diff options
| author | Petr Vobornik <pvoborni@redhat.com> | 2015-12-03 16:29:27 +0100 |
|---|---|---|
| committer | Petr Vobornik <pvoborni@redhat.com> | 2015-12-04 19:51:55 +0100 |
| commit | 81c06327b955f71cbbd89e5cfa47594157c3fcae (patch) | |
| tree | 489e7de14d904eabc4e471a670ed40b49f5aaa22 /ipalib | |
| parent | a497288b3eafe00ab9c819dd4a51d0b421824b36 (diff) | |
| download | freeipa-81c06327b955f71cbbd89e5cfa47594157c3fcae.tar.gz freeipa-81c06327b955f71cbbd89e5cfa47594157c3fcae.tar.xz freeipa-81c06327b955f71cbbd89e5cfa47594157c3fcae.zip | |
Extend topology help
`ipa help topology` is improved.
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: Tomas Babej <tbabej@redhat.com>
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/plugins/topology.py | 55 |
1 files changed, 52 insertions, 3 deletions
diff --git a/ipalib/plugins/topology.py b/ipalib/plugins/topology.py index 40f9fa803..128a34748 100644 --- a/ipalib/plugins/topology.py +++ b/ipalib/plugins/topology.py @@ -22,9 +22,58 @@ if six.PY3: __doc__ = _(""" Topology -Management of a replication topology. - -Requires minimum domain level 1. +Management of a replication topology at domain level 1. +""") + _(""" +IPA server's data is stored in LDAP server in two suffixes: +* domain suffix, e.g., 'dc=example,dc=com', contains all domain related data +* ca suffix, 'o=ipaca', is present only on server with CA installed. It + contains data for Certificate Server component +""") + _(""" +Data stored on IPA servers is replicated to other IPA servers. The way it is +replicated is defined by replication agreements. Replication agreements needs +to be set for both suffixes separately. On domain level 0 they are managed +using ipa-replica-manage and ipa-csreplica-manage tools. With domain level 1 +they are managed centrally using `ipa topology*` commands. +""") + _(""" +Agreements are represented by topology segments. By default topology segment +represents 2 replication agreements - one for each direction, e.g., A to B and +B to A. Creation of unidirectional segments is not allowed. +""") + _(""" +To verify that no server is disconnected in the topology of the given suffix, +use: + ipa topologysuffix-verify $suffix +""") + _(""" + +Examples: + Find all IPA servers: + ipa server-find +""") + _(""" + Find all suffixes: + ipa topologysuffix-find +""") + _(""" + Add topology segment to 'domain' suffix: + ipa topologysegment-add domain --left IPA_SERVER_A --right IPA_SERVER_B +""") + _(""" + Add topology segment to 'ca' suffix: + ipa topologysegment-add ca --left IPA_SERVER_A --right IPA_SERVER_B +""") + _(""" + List all topology segments in 'domain' suffix: + ipa topologysegment-find domain +""") + _(""" + List all topology segments in 'ca' suffix: + ipa topologysegment-find ca +""") + _(""" + Delete topology segment in 'domain' suffix: + ipa topologysegment-del domain segment_name +""") + _(""" + Delete topology segment in 'ca' suffix: + ipa topologysegment-del ca segment_name +""") + _(""" + Verify topology of 'domain' suffix: + ipa topologysuffix-verify domain +""") + _(""" + Verify topology of 'ca' suffix: + ipa topologysuffix-verify ca """) register = Registry() |