freeipa

Clone
Source Code
GIT

#6645 Get installation facts
Opened 7 years ago by cheimes. Modified 5 years ago

Open
Close issue as:
fixed wontfix worksforme duplicate insufficientinfo invalid

For automation of FreeIPA installation with Ansible, Puppet and similar systems, FreeIPA needs to grow an API to query the state of various parts and information about the current system. Relevant pieces of information are

state

  • is host enrolled as IPA client?
  • is host enrolled as IPA server?
    • is BIND DNS server configured on the host?
    • is Dogtag PKI configured as CA on the host?
    • is Dogtag PKI configured as KRA on the host?

information

  • domain
  • Kerberos realm
  • IPA master server
  • URI of XML/JSON-RPC
  • LDAP basedn
  • LDAP URI
  • CA cert
  • supported API version (ipalib)
  • FreeIPA version (numeric and vendor version)

Bonus: paths from ipaplatform.paths and LDAP containers from ipalib.api.env, see https://fedorahosted.org/freeipa/ticket/6408#comment:17

The checks must not require any kind of additional credentials or authentication. We can safely assume that checks are performed as root user on the machine. Checks must not depend on any running services like LDAP or web framework, too. Check must be able to detect that ipa-server-install has been called even when LDAP is down.

Additional checks against LDAP and framework may be perform in an advanced mode or by a second API in order to verify consistency between local config files and values in LDAP.

It seems that this effort should be done in the context of the #4008 troubleshooting tool. The facts collection is needed for both so it makes sense to implement it once and reuse.

Makes sense.

Metadata Update from @cheimes:
- Issue assigned to someone
- Issue set to the milestone: 0.0 NEEDS_TRIAGE
7 years ago

Metadata Update from @cheimes:
- Custom field affects_doc reset
- Custom field component reset
- Custom field type reset
- Issue close_status updated to: None
- Issue set to the milestone: None (was: 0.0 NEEDS_TRIAGE)
- Issue tagged with: integration
7 years ago

Metadata Update from @pvoborni:
- Custom field affects_doc reset
- Custom field tester adjusted to wanted
- Issue set to the milestone: FreeIPA 4.6
7 years ago

I think the proper implementation of this feature should use custom facts - https://pagure.io/freeipa/issue/6408#comment-445375

Metadata Update from @tkrizek:
- Issue set to the milestone: FreeIPA 4.6.1 (was: FreeIPA 4.6)
6 years ago

Metadata Update from @tkrizek:
- Issue set to the milestone: FreeIPA 4.6.2 (was: FreeIPA 4.6.1)
6 years ago

Metadata Update from @tdudlak:
- Issue set to the milestone: FreeIPA 4.6.3 (was: FreeIPA 4.6.2)
6 years ago

Metadata Update from @rcritten:
- Issue set to the milestone: FreeIPA 4.6.4 (was: FreeIPA 4.6.3)
6 years ago

FreeIPA 4.6.3 has been released, moving to FreeIPA 4.6.4 milestone

I closed https://pagure.io/freeipa/issue/6408 in favor of this ticket.

Metadata Update from @cheimes:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1509603
- Issue set to the milestone: FreeIPA 4.7 (was: FreeIPA 4.6.4)
- Issue tagged with: userstory
6 years ago

Metadata Update from @rcritten:
- Issue set to the milestone: FreeIPA 4.7.1 (was: FreeIPA 4.7)
5 years ago

FreeIPA 4.7 has been released, moving to FreeIPA 4.7.1 milestone

Metadata Update from @rcritten:
- Issue tagged with: healthcheck
5 years ago

Login to comment on this ticket.

Metadata

userstory integration healthcheck

None
None
normal
None
None
None
None
None
None
None
None
None
None
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1509603
wanted
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.