Add IPA SOP
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
This commit is contained in:
Michal Konecny
parent
9c036bf14e
commit
29ad61a0b9
2 changed files with 57 additions and 0 deletions
|
|
@ -123,6 +123,7 @@ xref:developer_guide:sops.adoc[Developing Standard Operating Procedures].
|
|||
* xref:infra-raidmismatch.adoc[Infrastructure Raid Mismatch Count]
|
||||
* xref:infra-repo.adoc[Infrastructure Yum Repo]
|
||||
* xref:infra-retiremachine.adoc[Infrastructure retire machine]
|
||||
* xref:ipa.adoc[IPA infrastructure]
|
||||
* xref:ipsilon.adoc[Ipsilon Infrastructure]
|
||||
* xref:iscsi.adoc[iSCSI]
|
||||
* xref:kerneltest-harness.adoc[Kerneltest-harness]
|
||||
|
|
|
|||
56
modules/sysadmin_guide/pages/ipa.adoc
Normal file
56
modules/sysadmin_guide/pages/ipa.adoc
Normal file
|
|
@ -0,0 +1,56 @@
|
|||
= IPA Infrastructure SOP
|
||||
|
||||
== Contact Information
|
||||
|
||||
Owner::
|
||||
Fedora Infrastructure Team
|
||||
|
||||
Contact::
|
||||
https://matrix.to/#/#admin:fedoraproject.org
|
||||
|
||||
Primary upstream contact::
|
||||
Alexander Bokovoy - FAS: abbra
|
||||
|
||||
Servers::
|
||||
* ipa01.iad2.fedoraproject.org
|
||||
* ipa02.iad2.fedoraproject.org
|
||||
* ipa03.iad2.fedoraproject.org
|
||||
* ipa01.stg.iad2.fedoraproject.org
|
||||
* ipa02.stg.iad2.fedoraproject.org
|
||||
* ipa03.stg.iad2.fedoraproject.org
|
||||
|
||||
URL::
|
||||
* link:https://id.fedoraproject.org/ipa/ui
|
||||
* link:https://id.stg.fedoraproject.org/ipa/ui
|
||||
|
||||
Purpose::
|
||||
IPA is used as Identity management server for Fedora users. It serves as backend for
|
||||
Fedora Account System.
|
||||
|
||||
== Description
|
||||
|
||||
link:https://www.freeipa.org/[IPA] is used as a backend LDAP database for handling the
|
||||
user authentication inside Fedora Infrastructure.
|
||||
|
||||
== Known issues
|
||||
|
||||
Most issues regarding user data could be solved through web interface.
|
||||
|
||||
== Restarting
|
||||
|
||||
To restart the IPA service you simply need to ssh to any of the servers and issue an
|
||||
`ipactl restart`.
|
||||
|
||||
== Configuration
|
||||
|
||||
Configuration is handled by the
|
||||
link:https://pagure.io/fedora-infra/ansible/blob/5ad386ed6fb30484348848a354d4dfa6b7393f74/f/playbooks/groups/ipa.yml[ipa.yml]
|
||||
playbook in Ansible. This playbook could also be used to reconfigure application,
|
||||
if that becomes necessary.
|
||||
|
||||
== Common actions
|
||||
|
||||
This section describes some common actions done on IPA.
|
||||
|
||||
* xref:howtos:groups_in_fedora.adoc#_how_to_create_a_group[Creating group]
|
||||
* xref:2-factor.adoc[Two factor authentication]
|
||||
Loading…
Add table
Add a link
Reference in a new issue