DHCP throwing error 409

ogghi · February 28, 2023, 3:01pm

Problem:

Trying to set up a fresh foreman, Ubuntu 20.04.
Launching with:

foreman-installer \
   --foreman-ssl="true" \
   --foreman-initial-admin-password="l8Zc6n3z1Gb0Lo527x4F" \
   --enable-foreman-plugin-discovery \
   --enable-foreman-plugin-ansible \
   --enable-foreman-cli-ansible \
   --enable-foreman-proxy \
   --foreman-server-ssl-port="443" \
   --foreman-server-ssl-protocol="TLSv1.3" \
   --foreman-server-ssl-ca="/etc/puppetlabs/puppet/ssl/certs/ca.pem" \
   --foreman-server-ssl-key="/etc/puppetlabs/puppet/ssl/private_keys/vmforeman-dev.dev-farm.tld.net.pem" \
   --foreman-server-ssl-cert="/etc/puppetlabs/puppet/ssl/certs/vmforeman-dev.dev-farm.tld.net.pem" \
   --foreman-server-ssl-chain="/etc/puppetlabs/puppet/ssl/certs/ca.pem" \
   --foreman-proxy-tftp="true" \
   --foreman-proxy-tftp-servername="10.1.0.1" \
   --foreman-proxy-dhcp="true" \
   --foreman-proxy-dhcp-interface="ens160" \
   --foreman-proxy-dhcp-gateway="10.1.0.1" \
   --foreman-proxy-dhcp-range="10.1.0.10 10.1.0.99" \
   --foreman-proxy-dhcp-nameservers="10.1.0.1" \
   --foreman-proxy-dhcp-key-name="dev-farm-omapi" \
   --foreman-proxy-dhcp-key-secret="rLVpx8abtJ6GKGZxZ/J3zQ==" \
   --foreman-proxy-dns="true" \
   --foreman-proxy-dns-interface="ens160" \
   --foreman-proxy-dns-zone="dev-farm.tld.net" \
   --foreman-proxy-dns-reverse="0.1.10.in-addr-arpa" \
   --foreman-proxy-dns-forwarders="172.16.0.10" \
   --foreman-proxy-foreman-base-url="https://vmforeman-dev.dev-farm.tld.net" \
   --foreman-proxy-plugin-discovery-install-images="true" \
   --enable-foreman-proxy-plugin-discovery \
   --foreman-proxy-dhcp-server="10.1.0.1" \
   --foreman-initial-admin-password="l8Zc6n3z1Gb0Lo527x4F" \
   --foreman-proxy-dhcp-managed="true" \
   --foreman-proxy-trusted-hosts="vmforeman-dev.dev-farm.tld.net" \
   --enable-foreman-plugin-puppet \
   --foreman-proxy-http="true" \
   --foreman-proxy-http-port="8282" \
   --foreman-proxy-httpboot="true" \
   --foreman-proxy-httpboot-listen-on="http" \
   --enable-puppet \
   --enable-foreman-cli-puppet \
   --foreman-proxy-puppetca="true" \
   --puppet-server-ca="true" \
   --puppet-server-foreman-url="https://vmforeman-dev.dev-farm.tld.net" \
   --foreman-proxy-oauth-consumer-key="MjiFF29tg3d6BMKCKySLYkbzBYcWgHFM" \
   --foreman-proxy-oauth-consumer-secret="QqB2W6cXVgLzkGkt4edakbVMpceKiuMG" \
   --foreman-oauth-active="true" \
   --foreman-oauth-consumer-key="MjiFF29tg3d6BMKCKySLYkbzBYcWgHFM" \
   --foreman-oauth-consumer-secret="QqB2W6cXVgLzkGkt4edakbVMpceKiuMG" \
   --foreman-proxy-ssl="true" \
   --foreman-proxy-ssl-ca="/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem" \
   --foreman-proxy-ssl-cert="/etc/puppetlabs/puppet/ssl/certs/vmforeman-dev.dev-farm.tld.net.pem" \
   --foreman-proxy-ssl-key="/etc/puppetlabs/puppet/ssl/private_keys/vmforeman-dev.dev-farm.tld.net.pem" \
   --foreman-client-ssl-ca="/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem" \
   --foreman-client-ssl-cert="/etc/puppetlabs/puppet/ssl/certs/vmforeman-dev.dev-farm.tld.net.pem" \
   --foreman-client-ssl-key="/etc/puppetlabs/puppet/ssl/private_keys/vmforeman-dev.dev-farm.tld.net.pem"

Create DHCP Settings for mac000c29238a30.dev-farm.tld.net task failed with the following error: ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::Conflict]: 409 Conflict) for proxy https://vmforeman-dev.dev-farm.tld.net:8443/dhcp

I have 2 separate subnets ranges defined in foreman-proxy range:

–foreman-proxy-dhcp-range=“10.1.0.10 10.1.0.99”

And in foreman GUI:

10.1.0.100 → 10.1.0.250

This is odd?

Expected outcome:

DHCP leases to work and provisioning going on.

Foreman and Proxy versions:
Foreman 3.5.1
Foreman Proxy 3.5.1

Foreman and Proxy plugin versions:

Distribution and version:

Ubuntu 20.04.5 LTS 5.4.0-139-generic x86_64

Other relevant data:

Thulium-Drake · March 6, 2023, 9:08am

Have you checked the logs in /var/log/foreman-proxy?

The error you quote is from production.log right?

ogghi · March 6, 2023, 9:16am

Hi, thanks for replying!

In /var/log/foreman-proxy/proxy.log I have:

2023-03-06T09:03:35 [E] OpenSSL::SSL::SSLError SSL_accept SYSCALL returned=5 errno=0 state=SSLv3/TLS write server done
/usr/lib/ruby/2.7.0/webrick/server.rb:299:in accept' /usr/lib/ruby/2.7.0/webrick/server.rb:299:in block (2 levels) in start_thread’
/usr/lib/ruby/2.7.0/webrick/utils.rb:263:in timeout' /usr/lib/ruby/2.7.0/webrick/server.rb:297:in block in start_thread’
/usr/lib/ruby/vendor_ruby/logging/diagnostic_context.rb:474:in block in create_with_logging_context' 2023-03-06T09:03:35 [E] <OpenSSL::SSL::SSLError> SSL_accept SYSCALL returned=5 errno=0 state=SSLv3/TLS write server done /usr/lib/ruby/2.7.0/webrick/server.rb:299:in accept’
/usr/lib/ruby/2.7.0/webrick/server.rb:299:in block (2 levels) in start_thread' /usr/lib/ruby/2.7.0/webrick/utils.rb:263:in timeout’
/usr/lib/ruby/2.7.0/webrick/server.rb:297:in block in start_thread' /usr/lib/ruby/vendor_ruby/logging/diagnostic_context.rb:474:in block in create_with_logging_context’
2023-03-06T09:03:36 [E] OpenSSL::SSL::SSLError SSL_accept SYSCALL returned=5 errno=0 state=SSLv3/TLS write server done
/usr/lib/ruby/2.7.0/webrick/server.rb:299:in accept' /usr/lib/ruby/2.7.0/webrick/server.rb:299:in block (2 levels) in start_thread’
/usr/lib/ruby/2.7.0/webrick/utils.rb:263:in timeout' /usr/lib/ruby/2.7.0/webrick/server.rb:297:in block in start_thread’
/usr/lib/ruby/vendor_ruby/logging/diagnostic_context.rb:474:in `block in create_with_logging_context’

Then in /var/log/foreman/production.log

2023-03-06T08:50:11 [E|app|a0998e64] Failed to save: Create DHCP Settings for mac000c29238a30.dev-farm.TLD.net task failed with the following error: ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::Conflict]: 409 Conflict) for proxy https://vmforeman-dev.dev-farm.TLD.net:8443/dhcp
2023-03-06T08:50:27 [W|app|9d26eed4] Create DHCP Settings for mac000c29238a30121212.dev-farm.TLD.net task failed with the following error: ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::Conflict]: 409 Conflict) for proxy https://vmforeman-dev.dev-farm.TLD.net:8443/dhcp
2023-03-06T08:50:27 [I|app|9d26eed4] Backtrace for ‘Create DHCP Settings for mac000c29238a30121212.dev-farm.TLD.net task failed with the following error: ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::Conflict]: 409 Conflict) for proxy https://vmforeman-dev.dev-farm.TLD.net:8443/dhcp’ error (ProxyAPI::ProxyException): ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::Conflict]: 409 Conflict) for proxy https://vmforeman-dev.dev-farm.TLD.net:8443/dhcp
2023-03-06T08:50:27 [E|app|9d26eed4] Failed to save: Create DHCP Settings for mac000c29238a30121212.dev-farm.TLD.net task failed with the following error: ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::Conflict]: 409 Conflict) for proxy https://vmforeman-dev.dev-farm.TLD.net:8443/dhcp
2023-03-06T08:51:52 [W|app|f361daec] Create DHCP Settings for mac000c29238a30.dev-farm.TLD.net task failed with the following error: ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::BadRequest]: 400 Bad Request) for proxy https://vmforeman-dev.dev-farm.TLD.net:8443/dhcp
2023-03-06T08:51:52 [I|app|f361daec] Backtrace for ‘Create DHCP Settings for mac000c29238a30.dev-farm.TLD.net task failed with the following error: ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::BadRequest]: 400 Bad Request) for proxy https://vmforeman-dev.dev-farm.TLD.net:8443/dhcp’ error (ProxyAPI::ProxyException): ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::BadRequest]: 400 Bad Request) for proxy https://vmforeman-dev.dev-farm.TLD.net:8443/dhcp
2023-03-06T08:51:52 [E|app|f361daec] Failed to save: Create DHCP Settings for mac000c29238a30.dev-farm.TLD.net task failed with the following error: ERF12-6899 [ProxyAPI::ProxyException]: Unable to set DHCP entry ([RestClient::BadRequest]: 400 Bad Request) for proxy https://vmforeman-dev.dev-farm.TLD.net:8443/dhcp

Did I just mess something up with certificates/CA here?

foreman-installer
–foreman-ssl=“true”
–foreman-initial-admin-password=“l8Zc6n3z1Gb0Lo527x4F”
–enable-foreman-plugin-discovery
–enable-foreman-plugin-ansible
–enable-foreman-cli-ansible
–enable-foreman-proxy
–foreman-server-ssl-port=“443”
–foreman-server-ssl-protocol=“TLSv1.3”
–foreman-server-ssl-ca=“/etc/puppetlabs/puppet/ssl/certs/ca.pem”
–foreman-server-ssl-key=“/etc/puppetlabs/puppet/ssl/private_keys/vmforeman-dev.dev-farm.TLD.net.pem”
–foreman-server-ssl-cert=“/etc/puppetlabs/puppet/ssl/certs/vmforeman-dev.dev-farm.TLD.net.pem”
–foreman-server-ssl-chain=“/etc/puppetlabs/puppet/ssl/certs/ca.pem”
–foreman-proxy-tftp=“true”
–foreman-proxy-tftp-servername=“10.1.0.1”
–foreman-proxy-dhcp=“true”
–foreman-proxy-dhcp-interface=“ens160”
–foreman-proxy-dhcp-gateway=“10.1.0.1”
–foreman-proxy-dhcp-range=“10.1.0.10 10.1.0.99”
–foreman-proxy-dhcp-nameservers=“10.1.0.1”
–foreman-proxy-dhcp-key-name=“dev-farm-omapi”
–foreman-proxy-dhcp-key-secret=“rLVpx8abtJ6GKGZxZ/J3zQ==”
–foreman-proxy-dns=“true”
–foreman-proxy-dns-interface=“ens160”
–foreman-proxy-dns-zone=“dev-farm.TLD.net”
–foreman-proxy-dns-reverse=“0.1.10.in-addr-arpa”
–foreman-proxy-dns-forwarders=“172.16.0.10”
–foreman-proxy-foreman-base-url=“https://vmforeman-dev.dev-farm.TLD.net”
–foreman-proxy-plugin-discovery-install-images=“true”
–enable-foreman-proxy-plugin-discovery
–foreman-proxy-dhcp-server=“10.1.0.1”
–foreman-initial-admin-password=“l8Zc6n3z1Gb0Lo527x4F”
–foreman-proxy-dhcp-managed=“true”
–foreman-proxy-trusted-hosts=“vmforeman-dev.dev-farm.TLD.net”
–enable-foreman-plugin-puppet
–foreman-proxy-http=“true”
–foreman-proxy-http-port=“8282”
–foreman-proxy-httpboot=“true”
–foreman-proxy-httpboot-listen-on=“http”
–enable-puppet
–enable-foreman-cli-puppet
–foreman-proxy-puppetca=“true”
–puppet-server-ca=“true”
–puppet-server-foreman-url=“https://vmforeman-dev.dev-farm.TLD.net”
–foreman-proxy-oauth-consumer-key=“MjiFF29tg3d6BMKCKySLYkbzBYcWgHFM”
–foreman-proxy-oauth-consumer-secret=“QqB2W6cXVgLzkGkt4edakbVMpceKiuMG”
–foreman-oauth-active=“true”
–foreman-oauth-consumer-key=“MjiFF29tg3d6BMKCKySLYkbzBYcWgHFM”
–foreman-oauth-consumer-secret=“QqB2W6cXVgLzkGkt4edakbVMpceKiuMG”
–foreman-proxy-ssl=“true”
–foreman-proxy-ssl-ca=“/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem”
–foreman-proxy-ssl-cert=“/etc/puppetlabs/puppet/ssl/certs/vmforeman-dev.dev-farm.TLD.net.pem”
–foreman-proxy-ssl-key=“/etc/puppetlabs/puppet/ssl/private_keys/vmforeman-dev.dev-farm.TLD.net.pem”
–foreman-client-ssl-ca=“/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem”
–foreman-client-ssl-cert=“/etc/puppetlabs/puppet/ssl/certs/vmforeman-dev.dev-farm.TLD.net.pem”
–foreman-client-ssl-key=“/etc/puppetlabs/puppet/ssl/private_keys/vmforeman-dev.dev-farm.TLD.net.pem”

Thulium-Drake · March 6, 2023, 9:24am

I’m not sure, I mainly run Foreman with Katello or Satellite on RHEL-like when deploying it for customers and I’m not too familiar with running it with custom SSL certs.

Did you try your install with the default self-signed CA?

And you might also be able to find a clue in the DHCP server logs (does Ubuntu also use isc-dhcp-server?)

ogghi · March 6, 2023, 9:27am

I am actually generating those certs with the above commands while lunching it? Maybe I just over-did something?

I am totally fine with self signed certs/CA!

What did I do wrong?

Thulium-Drake · March 6, 2023, 9:36am

I can’t say from this, but, it looks to me like you need a fairly standard Foreman setup. And if you’re not planning on using Katello, Foreman’s pretty modular.

I’d suggest you start with a fresh VM and use a smaller set of flags to add to foreman-installer.

I’ve completely automated the installation of Satellite/Foreman-Katello with Ansible, but it all started by following the manual to the letter

https://docs.theforeman.org/3.5/Installing_Server/index-foreman-deb.html

Which suggests to install Foreman with ‘just’:

# foreman-installer \
--foreman-initial-organization "My_Organization" \
--foreman-initial-location "My_Location" \
--foreman-initial-admin-username admin_user_name \
--foreman-initial-admin-password admin_password

Which should already set up a DNS and DHCP server.

Also, when the installation’s done, you can check the current state of all flags set by the installer with foreman-installer --full-help | less. This will help you tune them to your needs.

EDIT: Oh, and from my personal experience, setting up Foreman requires some iterations before you get it just right. I’ve cycled through many instances before I got my config right. And to protect yourself in case of a total system loss, I strongly encourage you to put all configuration in Ansible with the amazing GitHub - theforeman/foreman-ansible-modules: Ansible modules for interacting with the Foreman API and various plugin APIs such as Katello)

ogghi · March 6, 2023, 12:32pm

OK, I started with that minimal config.
Then added some to reach this command to launch (nice to not care about certs etc!);

foreman-installer
–foreman-initial-organization “TLD”
–foreman-initial-location “Foreman-DEV”
–foreman-initial-admin-username “admin”
–foreman-initial-admin-password “l8Zc6n3z1Gb0Lo527x4F”
–foreman-proxy-dns true
–foreman-proxy-dns-managed true
–foreman-proxy-dns-interface ens160
–foreman-proxy-dns-zone “dev-farm.TLD.net”
–foreman-proxy-dns-reverse 0.1.10.in-addr.arpa
–foreman-proxy-dhcp true
–foreman-proxy-dhcp-managed true
–foreman-proxy-dhcp-interface ens160
–foreman-proxy-dhcp-range “10.1.0.50 10.1.0.250”
–foreman-proxy-dhcp-gateway “10.1.0.1”
–foreman-proxy-dhcp-nameservers “10.1.0.1”
–enable-foreman-plugin-discovery
–enable-foreman-proxy-plugin-discovery
–foreman-proxy-plugin-discovery-install-images=“true”
–foreman-proxy-dhcp-server=“10.1.0.1”
–foreman-proxy-dhcp-managed=“true”
–foreman-proxy-dhcp=“true”
–foreman-proxy-dhcp-interface=“ens160”
–foreman-proxy-dhcp-gateway=“10.1.0.1”
–foreman-proxy-dhcp-range=“10.1.0.10 10.1.0.99”
–foreman-proxy-dhcp-nameservers=“10.1.0.1”
–foreman-proxy-dhcp-key-name=“dev-farm-omapi”
–foreman-proxy-dhcp-key-secret=“rLVpx8abtJ6GKGZxZ/J3zQ==”
–foreman-proxy-oauth-consumer-key=“MjiFF29tg3d6BMKCKySLYkbzBYcWgHFM”
–foreman-proxy-oauth-consumer-secret=“QqB2W6cXVgLzkGkt4edakbVMpceKiuMG”
–foreman-oauth-active=“true”
–foreman-oauth-consumer-key=“MjiFF29tg3d6BMKCKySLYkbzBYcWgHFM”
–foreman-oauth-consumer-secret=“QqB2W6cXVgLzkGkt4edakbVMpceKiuMG”
–foreman-proxy-tftp true
–foreman-proxy-tftp-managed true
–foreman-proxy-tftp-servername “10.1.0.1”

But again I am hitting issues with duplicate entries here:

Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: 10.1.0.1 - - [06/Mar/2023:12:29:34 UTC] “GET /tftp/serverName HTTP/1.1” 200 25
Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: - → /tftp/serverName
Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: 10.1.0.1 - - [06/Mar/2023:12:29:34 UTC] “GET /tftp/serverName HTTP/1.1” 200 25
Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: - → /tftp/serverName
Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: 10.1.0.1 - - [06/Mar/2023:12:29:34 UTC] “GET /dhcp/10.1.0.0/mac/00:0c:29:23:8a:30 HTTP/1.1” 200 290
Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: - → /dhcp/10.1.0.0/mac/00:0c:29:23:8a:30
Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: 10.1.0.1 - - [06/Mar/2023:12:29:34 UTC] “GET /dhcp/10.1.0.0/ip/10.1.0.51 HTTP/1.1” 200 292
Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: - → /dhcp/10.1.0.0/ip/10.1.0.51
Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: 10.1.0.1 - - [06/Mar/2023:12:29:34 UTC] “POST /dhcp/10.1.0.0 HTTP/1.1” 409 40
Mar 06 12:29:34 vmforeman-dev smart-proxy[54108]: - → /dhcp/10.1.0.0

Thulium-Drake · March 8, 2023, 2:08pm

Is there another DHCP server in the network by any chance? Or did you try to register a host with a duplicate IP? AFAIK the foreman-proxy API’s try to avoid registering duplicate hostnames/IP addresses.

ogghi · March 8, 2023, 2:34pm

Hi there, I think I managed to get this fixed by compiling ISC-DHCP-Server from source!

Now only thing is that after doing “build” on a node it still reboots into discovery image, but that’s something my colleague might look into next week
Thanks for replying!

Thulium-Drake · March 8, 2023, 3:30pm

That means that the node hasn’t registered with Foreman, so Foreman will keep trying to discover/install the node until it has.

I’m not sure how ‘plain’ Foreman does that, but in the Katello/Satellite world that means the node should be installing subscription-manager during OS deployment and then start a script that will register the node in Foreman.

Which means that the repositories you provide should contain a package for subscription-manager

ogghi · March 8, 2023, 4:42pm

The thing is that I don’t even get to OS deployment.
It discovers in Foreman, I press “build” it reboots and comes back to the boot menu where default is first HDD which fails, as it’s empty.

I might miss something fundamental?

ogghi · March 10, 2023, 3:39pm

Maybe my DevOPS colleague has an idea on Monday

ogghi · March 15, 2023, 9:07am

Different command to launch, different error, right now only getting 400 error when foreman-proxy receives a GET from foreman:

Mar 15 09:03:46 vmforeman-dev smart-proxy[503378]: 10.1.0.1 - - [15/Mar/2023:09:03:46 UTC] "GET /v2/features HTTP/1.1" 200 1838
Mar 15 09:03:46 vmforeman-dev smart-proxy[503378]: - -> /v2/features
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: 10.1.0.1 - - [15/Mar/2023:09:04:41 UTC] "GET /tftp/serverName HTTP/1.1" 200 25
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: - -> /tftp/serverName
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: 10.1.0.1 - - [15/Mar/2023:09:04:41 UTC] "GET /tftp/serverName HTTP/1.1" 200 25
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: - -> /tftp/serverName
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: 10.1.0.1 - - [15/Mar/2023:09:04:41 UTC] "GET /dhcp/10.1.0.0/mac/ac:1f:6b:70:fb:6d HTTP/1.1" 200 323
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: - -> /dhcp/10.1.0.0/mac/ac:1f:6b:70:fb:6d
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: 10.1.0.1 - - [15/Mar/2023:09:04:41 UTC] "GET /dhcp/10.1.0.0/ip/10.1.0.100 HTTP/1.1" 200 325
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: - -> /dhcp/10.1.0.0/ip/10.1.0.100
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: 10.1.0.1 - - [15/Mar/2023:09:04:41 UTC] "POST /dhcp/10.1.0.0 HTTP/1.1" 400 135
Mar 15 09:04:41 vmforeman-dev smart-proxy[503378]: - -> /dhcp/10.1.0.0

ogghi · March 15, 2023, 9:33am

I meant POST.
Also, when I try to open the proxy URL in the browser:
http s://vmforeman-dev.dev-farm.tld.net:8443/dhcp
I get

could not read client cert from environment

ogghi · March 22, 2023, 5:40am

@Thulium-Drake any more hint here by any chance?

Thulium-Drake · March 25, 2023, 2:14pm

Not directly, but it does seem your Foreman is quite unhappy with the DHCP server, it can either not communicate with it, or there’s some error in the DHCP server itself that make it unable to process the request.

I’d try looking in the DHCP server logs as well as the Foreman Proxy logs

ogghi · April 3, 2023, 7:17am

DHCP server logs seem to not report much here, will look into better logging.
Odd, even on Rocky Linux. At least some things seem smoother to set up here!

ogghi · April 3, 2023, 1:52pm

Actually I need to correct:

My current issue is a loop of

It might now be “only” a thing of correct boot loader / template.

Thulium-Drake · April 10, 2023, 2:50pm

Are these VMs? I’ve had success with the iPXE bootloader, here’s the Ansible code I use to set that up: ansible-role-foreman/configure_ipxe.yml at master · Thulium-Drake/ansible-role-foreman · GitHub

It might also be useful to read the README of that role, as it contains some more notes on PXE booting on different hypervisors

ogghi · April 11, 2023, 7:36am

Hi Thulium-Drake,

not only VMs actually. For testing I used some, but the main focus are physical machines.

Thanks
David