On 02/04/2016 06:14 PM, Christophe TREFOIS wrote:
Hi all,
We are currently running a 3-replica (all are setup with the —setup-ca flag)
cluster on Fedora 21, with FreeIPA 4.1.4.
We would like to slowly upgrade to the new version and move away from Fedora to
CentOS 7.2.
We were thinking of the following:
- Create 3 CentOS machines with —setup-ca flag so that our current cluster is 6.
The first CentOS VM would then probably update the DB schema to the new FreeIPA
version.
- Remove the Fedora VMs 1 by 1 from the cluster using ipa-replica-manage del
<host>
- Be happy?
1. Could you please advise if this is considered the safest practise?
More or less yes:
1. create First IPA 4.2 against some FreeIPA 4.1.4 with CA
2. create the other two against the newly Created CentOS - will verify
if it is in a good shape
3. set new renewal CRL master:
http://www.freeipa.org/page/Howto/Promote_CA_to_Renewal_and_CRL_Master
4. Migrate DNA ranges using ipa-replica-manage tool
if all works well, remove all servers:
5. remove CA repl. agreements for old servers using ipa-csreplica-manage del
6. remove old servers data and repl. agreements using ipa-replica-manage del
7. uninstall old servers using ipa-server-install --uninstall
2. Do we have to update to intermediate versions and if so how?
Should not be necessary.
Could we do anything else?
Thank you for any hints,
Kind regards,
—
Christophe
--
Petr Vobornik
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
