Faking a hostname might work. But a bigger question is why are you trying to enroll the controller and/or compute servers?
Are you looking to have the created virtual machines enrolled? It has been nearly a decade since I worked on OSP. At the time the thing you'd want is novajoin but that was replaced by an Ansible-based solution. I don't know what that's called. You might ask in an openstack channel to see how it works. This isn't to be confused with TLS-Everywhere which was an Openstack-on-Openstack initiative to use the IPA CA to generate TLS certificates for all the services on all the controller and compute nodes so that all communication is encrypted. I also don't know if that's still being developed. I think you're looking for a client enrollment solution so that when an instance is created it is auto-enrolled into IPA so therefore would have access to all the users/groups. rob Russell Long via FreeIPA-users wrote: > Not sure if it's considered best practice, but the ipa-join command > takes a `--hostname` option, and you can provide a separate hostname > there from what is set on the server I believe. I do not think it will > change what hostname is set on the instance. > > On Tue, Sep 16, 2025 at 4:04 PM Navid Talesh via FreeIPA-users > <[email protected] > <mailto:[email protected]>> wrote: > > Our OpenStack server names are all non-FQDN, for example: > compute01 > > However, when joining FreeIPA, the hostname must be in FQDN format. > Now, when converting to FQDN, our OpenStack structure gets disrupted. > And without FQDN, it is not possible to join FreeIPA. > > Is there a way to join the server to FreeIPA without changing the > hostname? > > Sent from my phone > > > -------- Original message -------- > From: Rob Crittenden <[email protected] <mailto:[email protected]>> > Date: Tue, Sep 16, 2025, 16:31 > To: FreeIPA users list <[email protected] > <mailto:[email protected]>> > Cc: Navid Talesh <[email protected] > <mailto:[email protected]>> > Subject: Re: [Freeipa-users] Freeipa problem > > Navid Talesh via FreeIPA-users wrote: > Hi > I'm installing > FreeIPA and I've encountered a problem. I hope you can > guide > me. > I've a private cloud with 3 controllers and 6 compute > nodes, and now I > want to install FreeIPA to manage my users. > > However, when I installed FreeIPA and tried to add my cloud > servers to > it, I had to change the hostnames of the servers. > This change also > modified the hypervisor names inside > OpenStack, which broke my cloud. > Now I want to know if there > is a way to join the servers to FreeIPA > without changing their > hostnames. What led you to changing the OSP hostnames? If > joining to IPA failed, how did it fail? rob > > -- > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > <mailto:[email protected]> > To unsubscribe send an email to > [email protected] > <mailto:[email protected]> > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > > -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
