This may be a bit of a strange scenario.
Environment is a compute cluster (running xCAT 2.15)
FreeIPA server is running on the cluster master node.
FreeIPA clients are installed on all other nodes. Compute nodes, login nodes, storage nodes, GPU nodes, etc.
I created a script that installs the client packages and joins the realm after provisioning the OS. That all works great on new hosts.
My issue is that compute nodes are reinstalled on occasion. Normally, that is a simple process. Tell the cluster master to mark that host for install. During the next PXE boot, that happens. Problem is, if the node has already been part of the realm, it can't join, so that command fails. If I manually go into FreeIPA server and remove the node while it's reinstalling the OS, then the client script runs fine when that is complete.
Is there a way to have a client execute a command to remove it's previous information before joining?
Thanks in advance.
On ke, 25 maalis 2020, None via FreeIPA-users wrote:
This may be a bit of a strange scenario.
Environment is a compute cluster (running xCAT 2.15)
FreeIPA server is running on the cluster master node.
FreeIPA clients are installed on all other nodes. Compute nodes, login nodes, storage nodes, GPU nodes, etc.
I created a script that installs the client packages and joins the realm after provisioning the OS. That all works great on new hosts.
My issue is that compute nodes are reinstalled on occasion. Normally, that is a simple process. Tell the cluster master to mark that host for install. During the next PXE boot, that happens. Problem is, if the node has already been part of the realm, it can't join, so that command fails. If I manually go into FreeIPA server and remove the node while it's reinstalling the OS, then the client script runs fine when that is complete.
Is there a way to have a client execute a command to remove it's previous information before joining?
You can pass --force-join to ipa-client-install to force through the already existing host.
Otherwise, you can run 'ipa-client-install --uninstall', that will clear everthing.
--force-join Sounds like it may be just what I'm looking for.
I'll give that a try.
Thank you!
On Wed, Mar 25, 2020 at 12:56 PM Alexander Bokovoy abokovoy@redhat.com wrote:
On ke, 25 maalis 2020, None via FreeIPA-users wrote:
This may be a bit of a strange scenario.
Environment is a compute cluster (running xCAT 2.15)
FreeIPA server is running on the cluster master node.
FreeIPA clients are installed on all other nodes. Compute nodes, login nodes, storage nodes, GPU nodes, etc.
I created a script that installs the client packages and joins the realm after provisioning the OS. That all works great on new hosts.
My issue is that compute nodes are reinstalled on occasion. Normally,
that
is a simple process. Tell the cluster master to mark that host for install. During the next PXE boot, that happens. Problem is, if the
node
has already been part of the realm, it can't join, so that command fails. If I manually go into FreeIPA server and remove the node while it's reinstalling the OS, then the client script runs fine when that is
complete.
Is there a way to have a client execute a command to remove it's previous information before joining?
You can pass --force-join to ipa-client-install to force through the already existing host.
Otherwise, you can run 'ipa-client-install --uninstall', that will clear everthing.
-- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland
freeipa-users@lists.fedorahosted.org
-
aaronhcarr@gmail.com -
Alexander Bokovoy