Docker#
FreeIPA server containers#
The freeipa/freeipa-container effort focuses on containerization of FreeIPA server. It makes it possible to run all the processes comprising the server in an isolated way, leaving the host free to run other software, not clashing with the FreeIPA server, or using host with operating system for which FreeIPA is not available.
Dockerfile.* recipes with related content are available in the
repository with definitions for Fedora, RHELs, CentOS 7, and CentOS
Stream.
Container images built automatically from the repository are available on Quay.io and on Docker hub.
{{ admon/note | | Running FreeIPA servers containerized adds a bit of complexity compared to traditional deployments on hosts. If things seem to fail, try the same setup outside of containers first, to figure out if the issue is with FreeIPA in general or whether it is related to the containerization. We would like to hear your feedback or ideas for improvement! }}
Enroll the host to FreeIPA running in the container#
If you have FreeIPA server running in a container, you can enroll the
host machine to the FreeIPA server. You need to configure the IP address
of the FreeIPA server (running in the container). You can configure it
either in /etc/hosts or put its IP address to /etc/resolv.conf
if you’d like to use FreeIPA’s DNS as well.
If you’ve named your running container with FreeIPA server with
--name option, for example
docker run --name freeipa-server-container ..., you can use that
name to retrieve the IP address:
SERVER_IP_ADDRESS=$( docker inspect --format '{{ .NetworkSettings.IPAddress }}' freeipa-server-container )
Otherwise you’d have to use the autogenerated container identifier. You
can then add the IP address to /etc/hosts
echo $SERVER_IP_ADDRESS ipa.example.test >> /etc/hosts
or to /etc/resolv.conf
echo nameserver $SERVER_IP_ADDRESS > /etc/resolv.conf
Then
ipa-client-install --server=ipa.example.test ...
should enroll the host to the containerized FreeIPA server.
Building the FreeIPA server container image#
{{#ev:youtube|ZV8-tXoTev0}}
Further reading#
Complex Application in Container: CloudOpen presentation about the concepts behind the FreeIPA server container setup.