Use case: If a CA doesn't start from some reason (e.g. network is down), ipactl stops all services making this IPA server completely unusable - has bigger unwanted impact than not being able to renew or request certs.
Possible services to mark as non-fatal:
Note: there is an option --ignore-service-failure but it ignores all services, including the fatal ones like KDC.
--ignore-service-failure
DNS but it might be actually scratched out - especially if it is the only DNS server
a short term solution will be handled in #5820
triage notes:
Metadata Update from @pvoborni: - Issue assigned to someone - Issue set to the milestone: Future Releases
Login to comment on this ticket.