Aggregate DNS from proxies

Support
1

Hello,

This ain’t so much as an issue I have with foreman but rather trying to understand if there’s a way to accomplish the following:

  • We run several proxies globally (the purpose of the smart proxy)
  • Each proxy acts as DHCP & DNS server for that specific site
  • Some of the systems behind the smart proxy are provisioned as oVirt nodes (for ease of explaining myself, let’s say this is one machine, running the engine etc.)
  • Now, in the foreman UI, if I add the compute resource by name, this doesn’t work as the name is not known by foreman

I reckon DNS is able to feed changes back to a master, but I have no clue how to set this up “the foreman way” (by using the installer?)

System details:

  • 1 server running foreman & proxy 1.17.1 (we manage some things locally as well, so the proxy has DNS, DHCP, TFTP, …)
  • multiple foreman proxies (1.17.1) running in the field (these are connected over a VPN and have access to the foreman server). They all have DNS, DHCP, TFTP, templates, ansible, …

The DNS software used is ISC (installed and managed by the foreman installer)

(I hope this is the right side of the foreman community to ask these kind of questions)

2

I’ve resolved a similar issue previously using bind configuration on the foreman server. You’ll use bog standard bind tools to transfer the domains.

Essentially, your foreman server will become a bind slave to all the proxy hosted DNS domains. You can achieve the configuration using the foreman-installer and adding the relevant bind configuration to /etc/foreman-installer/custom-hiera.yaml :

> ---
> dns::zones: 
>   proxy.domain.1: 
>     soa: proxy.domain.1.host 
>     soaip: 10.10.10.10
>     contact: admin@proxy.domain.1
>   proxy.domain.2: 
>     soa: proxy.domain.2.host 
>     soaip: 10.10.11.11
>     contact: admin@proxy.domain.2

You’ll have to amend the foreman server OS level lookup configuration manually (adding the domains to resolv.conf etc etc) but this approach should work.

HTH

Nick

3

Yeah, our installer don’t expose options for all possible setups.