Hi folks,
Our data center network is broken up into two main networks:
- Our production networks with public IPs.
- A provisioning network on a private network, 192.168.100.x. The Foreman server has a network proxy, and provisioning hosts can route through that proxy to reach public Yum & Apt mirrors, etc.
We don’t really DNS domain on the provisioning network, as all of those IPs are temporary. However, we do want DNS forwarders on the provisoning network, as that allows the new nodes to be able to look up hosts like mirrors.centos.org and mirrors.ubuntu.org, etc. Using foreman-installer
, is it possible to disable the DNS service and still manage the DNS forwarders?
Our foreman-answers.yaml
file has these settings for DNS:
dns: true
dns_listen_on: https
dns_managed: true
dns_provider: nsupdate
dns_interface: ens224
dns_zone: example.org
dns_reverse:
dns_server: 127.0.0.1
dns_ttl: 86400
dns_tsig_keytab: "/etc/foreman-proxy/dns.keytab"
dns_tsig_principal: foremanproxy/foreman.example.org@EXAMPLE.ORG
dns_forwarders:
- IP.of.our.internal.dns.server
- 8.8.8.8
- 4.4.4.4
-= Stefan