IPA Infrastructure SOP
Contact Information
- Owner
-
Fedora Infrastructure Team
- Contact
- Primary upstream contact
-
Alexander Bokovoy - FAS: abbra
- Servers
-
-
ipa01.iad2.fedoraproject.org
-
ipa02.iad2.fedoraproject.org
-
ipa03.iad2.fedoraproject.org
-
ipa01.stg.iad2.fedoraproject.org
-
ipa02.stg.iad2.fedoraproject.org
-
ipa03.stg.iad2.fedoraproject.org
-
- URL
- Purpose
-
IPA is used as Identity management server for Fedora users. It serves as backend for Fedora Account System.
Description
IPA is used as a backend LDAP database for handling the user authentication inside Fedora Infrastructure.
Known issues
Most issues regarding user data could be solved through web interface.
Web UI redirects to internal name
If web UI starts redirecting to internal name instead of https://id.fedoraproject.org/ipa/ui
you need to either run ipa.yml playbook or fix that in /etc/httpd/conf.d/ipa-redirects.conf on the
machine that the redirection is going to.
Checking status
To check status of IPA cluster you simply need to ssh to any of the servers and run
ipactl status.
Restarting
To restart the IPA service you simply need to ssh to any of the servers and issue an
ipactl restart.
Configuration
Configuration is handled by the ipa.yml playbook in Ansible. This playbook could also be used to reconfigure application, if that becomes necessary.
Want to help? Learn how to contribute to Fedora Docs ›