


This approach works fine and clients reach out to the replica as a
failover. However, wanted to verify if this is the correct way.

Also, can I define priority based on the order in which the IPA servers are
defined in
ipa_server = _srv_ ,<ipa1>,<ipa2>

If the above assumption is right, I could have half of my clients connect
to master always and rest to the replica that way balancing the load.


Thanks
Rakesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170121/3811590a/attachment.htm>