https://bugzilla.redhat.com/show_bug.cgi?id=747612
It is related to bug #743503 but to mange the site on the server side. The original request is the following: Has there been given any thought to the concept of sites within IPA to improve cross-site implementations? This should be easy to implement as you are already using DNS SRV records to locate the ldap/kerberos servers. E.g. Site: Boston Site: London Create a subdomain of the IPA dns domain named _sites, and a subdomain of _sites for each site. Boston._sites.ipa.domain.com would contain the srv entries for IPA servers in Boston: _ldap._tcp in srv 0 100 389 boston-ipa-server1 _ldap._tcp in srv 0 100 389 boston-ipa-server2 ..... London._sites.ipa.domain.com would contain the srv entries for IPA serers in London: _ldap._tcp in srv 0 100 389 london-ipa-server1 _ldap._tcp in srv 0 100 389 london-ipa-server2 .... Now point the client's DNS "search" entry to point to the local site first, then search the full name space: Boston client's /etc/resolv.conf: search Boston._sites.ipa.domain.com ipa.domain.com London client's /etc/resolv.conf: search London._sites.ipa.domain.com ipa.domain.com The main ipa.domain.com could still contain srv records for all IPA servers, or selected IPA servers at the central hub. I know I can do this manually within the DNS managment in IPA today, however it would be a lot easier to maintain "Sites" within the IPA webui/cli. *blink* ;)
Start when have time.
This work should be done following this plan: http://freeipa.org/page/DNS_Location_Discovery
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=815621 (Red Hat Enterprise Linux 6)
Based on the feedback in the BZ this is pretty important so I am bumping the priority.
BZ 815621 is another RFE, it will be cloned to another ticket.
Putting back in needs triage as it seems like it belongs in 3.3 backlog.
Older design document (http://freeipa.org/page/DNS_Location_Discovery) was obsoleted by the new one: http://www.freeipa.org/page/V3/DNS_Location_Mechanism
This RFE depends on bind-dyndb-ldap ticket 126.
Stretch goal for 4.2. The first pass would require 2 parts to happen:
_location
named.conf
Whether this would create DNS records directly or it would create a special location object while DNS records will be pre-populated by DS plugin is implementation detail.
Moving to 4.3, we are too close to 4.2 deadline to be able to handle this stretch RFE.
#2008 would be hard to implement without #5620.
4.4 priority
Would be really nice to show the locations on the topology graph in some way. Should we open a separate RFE or it is in scope?
master:
User interface added, other patches will follow
Metadata Update from @dpal: - Issue assigned to mbasti - Issue set to the milestone: FreeIPA 4.4
Login to comment on this ticket.