I have Foreman 3.0 & Katello 4.2 working with managed dhcp, dns, tftp. Its working great. However, I need some control over dhcp and dns services so I installed a Rocky linux host with dhcpd and bind. I made sure these work, I have dhcp, dhcp6, radvd working and bind gets updated with dhcp (v4) clients. dynamic dns updates for dhcp6 isn’t working yet, its all quite new for me so I need some time to dig in and see how to fix that. I don’t think its an issue for moving ahead and configure Foreman for external services (I am not deploying on ipv6, its all ipv4).
I followed the documentation:
https://docs.theforeman.org/3.0/Installing_Proxy_on_Red_Hat/index-foreman-el.html#configuring-external-services
I retraced my steps, double checked, I think I got it all working, manual nsupdates work fine, the permissions on the nfs shares are good and the exports are mounted.
I ran the foreman-installer commands to reconfigure foreman first for dns, then for dhcp. These commands ran without errors or warnings.
In the Foreman GUI, I am told to go infrastructure, services, refresh. The message I got here was that there are no changes. Next I am told to to subnet and domain, and select the new services. Those aren’t available.
One thing I don’t understand from the manual (I think its wrong :P) is at point 2 in chapter 4 is this line:
Note that the
option routersvalue is the Foreman or Smart Proxy IP address that you want to use with an external DHCP service.
When I do this, clients get a default gateway pointing to the Foreman host. Its not configured as a router (and I don’t want to), I want my firewall as a default gateway. I changed this back to my firewall as I am unable to ssh into those clients with the wrong default gateway.
At this point, when I try to deploy a new host I get the following error message:
Unable to save * Create IPv4 DNS record for ricky-maher.lab.mydomain.net task failed with the following error: ERF12-2357 [ProxyAPI::ProxyException]: Unable to set DNS entry ([RestClient::BadRequest]: 400 Bad Request) for proxy https://foreman.lab.mydomain.net:9090/dns
I think it makes sense as the refresh on the services didn’t find anything new and I am unable to change the subnet and domain in Foreman to the new external services.
If anyone wants to help me figure this out I’d appreciate it.
Thanks!