Foreman Discovery and PXE Bootdevice

My servers primary boot device is not PXE, if i provision a server with the
discovery plugin (I do restart the server into PXE mode using IPMI, not
from Foreman), then when i Provision the server through the Discovery
plugin, The server reboots as expected but it doesn't go into PXE, Is there
a way to create a hook that before rebooting the server it will set the
chassis bootdevice to PXE?

One other option i was thinking about which i don't like is to create an
external script:

  1. Provision hosts that were discovered but don't reboot
  2. Call the API (BMC Smart-Proxy) on the Discovered Hosts to set the
    bootdevice to PXE
  3. Reboot the hosts

I can think of many way to implement it, another way will be to create a
custom discovery image (hack it in some way) but wonders if i am missing
anything before i go this route

Thanks!

> I can think of many way to implement it, another way will be to create a
> custom discovery image (hack it in some way) but wonders if i am missing
> anything before i go this route

You can indeed create a foreman discovery image extension. Perhaps hack
the "poweroff" command which is called from foreman-proxy running inside
the image.

https://theforeman.org/plugins/foreman_discovery/5.0/index.html#5.Extendingtheimage

But why don't you simply use PXE-less discovery mode? Just boot the
server from the discovery ISO (attach it via your IPMI) and it will then
start provisioning without rebooting the system (via kexec).

https://theforeman.org/plugins/foreman_discovery/5.0/index.html#5.3PXE-lessdiscovery

··· -- Later, Lukas #lzap Zapletal

> But why don't you simply use PXE-less discovery mode? Just boot the
> server from the discovery ISO (attach it via your IPMI) and it will then
> start provisioning without rebooting the system (via kexec).
>
> https://theforeman.org/plugins/foreman_discovery/5.0/index.html#5.3PXE-lessdiscovery

One note, this only works for Red Hats atm, templates for other distros
haven't been added yet. Debian is pending review, but you can easily
copy and paste the contents and test it out.

··· -- Later, Lukas #lzap Zapletal

I also use it to provision ESXi hosts, I saw the PXEless discovery option,
i'm not after it.
I will probably generate my own modified image as a fast workaround.
The ideal will be to add an option to let the "reboot" command know we also
want to set bootdev to PXE

··· On Monday, June 20, 2016 at 3:34:31 PM UTC+3, Lukas Zapletal wrote: > > > But why don't you simply use PXE-less discovery mode? Just boot the > > server from the discovery ISO (attach it via your IPMI) and it will then > > start provisioning without rebooting the system (via kexec). > > > > > https://theforeman.org/plugins/foreman_discovery/5.0/index.html#5.3PXE-lessdiscovery > > One note, this only works for Red Hats atm, templates for other distros > haven't been added yet. Debian is pending review, but you can easily > copy and paste the contents and test it out. > > https://github.com/theforeman/foreman_discovery/pull/226 > > -- > Later, > Lukas #lzap Zapletal >

I created a small hack, my ruby skills are way off, it's the first time i
code anything in ruby :slight_smile:

It looks like the reboot calls goes to the smart_proxy_discovery_image
plugin which is installed in the discovery image.
I created a hack that allows me to set a kernel command line "bootpxe=1"
(any value though should work) and it will set the bootdev to pxe before
the reboot.
In the image itself, i had to add the ipmitool to the sudoers file (so my
hack will work, i also enabled the ipmitool service, didn't test without it
though).

My changes on the smart_proxy_discovery_image
diff --git a/lib/smart_proxy_discovery_image/power_api.rb
b/lib/smart_proxy_discovery_image/power_api.rb
index 36c5360…68eda6e 100644
— a/lib/smart_proxy_discovery_image/power_api.rb
+++ b/lib/smart_proxy_discovery_image/power_api.rb
@@ -1,5 +1,15 @@
require 'sinatra'

+def cmdline option=nil, default=nil

  • @cmdline ||= File.open("/proc/cmdline", 'r') { |f| f.read }
  • if option
  • result = @cmdline.split.map { |x| $1 if
    x.match(/^#{option}=(.*)/)}.compact
  • result.size == 1 ? result.first : default
  • else
  • @cmdline
  • end
    +end
··· + module Proxy::DiscoveryImage class PowerApi < ::Sinatra::Base helpers ::Proxy::Helpers @@ -8,6 +18,11 @@ module Proxy::DiscoveryImage
 put "/reboot" do
   log_halt 500, "shutdown binary was not found" unless (shutdown = 

which(‘shutdown’))

  •  bootpxe = cmdline('bootpxe', nil)
    
  •  if bootpxe
    
  •    log_halt 500, "ipmitool binary was not found" unless (ipmitool = 
    

which(‘ipmitool’))

  •    run_after_response 5, ipmitool, "chassis", "bootdev", "pxe"
    
  •  end
     run_after_response 5, shutdown, "-r", "now", "Foreman BMC API reboot"
     content_type :json
     { :result => true }.to_json
    

Changes on the foreman-discovery-image:
diff --git a/22-discovery.ks b/22-discovery.ks
index eccd807…c1304be 100644
— a/22-discovery.ks
+++ b/22-discovery.ks
@@ -42,8 +42,8 @@ systemctl enable discovery-menu.service

register service is started manually from discovery-menu

systemctl disable discovery-register.service

-echo " * disabling some unused system services"
-systemctl disable ipmi.service
+#echo " * disabling some unused system services"
+#systemctl disable ipmi.service

echo " * open foreman-proxy port via firewalld"
firewall-offline-cmd --zone=public --add-port=8443/tcp --add-port=8448/tcp
@@ -114,6 +114,7 @@ echo " * setting up sudo"
sed -i -e ‘s/^Defaults.*requiretty/Defaults !requiretty/g’ /etc/sudoers
echo “foreman-proxy ALL=NOPASSWD: /sbin/shutdown” >> /etc/sudoers
echo “foreman-proxy ALL=NOPASSWD: /usr/sbin/kexec” >> /etc/sudoers
+echo “foreman-proxy ALL=NOPASSWD: /usr/bin/ipmitool” >> /etc/sudoers

echo " * dropping some friendly aliases"
echo “alias vim=vi” >> /root/.bashrc

I do still think the best option (when i’ll have some spare time to dig
into ruby more) will be to set either through settings or through the
"provision" button the option to reboot but to set bootdev to pxe before
(it could be passed a param when calling the /reboot on the smart-proxy).

On Monday, June 20, 2016 at 4:00:56 PM UTC+3, Erez Zarum wrote:

I also use it to provision ESXi hosts, I saw the PXEless discovery option,
i’m not after it.
I will probably generate my own modified image as a fast workaround.
The ideal will be to add an option to let the “reboot” command know we
also want to set bootdev to PXE

On Monday, June 20, 2016 at 3:34:31 PM UTC+3, Lukas Zapletal wrote:

But why don’t you simply use PXE-less discovery mode? Just boot the
server from the discovery ISO (attach it via your IPMI) and it will
then
start provisioning without rebooting the system (via kexec).

Foreman :: Plugin Manuals

One note, this only works for Red Hats atm, templates for other distros
haven’t been added yet. Debian is pending review, but you can easily
copy and paste the contents and test it out.

https://github.com/theforeman/foreman_discovery/pull/226


Later,
Lukas #lzap Zapletal

> It looks like the reboot calls goes to the smart_proxy_discovery_image
> plugin which is installed in the discovery image.
> I created a hack that allows me to set a kernel command line "bootpxe=1"
> (any value though should work) and it will set the bootdev to pxe before
> the reboot.
> In the image itself, i had to add the ipmitool to the sudoers file (so my
> hack will work, i also enabled the ipmitool service, didn't test without it
> though).

That looks nice. Frankly, our long-term plans is to support various
things like changing BIOS settings, upgrading firmware and this would be
first step towards it. Feel free to extend your work and create new API
in the smart_proxy_discovery_image for managing IPMI. This can be
generic IPMI API for various actions - setting bootdev can be the first
and only supported operation.

Mount the new API in http_config.ru perhaps under /ipmi path.

This will require change in foreman_discovery plugin as well to add new
actions to the discovered hosts list/show pages, but it should be pretty
straightforward. You can also add some code that will trigger bootdev
action after host is discovered automatically (this must be enabled via
global setting tho).

> -echo " * disabling some unused system services"
> -systemctl disable ipmi.service
> +echo "foreman-proxy ALL=NOPASSWD: /usr/bin/ipmitool" >> /etc/sudoers

Go ahead and file PR for this change as well, this won't hurt.

Nice work.

··· -- Later, Lukas #lzap Zapletal

Hopefully i'll have some time to improve my ruby non-existence skills ;),
if only it was written in python (django) it could be easier for me.
But i think i figured out a few things by your reply :slight_smile:

Than you for the warm welcome, i'm getting foreman+puppet into our
environment, I am also going to write a small extension to provision ESXi
hosts easily.

I can see a lot of cool things that could be done, like creating RAID array
automatically, upgrading Firmware to the latest on discovered hosts, etc…

I'll try and submit my changes as PR today

Again, Thanks for the kind words!

··· On Tuesday, June 21, 2016 at 2:47:42 PM UTC+3, Lukas Zapletal wrote: > > > It looks like the reboot calls goes to the smart_proxy_discovery_image > > plugin which is installed in the discovery image. > > I created a hack that allows me to set a kernel command line "bootpxe=1" > > (any value though should work) and it will set the bootdev to pxe before > > the reboot. > > In the image itself, i had to add the ipmitool to the sudoers file (so > my > > hack will work, i also enabled the ipmitool service, didn't test without > it > > though). > > That looks nice. Frankly, our long-term plans is to support various > things like changing BIOS settings, upgrading firmware and this would be > first step towards it. Feel free to extend your work and create new API > in the smart_proxy_discovery_image for managing IPMI. This can be > generic IPMI API for various actions - setting bootdev can be the first > and only supported operation. > > Mount the new API in http_config.ru perhaps under /ipmi path. > > This will require change in foreman_discovery plugin as well to add new > actions to the discovered hosts list/show pages, but it should be pretty > straightforward. You can also add some code that will trigger bootdev > action after host is discovered automatically (this must be enabled via > global setting tho). > > > -echo " * disabling some unused system services" > > -systemctl disable ipmi.service > > +echo "foreman-proxy ALL=NOPASSWD: /usr/bin/ipmitool" >> /etc/sudoers > > Go ahead and file PR for this change as well, this won't hurt. > > Nice work. > > -- > Later, > Lukas #lzap Zapletal >