< Changes
mNo edit summary |
|||
| (6 intermediate revisions by 2 users not shown) | |||
| Line 34: | Line 34: | ||
<!-- Include you email address that you can be reached should people want to contact you about helping with your change, status is requested, or technical issues need to be resolved. If the change proposal is owned by a SIG, please also add a primary contact person. --> | <!-- Include you email address that you can be reached should people want to contact you about helping with your change, status is requested, or technical issues need to be resolved. If the change proposal is owned by a SIG, please also add a primary contact person. --> | ||
* Email: server@lists.fedoraproject.org | * Email: server@lists.fedoraproject.org | ||
* Release notes owner: | * Release notes owner: [[User:Pbokoc| Petr Bokoc]] pbokoc at redhat dot com | ||
<!--- UNCOMMENT only for Changes with assigned Shepherd (by FESCo) | <!--- UNCOMMENT only for Changes with assigned Shepherd (by FESCo) | ||
* FESCo shepherd: [[User:FASAccountName| Shehperd name]] <email address> | * FESCo shepherd: [[User:FASAccountName| Shehperd name]] <email address> | ||
| Line 53: | Line 53: | ||
CLOSED as NEXTRELEASE -> change is completed and verified and will be delivered in next release under development | CLOSED as NEXTRELEASE -> change is completed and verified and will be delivered in next release under development | ||
--> | --> | ||
* Tracker bug: | * Tracker bug: [https://bugzilla.redhat.com/show_bug.cgi?id=1089262 #1089262] | ||
== Detailed Description == | == Detailed Description == | ||
| Line 59: | Line 59: | ||
The Fedora Server will be shipped with a role-deployment mechanism. One such role will be to act as a primary or replica Domain Controller for the Linux machines in the network. | The Fedora Server will be shipped with a role-deployment mechanism. One such role will be to act as a primary or replica Domain Controller for the Linux machines in the network. | ||
This will be implemented by taking advantage of the FreeIPA project, packaging it up within the Server Role Framework and enabling it to be deployed through the mechanisms described in the [[Changes/ | This will be implemented by taking advantage of the FreeIPA project, packaging it up within the Server Role Framework and enabling it to be deployed through the mechanisms described in the [[Changes/FrameworkForServerRoleDeployment | Server Role Infrastructure]] Change Proposal. | ||
== Benefit to Fedora == | == Benefit to Fedora == | ||
| Line 144: | Line 144: | ||
--> | --> | ||
[[Category: | [[Category:ChangeAcceptedF21]] | ||
<!-- When your change proposal page is completed and ready for review and announcement --> | <!-- When your change proposal page is completed and ready for review and announcement --> | ||
<!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler --> | <!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler --> | ||
Latest revision as of 15:40, 11 August 2014
Domain Controller Server Role
Summary
The Fedora Server Product will provide a standard deployment mechanism for a Linux Domain Controller (powered by the FreeIPA project).
Owner
- Name: Stephen Gallagher
- Name: Simo Sorce
- Email: server@lists.fedoraproject.org
- Release notes owner: Petr Bokoc pbokoc at redhat dot com
- Product: Server
- Responsible WG: Server WG
Current status
Detailed Description
The Fedora Server will be shipped with a role-deployment mechanism. One such role will be to act as a primary or replica Domain Controller for the Linux machines in the network.
This will be implemented by taking advantage of the FreeIPA project, packaging it up within the Server Role Framework and enabling it to be deployed through the mechanisms described in the Server Role Infrastructure Change Proposal.
Benefit to Fedora
The major advantage to Fedora is a vast simplification in the setup and deployment of a managed Linux network. With the Domain Controller Role, the user will be asked to provide a few very basic pieces of information about their network and the role deployment tools will do the rest of the work for them. With a Domain Controller in place, previously-complex tasks such as setting up single-sign-on between machines will be trivial to accomplish.
Scope
- Proposal owners:
- FreeIPA and the optional CA and DNS components need to be packaged appropriately for use with the Server Role Infrastructure.
- A D-BUS API plugin needs to be written and tested to support deployment and monitoring of the Domain Controller Role.
- Other developers:
- None
- Release engineering:
- Pre-loading roles will need to be a capability of the Anaconda install system, both in the graphical installer and kickstart
- Policies and guidelines:
- Packaging guidelines for this Change should be inherited from the Server Role Infrastructure Change Proposal.
Upgrade/compatibility impact
Fedora Server Roles are applicable only to machines that have been installed using the Fedora Server Product install media. As such, there is no direct way to upgrade to this state from Fedora 20, which did not have the Fedora Server Product.
How To Test
- What special hardware / data / etc. is needed (if any)?
- This Role should work on any Fedora Server installation as long as the underlying FreeIPA technologies support the architecture.
- How do I prepare my system to test this change? What packages need to be installed, config files edited, etc.?
- Testing should be performed on a clean installation of Fedora Server, both through kickstart and interactive install.
- What specific actions do I perform to check that the change is working like it's supposed to?
- There will be a role-deployment tool provided, as well as possibly a Cockpit module, to deploy the Domain Controller Role. These tools should be run to do the initial deployment. Subsequent testing should be performed by joining additional (physical or virtual) machines to this domain using realmd.
- What are the expected results of those actions?
- A domain should be made available to the network with very little effort and clients should be able to join it.
User Experience
Users will now be provided with an easy way to deploy a Domain Controller for their Linux environment. If they are using Cockpit, this will be presented to them with a simple GUI.
Dependencies
This Change depends heavily on the Fedora Server Role Infrastructure Change.
Individual parts of this Change may or may not be completed in time for Fedora 21. This may include a Cockpit graphical UI tool and an OpenLMI remote management tool.
Contingency Plan
- Contingency mechanism: No contingency plan; this must be completed as a blocker for the Fedora Server release
- Contingency deadline: N/A
- Blocks release? Yes
- Blocks product? Fedora Server
Documentation
Documentation has not yet been written, but we will be coordinating with the Fedora Documentation team.