Anybody running their freeipa / IDM cluster on a 100% virtualized environment? We are running the full stack - DNS, ldap, Certs etc and I’m wondering if we can run it all on a VM environment. My concern is the chicken/egg scenario in case of a full DC recovery. Thoughts? Thanks.
On 01/23/2018 03:49 AM, Grace Thompson via FreeIPA-users wrote:
Anybody running their freeipa / IDM cluster on a 100% virtualized environment? We are running the full stack - DNS, ldap, Certs etc and I’m wondering if we can run it all on a VM environment. My concern is the chicken/egg scenario in case of a full DC recovery. Thoughts? Thanks.
We do, kinda. In our Cultural Heritage Cluster, our FreeIPA server (only one at the moment) is in vmware vsphere, all other servers in the cluster (apart from the datanodes of course) are on oVirt(which I can recommend). Nothing in vmware or oVirt is dependent on FreeIPA, so there will be no chicken and egg scenario.
All we have to do in a full DR is to reestablish the NFS servers that holds the vm images and then we can start up the VM's. These NFS servers are backed up by a backup system that is also not dependent on FreeIPA or even DNS.
/tony
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Not sure if this meets you definition of cluster or not but all of our IdM servers are VMs. We have a multi-master set with standard replication. I have IdM servers 2 in one location with 1 serving as DNS CA, LDAP, etc and a second serving SMB shares and backing up the LDAP services. Across private links in to another location/facility we have a second master with the full suite of services installed and used. We do not use AD so the level of complexity compared to mixed environments is low but everything works fine for us.
Jeff
On Mon, Jan 22, 2018 at 9:49 PM, Grace Thompson via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote:
Anybody running their freeipa / IDM cluster on a 100% virtualized environment? We are running the full stack - DNS, ldap, Certs etc and I’m wondering if we can run it all on a VM environment. My concern is the chicken/egg scenario in case of a full DC recovery. Thoughts? Thanks.
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
freeipa-users@lists.fedorahosted.org