Creating an environment configured with FreeIPA

High-availability FreeIPA is automatically enabled when you register an environment via CDP web UI or CLI. The CDP CLI provides environment creation commands that include an option for setting multiple FreeIPA instances, which triggers the system to set up the identity management cluster.

FreeIPA HA cannot be added to an existing environment, only configured during environment creation.

Configuring FreeIPA node count via UI

When registering a CDP environment via web UI, you cannot select FreeIPA node count, but CDP adjusts FreeIPA based on the Data Lake scale that you select:
  • For an Enterprise Data Lake, a FreeIPA cluster with 3 nodes (HA) is provisioned
  • For a Medium Duty Data Lake, a FreeIPA cluster with 3 nodes (HA) is provisioned
  • For a Light Duty Data Lake, a FreeIPA cluster with 2 nodes is provisioned

Configuring FreeIPA node count via CLI

When registering an environment using CDP CLI, CDP configures FreeIPA with 1 node by default. For production, you should change this setting to 3 nodes. To create an environment with selected FreeIPA node count via CLI:

  1. Run the CDP CLI command to create an environment and include an additional parameter in the JSON-formatted command input:
    "freeIpa":{"instanceCountByGroup":<SPECIFY-NODE-COUNT>}
    Or pass the following parameter:
    --free-ipa instanceCountByGroup=<SPECIFY-NODE-COUNT>

    replacing <SPECIFY-NODE-COUNT> with the number of instances of FreeIPA you want. The maximum number of instances is 3. Choose 2 or 3 based on the level of redundancy you want. The recommended setting is 3 nodes.

  2. After successfully registering the environment, continue to create the Data Lake as described in the cloud-provider specific instructions.