This can be viewed as both RFE and a bug.
As an administrator, I want to install a replica(promote client) against a specific server so that it doesn't pick a replica which is unreachable(e.g. the replica is on different site) for the to-be-promoted client. It should not require communicating with other servers as they might be unreachable.
A replica has several steps when it communicates with another master: getting secrets, creation of service principles, requests of certificates, replication of domain and ca suffixes. It is not guaranteed that all operations will be done against a single master. This can be a cause of race-conditions when something is created on one master, but replica communicates with another master where it was not yet replicated thus failing the installation.
Also in environments with split topology (error state), the replica installation can be a CA server in disconnected CA suffix and thus fail.
In some race conditions and error conditions, replica installation might fail.
Replica installation will be more robust.
So the use cases are:
$ every IPA release till this date (May 28 2018 - unreleased 4.7), maybe after an introduction of replica promotion
A proposal for behavior:
Related: #7518
Metadata Update from @frenaud: - Issue set to the milestone: FreeIPA 4.6.4
Metadata Update from @frenaud: - Issue priority set to: important
Metadata Update from @rcritten: - Issue set to the milestone: FreeIPA 4.6.5 (was: FreeIPA 4.6.4)
Related: #7587
Metadata Update from @pvoborni: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1591824
Issue linked to bug 1591824
PR https://github.com/freeipa/freeipa/pull/2048 addresses one issue with CA replication peer selection.
master:
ipa-4-6:
ipa-4-5:
ipa-4-7:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Metadata Update from @frenaud: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1591824, https://bugzilla.redhat.com/show_bug.cgi?id=1754494 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1591824)
Issue linked to Bugzilla: Bug 1754494
ipa-4-8:
Metadata Update from @frenaud: - Issue set to the milestone: None (was: FreeIPA 4.6.5)
Login to comment on this ticket.