1004156 – ipa-replica-install should add new NS records to all zones (for redundancy)

Bug 1004156 - ipa-replica-install should add new NS records to all zones (for redundancy)

Summary: ipa-replica-install should add new NS records to all zones (for redundancy)

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ipa
Sub Component:
Version:	7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Martin Kosek
QA Contact:	Namita Soman
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-09-04 06:16 UTC by Martin Kosek
Modified:	2013-10-22 08:54 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Known Issue
Doc Text:	When DNS support is being added for an Identity Management server (for example, by using the ipa-dns-install or by using the --setup-dns flag in ipa-server-install or ipa-replica-install), the script adds a hostname of a new Identity Management DNS server to the list of name servers in the primary Identity Management DNS zone (via DNS NS record). However, it does not add the DNS name server record to other DNS zones served by the Identity Management. As a consequence, the list of name servers in the non-primary DNS zones has only a limited set of Identity Management name servers serving the DNS zone (only one, without user intervention). When the limited set of Identity Management name servers is not available, these DNS zones are not resolvable. To work around this problem, manually add new DNS name server records to all non-primary DNS zones when a new Identity Management replica is being added. Also manually remove such DNS name server records when the replica is being decommissioned. Non-primary DNS zones can maintain higher availability by having a manually maintained set of Identity Management name servers serving it.
Clone Of:
Environment:
Last Closed:	2013-09-04 06:27:33 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Martin Kosek 2013-09-04 06:16:05 UTC

This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/3343

''ipa-replica-install --setup-dns'' adds NS record pointing to the new replica only to some DNS zones. NS record should be added to *all* existing zones managed by IPA.

There is no redundancy without proper NS records.

Comment 1 Martin Kosek 2013-09-04 06:27:33 UTC

Please document in 7.0, this issue won't be fixed in this version.

Note You need to log in before you can comment on or make changes to this bug.