Kevin, I cannot speak to your specific use case, but regarding this:
On 12/23/2020 9:50 AM, Kevin Vasko via FreeIPA-users wrote:
could enrolling 100s or 1000s of containers cause an issue for
freeIPA?Most of these would be fairly short lived (few days to weeks).
At that point I would need to go manually cleanup all of the enrolled
machines.
This could be a problem depending on how large your FreeIPA replication
farm is, and whether you have safeguards to keep the enrollments under
control. For example we had a user with an auto-scaling group which
was supposed to spin up 100 or so instances. A flaw in their code
caused the instances to die quickly, which the auto-scaling group would
try to replace. Left alone, we ended up with 50,000 unused host
entries in ipa. As it was happening, these new entries had to
replicate across our very large ipa farm causing slow performance &
service interruptions far far away from the faulty auto-scaling group.
--
Pat Larkin <Patrick.Larkin(a)Sabre.com> | Texas USA |