Bug 819630 - [RFE] Improve IPA usability in Amazon EC2 environment
[RFE] Improve IPA usability in Amazon EC2 environment
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: 7.1
Assigned To: Martin Kosek
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2012-05-07 15:16 EDT by Rob Crittenden
Modified: 2016-02-19 07:33 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-02-19 07:03:29 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Rob Crittenden 2012-05-07 15:16:45 EDT
This bug is created as a clone of upstream ticket:

This ticket is a follow up for #2648.

Amazon EC2 cloud environment network architecture does not play well with IPA's demand for static IP address bound to one of its network interfaces. A short description of the EC2 networking:
* VM has a private dynamic IP address which changes upon reboot of the machine
* VM has a public IP address that can be used to access the IPA machine from the outside networks
* User can ask for ''elastic IP'' which are not assigned to an interface but are always redirected correctly to the current instance

To solve this ticket we would need to at least:
* Make IP address checks less strict - the check if IP address is assigned to interface should rather be a warning and not a blocking error
  * This would enable user to use elastic IP address as IPA IP address that is then inserted to the `/etc/hosts` and used in DNS records
  * We need to make sure that DNS, client enrollment, Web UI, replication works correctly
* Do more investigation if we can help with the use of dynamic address as IPA IP address. We can at least provide some example in our documentation about how to update IPA IP address in `/etc/hosts` after reboot
Comment 6 Martin Kosek 2016-02-19 07:03:29 EST
I think this bug is too general. FreeIPA can be already used in Cloud Environments (like FreeIPA Public Demo running in the OpenStack), we can work on improvements and usability, but I would rather track the specific improvement requests than this catch all Bugzilla.
Comment 7 Jan Pazdziora 2016-02-19 07:15:48 EST
It is sad to see this bugzilla closed without pointer to where those specific issues will be tracked.

I agree that the comment 0 could have described specific Steps to reproduce to make it more clear where the pain points but there is enough material there that we seem to lose. Can't we turn this bugzilla into a tracker, with the individual issues tracked under it?
Comment 8 Martin Kosek 2016-02-19 07:33:06 EST
I would rather track this in the upstream tracker and for example start marking related tickets with "ec2", "openstack" or similar keyword. I am afraid that maintaining the tracker here in the Bugzilla would just again lead to obsoleting Bug (like this one) that is not being actively updated.

Note You need to log in before you can comment on or make changes to this bug.