We get questions periodically on installing IPA onto SoC boards, mostly ARM and usually a Pi (Banana or Raspberry).
We'd like to add a wiki page or howto with tips on known workarounds.
We'd also like to get some use cases on why you'd want to run IPA on something like this. Is it just an experiment, using it on a home network with just a few nodes, something else?
I'll take all the input and create a wiki page on it.
Note that up to now we don't recommend doing such an install. Maybe the user stories will change our mind.
thanks
rob
I'm just starting, but:
$ free -m total used free shared buff/cache available Mem: 1791 680 274 72 835 833 Swap: 0 0 0
This is for personal use, so being able to run a replica at home for little money would be nice.
I haven't tried, though- are there known caveats?
On Mon, Jan 22, 2018 at 5:01 PM, Rob Crittenden via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote:
We get questions periodically on installing IPA onto SoC boards, mostly ARM and usually a Pi (Banana or Raspberry).
We'd like to add a wiki page or howto with tips on known workarounds.
We'd also like to get some use cases on why you'd want to run IPA on something like this. Is it just an experiment, using it on a home network with just a few nodes, something else?
I'll take all the input and create a wiki page on it.
Note that up to now we don't recommend doing such an install. Maybe the user stories will change our mind.
thanks
rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Agreed. I would love to run this on a raspberry pi or better.
Get Yahoo Mail for Mobile
On Mon, Jan 22, 2018 at 14:25, Alex Corcoles via FreeIPA-usersfreeipa-users@lists.fedorahosted.org wrote: _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Andrew Meyer via FreeIPA-users wrote:
Agreed. I would love to run this on a raspberry pi or better.
But why?
Is it because the hardware is so cheap? Is it better/easier/cheaper than running it in a VM on an existing box? Is it merely for the "fun" factor (and I'm not disparaging it, I do lots of things just to see if it can be done).
rob
Get Yahoo Mail for Mobile https://go.onelink.me/107872968?pid=InProduct&c=MailPP_sig_Dec17&af_sub1=E-mail&af_sub2=YGrowth&af_sub3=US_Email_MailPP_Sig_V4
On Mon, Jan 22, 2018 at 14:25, Alex Corcoles via FreeIPA-users <freeipa-users@lists.fedorahosted.org> wrote: _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org <mailto:freeipa-users@lists.fedorahosted.org> To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org <mailto:freeipa-users-leave@lists.fedorahosted.org>
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
On 23 Jan 2018, at 14:44, Rob Crittenden via FreeIPA-users <freeipa-users@lists.fedorahosted.org mailto:freeipa-users@lists.fedorahosted.org> wrote:
But why?
Is it because the hardware is so cheap? Is it better/easier/cheaper than running it in a VM on an existing box? Is it merely for the "fun" factor (and I'm not disparaging it, I do lots of things just to see if it can be done).
rob
There are a couple of applications actually, I’m currently trying to build an access control system based on an IPA replica that runs *on* the door, using the existing replication mechanisms. This way, even if networking is down, as long as the door has power, I can open it.
-- Aljaž Srebrnič a.k.a g5pw My public key: https://g5pw.me/key https://g5pw.me/key Key fingerprint = 2109 8131 60CA 01AF 75EC 01BF E140 E1EE A54E E677
Aljaž Srebrnič wrote:
On 23 Jan 2018, at 14:44, Rob Crittenden via FreeIPA-users <freeipa-users@lists.fedorahosted.org mailto:freeipa-users@lists.fedorahosted.org> wrote:
But why?
Is it because the hardware is so cheap? Is it better/easier/cheaper than running it in a VM on an existing box? Is it merely for the "fun" factor (and I'm not disparaging it, I do lots of things just to see if it can be done).
rob
There are a couple of applications actually, I’m currently trying to build an access control system based on an IPA replica that runs *on* the door, using the existing replication mechanisms. This way, even if networking is down, as long as the door has power, I can open it.
This is great feedback, thanks.
You might be able to get away with an IPA client in this case. sssd will cache credentials. This wouldn't cover the case where someone hasn't used the door yet, power goes off, and they need to open it though.
I suspect that running without a CA is much more viable, but 389-ds can be resource-intesive as well depending on how many entries you have.
rob
On 24 Jan 2018, at 15:17, Rob Crittenden <rcritten@redhat.com mailto:rcritten@redhat.com> wrote:
This is great feedback, thanks.
You might be able to get away with an IPA client in this case. sssd will cache credentials. This wouldn't cover the case where someone hasn't used the door yet, power goes off, and they need to open it though.
Yes, that is the backup plan in case I can’t get the replica to work with the very limited amount of RAM I have (either 256 or 512 MB). It’s a fun project for my hackerspace so the cost of failure is not that high.
I suspect that running without a CA is much more viable, but 389-ds can be resource-intesive as well depending on how many entries you have.
I’m expecting we won’t have more than 150 users, so it shouldn’t be that big of a problem.
-- Aljaž Srebrnič a.k.a g5pw My public key: https://g5pw.me/key https://g5pw.me/key Key fingerprint = 2109 8131 60CA 01AF 75EC 01BF E140 E1EE A54E E677
freeipa-users@lists.fedorahosted.org
-
Alex Corcoles -
Aljaž Srebrnič -
Andrew Meyer -
Rob Crittenden