Red Hat Training
A Red Hat training course is available for Red Hat Enterprise Linux
6.3. Command Line: Managing Topology Using the ipa topology* Commands
6.3.1. Getting Help for Topology Management Commands
To display all commands used to manage replication topology:
$ ipa help topology
To display detailed help for a particular command, run it with the
--help option:
$ ipa topologysuffix-show --help
6.3.2. Setting up Replication Between Two Servers
- Use the ipa topologysegment-add command to create a topology segment for the two servers. When prompted, provide:
- the required topology suffix:
domainorcaNoteIf you want to create a segment betweencasuffixes, both servers must have a CA installed. See Section 26.8, “Installing a CA Into an Existing IdM Domain”. - the left node and the right node, representing the two servers
- optionally, a custom name for the segment
For example:$ ipa topologysegment-add Suffix name: domain Left node: server1.example.com Right node: server2.example.com Segment name [server1.example.com-to-server2.example.com]: new_segment --------------------------- Added segment "new_segment" --------------------------- Segment name: new_segment Left node: server1.example.com Right node: server2.example.com Connectivity: both
Adding the new segment joins the servers in a replication agreement. - Optional. Use the ipa topologysegment-show command to verify that the new segment is configured.
$ ipa topologysegment-show Suffix name: domain Segment name: new_segment Segment name: new_segment Left node: server1.example.com Right node: server2.example.com Connectivity: both
6.3.3. Stopping Replication Between Two Servers
- To stop replication, you must delete the corresponding replication segment between the servers. To do that, you need to know the segment name.If you do not know the name, use the ipa topologysegment-find command to display all segments, and locate the required segment in the output. When prompted, provide the required topology suffix:
domainorca. For example:$ ipa topologysegment-find Suffix name: domain ------------------ 8 segments matched ------------------ Segment name: new_segment Left node: server1.example.com Right node: server2.example.com Connectivity: both ... ---------------------------- Number of entries returned 8 ---------------------------- - Use the ipa topologysegment-del command to remove the topology segment joining the two servers.
$ ipa topologysegment-del Suffix name: domain Segment name: new_segment ----------------------------- Deleted segment "new_segment" -----------------------------
Deleting the segment removes the replication agreement. - Optional. Use the ipa topologysegment-find command to verify that the segment is no longer listed.
$ ipa topologysegment-find Suffix name: domain ------------------ 7 segments matched ------------------ Segment name: server2.example.com-to-server3.example.com Left node: server2.example.com Right node: server3.example.com Connectivity: both ... ---------------------------- Number of entries returned 7 ----------------------------