Hello,
This is my first post, here is some background before asking my questions :
I’m a member of a sysadmin team in charge of provisionning a CentOS Linux slurm scheduled HPC cluster of about 400 nodes.
We do the initial bootstrap (from PXE/iPXE to OS basic install, configuring IPMI in between) with xCAT and then configure/further install the OS using Ansible.
We used to use Cobbler before that and are now considering switching from xCAT to Foreman to perform the same operations. So we’re new to Formean.
I’ve played with a test installation I did from scratch on a vm using the foreman-installer
, basically following the steps described in the quickstart guide and documentation.
So I decided to enable dhcp, tftp, dns and ansible smart proxies on the same host as the foreman server but since this host has a dual network attachement, one interface being linked to a public routable network, the other linked to a private non routable one on which the hosts to provision are, I’m not sure what I’m supposed to do.
What I’d like to achieve is to have foreman manage pxe, dhcp, dns, tfp for this private network.
I did create in the UI a subnet and a domain matching this network but the proxies are seen in the public network (i.e. with their public domain name).
Depending on if I use or not the --foreman-dhcp-gateway (to point to the private ip of the server host), I manage or not to tftp the pxe config file.
Then again, depending if I provide or not a “Gateway Address” in the subnet setting inside the UI I manage or not to get the kickstart file.
None of this makes sense since the host I try to provision does not need a gateway anyway. Obviously my setup is just bogus.
Here’s what I did:
- Host I installed Foreman and the Smart Proxies on :
[root@foreman hummel]# cat /etc/centos-release
CentOS Linux release 7.4.1708 (Core)
[root@foreman hummel]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:50:56:8a:91:b0 brd ff:ff:ff:ff:ff:ff
inet 157.99.101.21/24 brd 157.99.101.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:50:56:8a:65:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.10/24 brd 192.168.10.255 scope global eth1
valid_lft forever preferred_lft forever
[root@foreman etc]# hostname
foreman
[root@foreman etc]# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
search it.pasteur.fr
nameserver 157.99.64.65
nameserver 157.99.64.64
[root@foreman hummel]# rpm -qa | grep -i foreman-
foreman-installer-1.17.1-1.el7.noarch
foreman-postgresql-1.17.1-1.el7.noarch
foreman-1.17.1-1.el7.noarch
foreman-proxy-1.17.1-1.el7.noarch
tfm-rubygem-hammer_cli_foreman-0.12.0-2.el7.noarch
foreman-release-1.17.1-1.el7.noarch
tfm-rubygem-foreman-tasks-0.11.2-1.fm1_17.el7.noarch
foreman-cli-1.17.1-1.el7.noarch
foreman-release-scl-4-1.el7.noarch
foreman-debug-1.17.1-1.el7.noarch
tfm-rubygem-foreman-tasks-core-0.2.4-1.fm1_17.el7.noarch
foreman-selinux-1.17.1-1.el7.noarch
-
foreman-installer
options used :
foreman-installer \
--foreman-proxy-dhcp=true \
- -foreman-proxy-dhcp-interface=eth1 \
--foreman-proxy-dhcp-managed=true \
--foreman-proxy-dhcp-subnets="192.168.10.0/24" \
--foreman-proxy-dhcp-gateway="192.168.10.10" \
--foreman-proxy-dns=true \
--foreman-proxy-dns-forwarders="157.99.64.64" \
--foreman-proxy-dns-managed=true \
--foreman-proxy-dns-zone=test.cluster.pasteur.fr \
--foreman-proxy-bmc=true \
--enable-foreman-proxy-plugin-ansible \
--enable-foreman-plugin-ansible \
--foreman-proxy-dns-reverse=10.168.192.in-addr.arpa
In the UI, I created the 192.168.10.0/24 subnet and the test.cluster.pasteur.fr domain and in the subnet settings, I provided 192.168.10.10 (the private ip address of the server) as the DNS servers.
smartproxies however are “discovered” as beeing in .it.pasteur.fr zone.
I also tried to add a static line in /etc/hosts with
192.168.10.10 foreman.test.cluster.pasteur.fr
but it seems to conflict to the (puppet reconfigured ?) foreman.it.pasteur.fr
so, to sum up, my questions are
-
in my use case, do I have to use an additionnal machine to host the Smart Proxies ? Otherwise, how am I supposed to deal with the network settings ?
-
obviously, the
--foreman-dhcp-gateway
corresponds to theoptions routers
for the dhcp subnet in the dhcpd.conf : what is the difference between this parameter and the Gateway Address we can provide in the subnet settings in the UI ?
By the way : if I provide the dhcp range to the foreman-installer, I see them in dhcpd.conf but if I remove them in the answer yml file, re-rerun the installer and provide them in the UI, I don’t see them in the dhcpd.conf file : does that workd as expected ?
-
- in general : how can we reset the foreman config (and it’s proxies configs) to do a fresh start ?
I only managed to edit the answer yml file to delete options I set up on previous installer runs but didn’t want anymore ?
- in general : how can we reset the foreman config (and it’s proxies configs) to do a fresh start ?
Thanks you and sorry for the long post.
–
TH.