Discovery Proxy and clients using the wrong tftp server

Hello,

I setup a virtualbox lab consisting of the following boxes:

  • Foreman master
  • dhcp + tftp + discovery
  • dns
  • puppet master + puppetca
  • puppetdb
  • test host

All the boxes are on the same network and I configured the discovery plugin
as per guide.
This is what happens:

  • power on test host, pxe boots to the pxe menu
  • discovery image loads correctly
  • host registers in foreman
  • start the provisioning from the foreman ui
  • host reboots and ends up in the pxe menu again

After some digging it appears that when the host reboots it somehow wants
to talk to the foreman master, instead of the proxy. This is proved by the
fact that, if the TFTP server on the master is turned off, the second tftp
request times out (the foreman master had the tftp enabled initially, hence
why the two tftp servers).

The pxe config file for the specific host, named by mac address, gets
correctly generated on the proxy.
I don't understand how the host is instructed to use this other tftp
server, since I can't find any reference to its ip in the dhcp + tftp +
discovery host. All looks good config wise.

Thanks.

If you dig into the DHCP leases file, you should see a next-server entry.
Something like:

host cislave01.elysium.emeraldreverie.org {
dynamic;
hardware ethernet 52:54:00:e9:1c:40;
fixed-address 172.20.10.21;
supersede server.filename = "pxelinux.0";
supersede server.next-server = ac:14:0a:01;
supersede host-name = "cislave01.elysium.emeraldreverie.org";
}

If I decode that hex address (ac:14:0a:01) I get 172.20.10.1 which is
indeed my correct TFTP server. If you do the same, which TFTP server do you
get?

I get the foreman master ip! Very odd, how come it ended up using that one
instead of the proxy?
I tried to re-configure the proxy but it always end up wanting to use that
other ip.

··· On Friday, October 28, 2016 at 10:55:20 PM UTC+2, Greg Sutcliffe wrote: > > If I decode that hex address (ac:14:0a:01) I get 172.20.10.1 which is > indeed my correct TFTP server. If you do the same, which TFTP server do you > get? >

Thought so :slight_smile:

So, that comes from a fairly convoluted process, but the core is this -
which TFTP smart proxy is assigned to the host's subnet in the Foreman UI?

··· On 28 October 2016 at 22:23, Alexander Rilik wrote:

On Friday, October 28, 2016 at 10:55:20 PM UTC+2, Greg Sutcliffe wrote:

If I decode that hex address (ac:14:0a:01) I get 172.20.10.1 which is
indeed my correct TFTP server. If you do the same, which TFTP server do you
get?

I get the foreman master ip! Very odd, how come it ended up using that one
instead of the proxy?
I tried to re-configure the proxy but it always end up wanting to use that
other ip.

The right smart proxy!
Here's what I tried, without success:

  • unset discovery proxy from subnet, set proxy on subnet again
  • delete subnet
  • import subnet from scratch from the dhcp/tftp/discovery proxy

Foreman insists on telling the proxy to create a lease that uses the
Foreman master as the next server, instead of the proxy.

··· On Friday, October 28, 2016 at 11:31:54 PM UTC+2, Greg Sutcliffe wrote:

So, that comes from a fairly convoluted process, but the core is this -
which TFTP smart proxy is assigned to the host’s subnet in the Foreman UI?

Interesting. What should happen is this:

  • A host has a provisioning interface
  • That interface has a subnet
  • That subnet has a tftp proxy
  • That tftp proxy has a config option - :tftp_servername:
  • The name or IP in that setting is what is written to the DHCP lease

So, if the proxy is right, then I'd check that setting on the appropriate
proxy. I'd also recommend using an IP there, if it's not already. DNS can
make a mess here unless you're careful.

Greg

··· On 29 October 2016 at 11:51, Alexander Rilik wrote:

On Friday, October 28, 2016 at 11:31:54 PM UTC+2, Greg Sutcliffe wrote:

So, that comes from a fairly convoluted process, but the core is this -
which TFTP smart proxy is assigned to the host’s subnet in the Foreman UI?

The right smart proxy!
Here’s what I tried, without success:

  • unset discovery proxy from subnet, set proxy on subnet again
  • delete subnet
  • import subnet from scratch from the dhcp/tftp/discovery proxy

Thank you Greg, that was indeed the issue: the answers file had the
original setting pointing at the foreman server.
After fixing the IP, all works as expected.

Thank you!

··· On Monday, October 31, 2016 at 12:06:39 AM UTC+1, Greg Sutcliffe wrote: > > Interesting. What should happen is this: > > * That tftp proxy has a config option - :tftp_servername: >