Yes, they will all need a unique identity as we will be using HBAC along with RBAC. This is an HPC environment with 10k+ unique systems and growing. I can explain more if you'd like.
On Tue, Sep 1, 2020 at 7:37 PM Ben Aveling via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote:
If these machines are stateless, does each new instance need a new and unique identity in IPA?
I don't know if multiple instances concurrently sharing a common identity for IPA purposes would work, but maybe have a pool of identities, and have each newly instantiated machine draw an identity from the pool?
FWIW, we have a number of machines that have a different hostname in IPA to the hostname they use on the network, and touch wood, so far it works fine. _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...