On Tue, 2016-04-19 at 11:11 +0200, Petr Spacek wrote: > On 18.4.2016 21:33, Simo Sorce wrote: > > On Mon, 2016-04-18 at 17:44 +0200, Petr Spacek wrote: > >> * Find, filter and copy hand-made records from main tree into the > >> <tt>_locations</tt> sub-trees. This means that every hand-made record > >> needs to be copied and synchronized N-times where N = number of IPA > >> locations. > > > > This ^^ seem the one that provides the best semantics for admins and the > > least unexpected results. > > > >> My favorite option for the first version is 'document that enabling > >> DNS location will hide hand-made records in IPA domain.' > > > > I do not think this is acceptable, sorry. > > > >> The feature is disabled by default and needs additional configuration > >> anyway so simply upgrading should not break anything. > > > > It is also useless this way. > > > >> I'm eager to hear opinions and answers to questions above. > > > > HTH, > > Well it does not help because you did not answer the questions listed in the > design page. > > Anyway, here is third version of the design. It avoids copying user-made > records (basically 2 DNAMEs were replaced with bunch of CNAMEs): > > http://www.freeipa.org/page/V4/DNS_Location_Mechanism#Design_.28Version_3:_CNAME_per_service_name.29 > > It seems like a good middle ground: > http://www.freeipa.org/page/V4/DNS_Location_Mechanism#Comparison_of_proposals
It does seem like a decent middle ground. And I guess an admin would be able to add custom templates if he wants to have specific services forwarded to the location specific subtree ? > This required changes in RecordGenerator design, too: > https://fedorahosted.org/bind-dyndb-ldap/wiki/Design/RecordGenerator I do not see where you specify the specific record names you forward to the location trees here? > Also, CLI was updated to follow Honza's recommendations from previous e-mails: > http://www.freeipa.org/page/V4/DNS_Location_Mechanism#CLI Thanks for updating all designs in concert. Simo. -- Simo Sorce * Red Hat, Inc * New York -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
