Freeipa / IDM on a VM - FreeIPA-users - Fedora mailing-lists

List overview All Threads
Download

Freeipa / IDM on a VM

ipa-restore: a bytes-like object...

Private PEN for OID not accepted

Grace Thompson

22 Jan 2018 22 Jan '18

8:49 p.m.

Anybody running their freeipa / IDM cluster on a 100% virtualized environment? We are running the full stack - DNS, ldap, Certs etc and I’m wondering if we can run it all on a VM environment. My concern is the chicken/egg scenario in case of a full DC recovery. Thoughts? Thanks.

Reply

Show replies by thread

Tony Brian Albers

22 Jan 22 Jan

11:59 p.m.

On 01/23/2018 03:49 AM, Grace Thompson via FreeIPA-users wrote:

Anybody running their freeipa / IDM cluster on a 100% virtualized environment? We are running the full stack - DNS, ldap, Certs etc and I’m wondering if we can run it all on a VM environment. My concern is the chicken/egg scenario in case of a full DC recovery. Thoughts? Thanks.

We do, kinda. In our Cultural Heritage Cluster, our FreeIPA server (only one at the moment) is in vmware vsphere, all other servers in the cluster (apart from the datanodes of course) are on oVirt(which I can recommend). Nothing in vmware or oVirt is dependent on FreeIPA, so there will be no chicken and egg scenario.

All we have to do in a full DR is to reestablish the NFS servers that holds the vm images and then we can start up the VM's. These NFS servers are backed up by a backup system that is also not dependent on FreeIPA or even DNS.

/tony

FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org

-- Tony Albers Systems administrator, IT-development Royal Danish Library, Victor Albecks Vej 1, 8000 Aarhus C, Denmark. Tel: +45 2566 2383 / +45 8946 2316

Reply

Jeff Goddard

23 Jan 23 Jan

7:33 a.m.

Not sure if this meets you definition of cluster or not but all of our IdM servers are VMs. We have a multi-master set with standard replication. I have IdM servers 2 in one location with 1 serving as DNS CA, LDAP, etc and a second serving SMB shares and backing up the LDAP services. Across private links in to another location/facility we have a second master with the full suite of services installed and used. We do not use AD so the level of complexity compared to mixed environments is low but everything works fine for us.

Jeff

On Mon, Jan 22, 2018 at 9:49 PM, Grace Thompson via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote:

Anybody running their freeipa / IDM cluster on a 100% virtualized environment? We are running the full stack - DNS, ldap, Certs etc and I’m wondering if we can run it all on a VM environment. My concern is the chicken/egg scenario in case of a full DC recovery. Thoughts? Thanks.

FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org

-- Jeff Goddard Director of Information Technology Emerlyn Technology

Reply

2286

Age (days ago)

2286

Last active (days ago)

freeipa-users@lists.fedorahosted.org

2 comments

3 participants

tags (0)

participants (3)

Grace Thompson
Jeff Goddard
Tony Brian Albers