Bug 1298848

Summary: [RFE] Centralized topology management
Product: Red Hat Enterprise Linux 7 Reporter: Petr Vobornik <pvoborni>
Component: ipaAssignee: IPA Maintainers <ipa-maint>
Status: CLOSED ERRATA QA Contact: Namita Soman <nsoman>
Severity: medium Docs Contact: Aneta Šteflová Petrová <apetrova>
Priority: high    
Version: 7.2CC: akasurde, ksiddiqu, mbabinsk, mbasti, mkosek, rcritten, spoore
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-4.4.0-1.el7 Doc Type: Release Note
Doc Text:
Enhanced IdM topology management Information about the Identity Management (IdM) topology is now maintained at a central location in the shared tree. As a result, you can now manage the topology from any IdM server using the command line or the web UI. Additionally, some topology management operations have been simplified, notably: * Topology commands have been integrated into the IdM command-line interface, so that you can perform all replica operations using the native IdM command-line tools. * You can manage replication agreements in the web UI or from the command line using a new and simplified workflow. * The web UI includes a graph of the IdM topology, which helps visualize the current state of replica relationships. * IdM includes safety measures that prevent you from accidentally deleting the last certificate authority (CA) master from the topology or isolating a server from the other servers. * Support for server roles as a simpler way of determining which server in the topology hosts which services as well as installing these services onto a server. For details, see https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html#managing-topology Note that the new functionality requires raising the domain level to `1`. See https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html#domain-level
 Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-04 05:49:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1199516, 1206588    
Bug Blocks: 1292074, 1296125, 1313485, 1337808    
Attachments:
Description Flags
tkt_5181.log
none
tkt_5689.log
none
tkt_5840.log
none
tkt_5867.png
none
tkt_5906.png
none
tkt_5967.png
none
tkt_4987.log
none
tkt_5411.log
none
tkt_5588.log none

Description Petr Vobornik 2016-01-15 09:23:48 UTC 
Description of problem:

As an Administrator I want to manage the IdM Server replication topology from a central location via CLI or UI, so that I can overview the configured topology and easily do changes to the replication agreements of the main or CA database.

Upstream design: http://www.freeipa.org/page/V4/Manage_replication_topology
Comment 3 Petr Vobornik 2016-02-19 13:48:05 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5181
Comment 4 Petr Vobornik 2016-02-19 13:48:11 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5689
Comment 5 Petr Vobornik 2016-02-19 13:48:14 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5588
Comment 6 Petr Vobornik 2016-02-19 13:48:16 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5411
Comment 7 Petr Vobornik 2016-02-19 13:48:18 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/4987
Comment 8 Martin Kosek 2016-02-25 14:51:17 UTC 
*** Bug 1031852 has been marked as a duplicate of this bug. ***
Comment 9 Martin Kosek 2016-02-25 14:55:05 UTC 
Bug 1031852 should be inherently solved by this feature and the CLEANALLRUV improvements (details in the bug).
Comment 10 Petr Vobornik 2016-04-28 14:28:11 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5840
Comment 11 Martin Bašti 2016-04-28 15:41:16 UTC 
Fixed upstream
ipa-4-3:
https://fedorahosted.org/freeipa/changeset/41458ab80330cc94ea3d7b1da3fe629b882f4356
https://fedorahosted.org/freeipa/changeset/cf0fbbae8e2a603424d77d52ccaaf428bca1a233
https://fedorahosted.org/freeipa/changeset/1ee1ee2d1ec70d8d15884eafa0472edb63ed70d3
https://fedorahosted.org/freeipa/changeset/c5f135bf1b16ea3c27d5b3b62c5b751850e0df70
master:
https://fedorahosted.org/freeipa/changeset/37865aa1d7d388042a3b8a66975b466ec27a3d38
https://fedorahosted.org/freeipa/changeset/d2bb8b7bb1032bf501c984f26f47ef6778c6796a
https://fedorahosted.org/freeipa/changeset/ee05442e5d65766774c18679af78f21a12309730
https://fedorahosted.org/freeipa/changeset/c34af691def03313b61a231b85213c8f20e44cfa
Comment 12 Petr Vobornik 2016-05-05 10:59:20 UTC 
Ticket https://fedorahosted.org/freeipa/ticket/5411 is more related to bug 1212713 than to this general ticket. Consider to test it in that bug.
Comment 13 Petr Vobornik 2016-05-10 14:43:41 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5867
Comment 14 Martin Bašti 2016-05-10 15:32:45 UTC 
Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/7098d98100d61f9ed2efc6d4db635c24f9786040
ipa-4-3:
https://fedorahosted.org/freeipa/changeset/040e9a12b0a7c9f73b899ad2b0df24ae27957417
Comment 15 Petr Vobornik 2016-05-17 15:46:21 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5883
Comment 16 Petr Vobornik 2016-05-17 15:46:31 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5884
Comment 17 Petr Vobornik 2016-06-02 13:02:33 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5906
Comment 18 Martin Bašti 2016-06-13 15:54:52 UTC 
master:
https://fedorahosted.org/freeipa/changeset/7e2bef0b9f36a90902784be9363cbcb5ba4221b4
https://fedorahosted.org/freeipa/changeset/d07b7e0f6fe62eb10edcc7d3a4e884e5c8fd1d29
https://fedorahosted.org/freeipa/changeset/40d8dded7fc1e71621516da9197c736057c0b6e4
https://fedorahosted.org/freeipa/changeset/80cbddaa37241e5c762edb656e4c658e652c87ef
https://fedorahosted.org/freeipa/changeset/b9aa31191b3067aced1432daa06d18b4382cd77f
https://fedorahosted.org/freeipa/changeset/5f7086e7183f0fcfece2bdd5be3d1ea17384717b
https://fedorahosted.org/freeipa/changeset/21def4fde0b09a256fad3231a9042219f707fc8a
Comment 19 Petr Vobornik 2016-06-14 16:29:03 UTC 
Server roles Web UI fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/95c61c6a0b7d97a9f78fc5b83f38ce2b43cbebc4
https://fedorahosted.org/freeipa/changeset/72fe7e3294fd2f0acdab161180609e9868c4a943
https://fedorahosted.org/freeipa/changeset/1eb57600185f96e61d0894148a5f50870173c7cd
https://fedorahosted.org/freeipa/changeset/31faf1c21d5635edfa9da23005a1942452a0248c
Comment 20 Martin Bašti 2016-06-17 16:56:24 UTC 
master:
https://fedorahosted.org/freeipa/changeset/d8ae2b4055284de8c1baf76819d6611978f83cc6
https://fedorahosted.org/freeipa/changeset/db882ae8d6eba768e08be9317e386f8ab3c8fcf7
https://fedorahosted.org/freeipa/changeset/a6eb87bd68295e15ea19f5cb274cffbef5954d04
https://fedorahosted.org/freeipa/changeset/081941a5b9c9ac8832c465b857032e474bb9b09f
https://fedorahosted.org/freeipa/changeset/47decc9b843b1b1d292511bcc8a24f8ac85745c0
https://fedorahosted.org/freeipa/changeset/31ffe1a12922b5118c847cbd6ac1ca9ea232ef94
Comment 21 Martin Bašti 2016-06-17 17:01:29 UTC 
master:
https://fedorahosted.org/freeipa/changeset/a540c909a7f63e7b0c19207eec69bd5914cb186e
Comment 22 Martin Bašti 2016-06-21 11:39:50 UTC 
master:
https://fedorahosted.org/freeipa/changeset/a7f937e82cd8fdfa457ef9ae7de227d7e2502c3b
https://fedorahosted.org/freeipa/changeset/fac0c7b26002156e4154dc2bc5b198fccdaf71e0
Comment 23 Petr Vobornik 2016-06-21 12:19:56 UTC 
topology graph enhancemetns related to tickets #5648, #5867

master:
https://fedorahosted.org/freeipa/changeset/be235cedf88ee69430abea44ad1eca4bc5817d7b
https://fedorahosted.org/freeipa/changeset/ab52b33c71d62524b9d46a66a22ec0440d23ff38
https://fedorahosted.org/freeipa/changeset/f85c347f4d2f50d49e77373a56c55f3e2b4bc473
Comment 24 Petr Vobornik 2016-06-21 12:23:50 UTC 
Unlinking #5883 and #5884:
* topology graph: Add background to the canvas to improve UX
* topology graph: add buttons for zooming the canvas

They are only UX enhancements which won't be addresses in 4.4 upstream release. They don't solve any additional use cases.
Comment 26 Petr Vobornik 2016-06-22 16:39:23 UTC 
Moving to assinged, due to #5967
Comment 27 Petr Vobornik 2016-06-22 16:40:02 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5967
Comment 28 Martin Kosek 2016-06-27 06:10:30 UTC 
All currently linked upstream tickets are fixed. Moving to POST.
Comment 29 Petr Vobornik 2016-06-30 12:24:30 UTC 
Web UI for server-del:

Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/e65ce4fedc8e8e4f16c8d0c56f7618a84e8e7f85
https://fedorahosted.org/freeipa/changeset/7f4de88ea1da11d4111a917672c0cb7ab9866c90
Comment 33 Abhijeet Kasurde 2016-08-20 17:03:02 UTC 
Created attachment 1192481 [details]
tkt_5181.log
Comment 34 Abhijeet Kasurde 2016-08-20 17:26:08 UTC 
Created attachment 1192483 [details]
tkt_5689.log
Comment 35 Abhijeet Kasurde 2016-08-21 05:21:50 UTC 
Observed BZ1368754 while verifying tkt_5588
Comment 36 Abhijeet Kasurde 2016-08-22 05:07:29 UTC 
Created attachment 1192771 [details]
tkt_5840.log
Comment 37 Abhijeet Kasurde 2016-08-22 08:37:19 UTC 
Created attachment 1192817 [details]
tkt_5867.png
Comment 38 Abhijeet Kasurde 2016-08-22 08:42:11 UTC 
Created attachment 1192828 [details]
tkt_5906.png
Comment 39 Abhijeet Kasurde 2016-08-22 08:46:05 UTC 
Created attachment 1192837 [details]
tkt_5967.png
Comment 40 Abhijeet Kasurde 2016-08-22 09:00:38 UTC 
Created attachment 1192839 [details]
tkt_4987.log
Comment 41 Abhijeet Kasurde 2016-08-22 09:09:26 UTC 
Created attachment 1192857 [details]
tkt_5411.log
Comment 42 Abhijeet Kasurde 2016-08-22 09:34:41 UTC 
Created attachment 1192864 [details]
tkt_5588.log
Comment 43 Abhijeet Kasurde 2016-08-22 09:35:31 UTC 
Verified using IPA version ::

ipa-server-4.4.0-8.el7.x86_64

Marking RFE BZ as verified based on above log files.
Comment 45 errata-xmlrpc 2016-11-04 05:49:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2404.html