10:01 a.m.
We get questions periodically on installing IPA onto SoC boards, mostly
ARM and usually a Pi (Banana or Raspberry).
We'd like to add a wiki page or howto with tips on known workarounds.
We'd also like to get some use cases on why you'd want to run IPA on
something like this. Is it just an experiment, using it on a home
network with just a few nodes, something else?
I'll take all the input and create a wiki page on it.
Note that up to now we don't recommend doing such an install. Maybe the
user stories will change our mind.
thanks
rob
2:24 p.m.
I'm just starting, but:
$ free -m
total used free shared buff/cache
available
Mem: 1791 680 274 72 835
833
Swap: 0 0 0
This is for personal use, so being able to run a replica at home for little
money would be nice.
I haven't tried, though- are there known caveats?
On Mon, Jan 22, 2018 at 5:01 PM, Rob Crittenden via FreeIPA-users <
freeipa-users(a)lists.fedorahosted.org> wrote:
We get questions periodically on installing IPA onto SoC boards,
mostly
ARM and usually a Pi (Banana or Raspberry).
We'd like to add a wiki page or howto with tips on known workarounds.
We'd also like to get some use cases on why you'd want to run IPA on
something like this. Is it just an experiment, using it on a home
network with just a few nodes, something else?
I'll take all the input and create a wiki page on it.
Note that up to now we don't recommend doing such an install. Maybe the
user stories will change our mind.
thanks
rob
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
--
___
{~._.~}
( Y )
()~*~() mail: alex at corcoles dot net
(_)-(_) http://alex.corcoles.net/
10:28 p.m.
New subject: Request for input on installing IPA onto ARM/SoC boards
Agreed. I would love to run this on a raspberry pi or better.
Get Yahoo Mail for Mobile
On Mon, Jan 22, 2018 at 14:25, Alex Corcoles via
FreeIPA-users<freeipa-users(a)lists.fedorahosted.org> wrote:
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
7:44 a.m.
New subject: Request for input on installing IPA onto ARM/SoC boards
Andrew Meyer via FreeIPA-users wrote:
Agreed. I would love to run this on a raspberry pi or better.
But why?
Is it because the hardware is so cheap? Is it better/easier/cheaper than
running it in a VM on an existing box? Is it merely for the "fun" factor
(and I'm not disparaging it, I do lots of things just to see if it can
be done).
rob
Get Yahoo Mail for Mobile
<https://go.onelink.me/107872968?pid=InProduct&c=MailPP_sig_Dec17&...
On Mon, Jan 22, 2018 at 14:25, Alex Corcoles via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
<mailto:freeipa-users@lists.fedorahosted.org>
To unsubscribe send an email to
freeipa-users-leave(a)lists.fedorahosted.org
<mailto:freeipa-users-leave@lists.fedorahosted.org>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
3:12 a.m.
New subject: Request for input on installing IPA onto ARM/SoC boards
On 23 Jan 2018, at 14:44, Rob Crittenden via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org
<mailto:freeipa-users@lists.fedorahosted.org>> wrote:
But why?
Is it because the hardware is so cheap? Is it better/easier/cheaper than
running it in a VM on an existing box? Is it merely for the "fun" factor
(and I'm not disparaging it, I do lots of things just to see if it can
be done).
rob
There are a couple of applications actually, I’m currently trying to build an access
control system based on an IPA replica that runs *on* the door, using the existing
replication mechanisms. This way, even if networking is down, as long as the door has
power, I can open it.
--
Aljaž Srebrnič a.k.a g5pw
My public key: https://g5pw.me/key <https://g5pw.me/key>
Key fingerprint = 2109 8131 60CA 01AF 75EC 01BF E140 E1EE A54E E677
8:17 a.m.
New subject: Request for input on installing IPA onto ARM/SoC boards
Aljaž Srebrnič wrote:
> On 23 Jan 2018, at 14:44, Rob Crittenden via FreeIPA-users
> <freeipa-users(a)lists.fedorahosted.org
> <mailto:freeipa-users@lists.fedorahosted.org>> wrote:
>
> But why?
>
> Is it because the hardware is so cheap? Is it better/easier/cheaper than
> running it in a VM on an existing box? Is it merely for the "fun" factor
> (and I'm not disparaging it, I do lots of things just to see if it can
> be done).
>
> rob
There are a couple of applications actually, I’m currently trying to
build an access control system based on an IPA replica that runs *on*
the door, using the existing replication mechanisms. This way, even if
networking is down, as long as the door has power, I can open it.
This is great feedback, thanks.
You might be able to get away with an IPA client in this case. sssd will
cache credentials. This wouldn't cover the case where someone hasn't
used the door yet, power goes off, and they need to open it though.
I suspect that running without a CA is much more viable, but 389-ds can
be resource-intesive as well depending on how many entries you have.
rob
9:13 a.m.
New subject: Request for input on installing IPA onto ARM/SoC boards
On 24 Jan 2018, at 15:17, Rob Crittenden <rcritten(a)redhat.com
<mailto:rcritten@redhat.com>> wrote:
This is great feedback, thanks.
You might be able to get away with an IPA client in this case. sssd will
cache credentials. This wouldn't cover the case where someone hasn't
used the door yet, power goes off, and they need to open it though.
Yes, that is the backup plan in case I can’t get the replica to work with the very limited
amount of RAM I have (either 256 or 512 MB). It’s a fun project for my hackerspace so the
cost of failure is not that high.
I suspect that running without a CA is much more viable, but 389-ds can
be resource-intesive as well depending on how many entries you have.
I’m expecting we won’t have more than 150 users, so it shouldn’t be that big of a
problem.
--
Aljaž Srebrnič a.k.a g5pw
My public key: https://g5pw.me/key <https://g5pw.me/key>
Key fingerprint = 2109 8131 60CA 01AF 75EC 01BF E140 E1EE A54E E677
2284
days inactive
2286
days old
freeipa-users@lists.fedorahosted.org
6 comments
4 participants
participants (4)
-
Alex Corcoles -
Aljaž Srebrnič -
Andrew Meyer -
Rob Crittenden