Bug 1861910

Summary: [RFE] Replace ipa_host, ipa_dns*, ipa_service with ansible-freeipa equivalents
Product: Red Hat OpenStack Reporter: Ade Lee <alee>
Component: ansible-tripleo-ipaAssignee: Dave Wilde <dwilde>
Status: CLOSED WONTFIX QA Contact: Jeremy Agee <jagee>
Severity: medium Docs Contact:
Priority: high    
Version: 16.1 (Train)CC: dwilde, hrybacki, rcritten, scohen, spower, twoerner
Target Milestone: AlphaKeywords: FutureFeature, Triaged
Target Release: ---Flags: ifrangs: needinfo? (dwilde)
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-11 19:13:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1918025    
Bug Blocks:    

Description Ade Lee 2020-07-29 21:16:59 UTC 
Description of problem:

Most of tripleo-ipa (and one bit of THT template) uses the upstream ansible module to do IPA things.  These modules are not supported by Red Hat - and we should use the equivalents in ansible-freeipa instead.

See [1] for details.

At least some of these equivalents are in RHEL 8.3.  This BZ is to track those features.  Another BZ will be added to track 8.4 features.

The features in 8.3 are:
ipa_host, ipa_dns*, ipa_service

Also, we need to install our ipa servers using the freeipa ansible role instead of CLI commands. 

[1] https://docs.google.com/document/d/1vaT2xdD7z7I4JZxW7sLM1AE6_srh_VOtPkpIS2t9caA/edit

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info: