Yes, they will all need a unique identity as we will be using HBAC along with RBAC. This is an HPC environment with 10k+ unique systems and growing. I can explain more if you'd like.
On Tue, Sep 1, 2020 at 7:37 PM Ben Aveling via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote: > If these machines are stateless, does each new instance need a new and > unique identity in IPA? > > I don't know if multiple instances concurrently sharing a common identity > for IPA purposes would work, but maybe have a pool of identities, and have > each newly instantiated machine draw an identity from the pool? > > FWIW, we have a number of machines that have a different hostname in IPA > to the hostname they use on the network, and touch wood, so far it works > fine. > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org > -- *Mark Potter* Senior Linux Administrator DownUnder GeoSolutions 16200 Park Row Drive, Suite 100 Houston TX 77084, USA tel +1 832 582 3221 ma...@dug.com www.dug.com
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
