Yes, they will all need a unique identity as we will be using HBAC along
with RBAC. This is an HPC environment with 10k+ unique systems and growing.
I can explain more if you'd like.
On Tue, Sep 1, 2020 at 7:37 PM Ben Aveling via FreeIPA-users <
freeipa-users(a)lists.fedorahosted.org> wrote:
If these machines are stateless, does each new instance need a new
and
unique identity in IPA?
I don't know if multiple instances concurrently sharing a common identity
for IPA purposes would work, but maybe have a pool of identities, and have
each newly instantiated machine draw an identity from the pool?
FWIW, we have a number of machines that have a different hostname in IPA
to the hostname they use on the network, and touch wood, so far it works
fine.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
--
*Mark Potter*
Senior Linux Administrator
DownUnder GeoSolutions
16200 Park Row Drive, Suite 100
Houston TX 77084, USA
tel +1 832 582 3221
markp(a)dug.com
www.dug.com