On 15.11.2013 17:44, Derek Moore wrote:
Practically though, I think an idempotent installer opens a lot of cans of
worms. Do we limit some answers to their original? Take for instance the
REALM. Can someone change it on-the-fly? It would have some deep
repercussions. Similarly, changing the hostname. There are all kinds of
corner cases.
I would say, at least for the beginning, that all parameters have to be the
same ad on the first run. (Installer could save parameters somewhere and read
them again on re-install.)
This is very true! Nothing is quite so complex as realm controllers for
krb5+ldap+nss+sssd+bind+ca+blah+blim+blam!
You guys sure have your work cut out for you!
About the only other Red Hat projects I've seen that are nearly as complex
as FreeIPA are oVirt & OpenShift (ok, maybe Cluster Suite, too), in terms
of fully taking over the host being configured and the insane amount of
inter-dependencies therein and the fragility of installers (installers from
nightlies, alpha, or beta; I like to live on the bleeding edge).
In ~2002 I setup my own hand-rolled krb5+ldap+nss realm cluster for virtual
domain web & email hosting, and I swear that took me weeks. It is a joy to
have something like FreeIPA these days.
Once again I'll take the opportunity to pimp otopi, even if it may not be
the right solution for you guys, they are trying to solve similar problems
in a similarly complex environment:
http://www.ovirt.org/Features/Otopi_Infra_Migration
https://github.com/oVirt/otopi
It is interesting, thank you for suggestion. We will see if our Python guys
found some time for it.
Petr^2 Spacek
otopi -- oVirt Task Oriented Pluggable Installer/Implementation
===============================================================
Standalone plugin based installation framework to be used to setup
system components. The plugin nature provides simplicity to
add new installation functionality without the complexity of the state
and transaction management.
At the core of the implementation there is environment dictionary and
a flow of stages within plugins. The environment can be modified using
command-line parameters, configuration file, or dialog customization.
Features:
* otopi is a library for component installation.
* Modular, task oriented implementation.
* Supports pluggable manager dialog protocol, provides
human and machine dialogs.
* Localization support, gettext enabled.
* Local and remote execution modes are supported.
* Distribution independent implementation (core).
* Compatible with python-2.6, python-2.7, python-3.2
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
