Does Foreman query dhcp or parse files?

Mike_Wilson · November 9, 2018, 4:58pm

Problem:
Today I noticed that if Foreman couldn’t “read” the dhcpd.conf file it wouldn’t start up dhcp support on that smart proxy.

Expected outcome:
I wasn’t aware that foreman required access to dhcpd.conf files. Does Foreman actually parse/use this file or does it send api calls to dhcpd to add/remove clients? I’m having an issue with shared-networks and include files and wondering if this might be the cause.

The error in the foreman-proxy/proxy.log is

E, [2018-11-09T09:35:26.285121 3da0e9b8] ERROR -- : Subnet 10.0.10.0 could not found

Foreman and Proxy versions:
Foreman 1.16

Foreman and Proxy plugin versions:
Foreman 1.16

Does the /etc/foreman-proxy/settings.d/dhcp.yml subnets config have any relation to this ?

# subnets restricts the subnets queried to a subset, to reduce the query time.
#:subnets:
#  - 192.168.205.0/255.255.255.128
#  - 192.168.205.128/255.255.255.128

That seems to imply it’s just to reduce query time.

lzap · November 12, 2018, 10:28am

Hello Mike!

Both. It parses all dhcpd.conf files to learn about subnets and then it goes to leases file and parse that as well to learn about all leases and reservations. We have rewritten the parser from scratch in 1.15+ it used to be just regular expressions now this is full parser, however it does not understand all semantics just what we want. Then it keeps the data in memory and uses inotify Linux mechanism to re-read the data when this is changed by ISC DHCP.

Changes are made via omshell command, the file changes are performed by the ISC DHCP daemon itself, proxy simply spawns the command and provide it correct values. If you turn on debug mode, you will see exactly how it talks to the omshell command.

We track several bugs in our parser, it was brand new in 1.15 and we were fixing some until 1.20. If you hit issues then look at history of this file and backport the fixes into your instance or simply upgrade to 1.20:

github.com

theforeman/smart-proxy/blob/develop/modules/dhcp_common/isc/configuration_parser.rb

require 'rsec'

module Proxy
  module DHCP
    module CommonISC
      class ConfigurationParser
        include Rsec::Helpers
        extend Rsec::Helpers

        FAR_FUTURE = Time.at(0x7fffffff).utc #max time value on 32-bit systems

        class Base
          attr_reader :parent, :dhcp_options, :node_attributes

          def initialize(parent)
            @parent = parent
            @dhcp_options = []
            @node_attributes = {}
          end

This file has been truncated. show original

This is basically whitelist, if you set this proxy will ignore other subnets to keep it faster on environments with zillions of subnets. It reduces parsing time and memory.

lzap · November 12, 2018, 10:32am

Go and dig for more errors, there should be some parsing message, this is just a consequence. It will be seen probably during start, also enable debug mode to see more details.

Mike_Wilson · November 12, 2018, 5:59pm

Hum, this might be an issue. Does it properly parse includes within brackets?

shared-network somename-shared {
include "/path/to/subnet/10.0.10.0.conf"
include "/path/to/subnet/10.0.11.0.conf"
include "/path/to/subnet/10.0.12.0.conf"
}

Is there a way to FORCE it to accept a subnet if the parsing doesn’t work?

I’ll tinker with the debug and review the logs in the meantime.

Mike_Wilson · November 12, 2018, 6:09pm

Indeed this is the problem. Foreman doesn’t parse the bracketed includes so doesn’t recognize the subnets.

DHCP does recognize that style of entry.

Mike_Wilson · November 13, 2018, 3:24pm

I was able to replace the configuration_parser.rb with the update rev and it properly parses. Thanks!

lzap · November 16, 2018, 3:45pm

So does it work or not with the latest version?

Mike_Wilson · November 16, 2018, 9:49pm

Apologies that I wasn’t clear. It does work with the configuration_parser.rb from github current (the one you linked). I replaced the one installed with 1.16 with the current version, restarted foreman-proxy and it parsed the dhcpd.conf file with includes in brackets.

lzap · November 20, 2018, 4:40pm

Great to hear that.