IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Handle NTP configuration in a replica server installation

Browse Source 
There were two separate issues:

1. If not enrolling on a pre-configured client then the ntp-server and
   ntp-pool options are not being passed down to the client installer
   invocation.
2. If the client is already enrolled then the ntp options are ignored
   altogether.

In the first case simply pass down the options to the client
installer invocation.

If the client is pre-enrolled and NTP options are provided then
raise an exception.

https://pagure.io/freeipa/issue/7723

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
This commit is contained in:
Rob Crittenden 2018-10-12 14:55:28 -04:00
parent fbcb79af13
commit 2fba5acc52
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
install/tools/man/ipa-replica-install.1
View File

@ -14,7 +14,7 @@ Domain level 0 is not supported anymore.
To create a replica, the machine only needs to be enrolled in the FreeIPA domain first. This process of turning the IPA client into a replica is also referred to as replica promotion. To create a replica, the machine only needs to be enrolled in the FreeIPA domain first. This process of turning the IPA client into a replica is also referred to as replica promotion.
If you're starting with an existing IPA client, simply run ipa\-replica\-install to have it promoted into a replica. If you're starting with an existing IPA client, simply run ipa\-replica\-install to have it promoted into a replica. The NTP configuration cannot be updated during client promotion.
To promote a blank machine into a replica, you have two options, you can either run ipa\-client\-install in a separate step, or pass the enrollment related options to the ipa\-replica\-install (see CLIENT ENROLLMENT OPTIONS). In the latter case, ipa\-replica\-install will join the machine to the IPA realm automatically and will proceed with the promotion step. To promote a blank machine into a replica, you have two options, you can either run ipa\-client\-install in a separate step, or pass the enrollment related options to the ipa\-replica\-install (see CLIENT ENROLLMENT OPTIONS). In the latter case, ipa\-replica\-install will join the machine to the IPA realm automatically and will proceed with the promotion step.

10
ipaserver/install/server/replicainstall.py
View File

@ -717,6 +717,11 @@ def ensure_enrolled(installer):
for ip in installer.ip_addresses: for ip in installer.ip_addresses:
# installer.ip_addresses is of type [CheckedIPAddress] # installer.ip_addresses is of type [CheckedIPAddress]
args.extend(("--ip-address", str(ip))) args.extend(("--ip-address", str(ip)))
if installer.ntp_servers:
for server in installer.ntp_servers:
args.extend(("--ntp-server", server))
if installer.ntp_pool:
args.extend(("--ntp-pool", installer.ntp_pool))
try: try:
# Call client install script # Call client install script
@ -774,6 +779,11 @@ def promote_check(installer):
"the --domain, --server, --realm, --hostname, --password " "the --domain, --server, --realm, --hostname, --password "
"and --keytab options.") "and --keytab options.")
# The NTP configuration can not be touched on pre-installed client:
if options.no_ntp or options.ntp_servers or options.ntp_pool:
raise ScriptError(
"NTP configuration cannot be updated during promotion")
sstore = sysrestore.StateFile(paths.SYSRESTORE) sstore = sysrestore.StateFile(paths.SYSRESTORE)
fstore = sysrestore.FileStore(paths.SYSRESTORE) fstore = sysrestore.FileStore(paths.SYSRESTORE)