I have Foreman managing DNS via smart proxy on my DNS server.
When i create a 'New Host', Foreman creates the Openstack Instance just
fine, but times-out with SSH trying to resolve the new FQDN prior to
provisioning with the Error:
'Unable to save
Failed to get IP for test2.stack: The specified wait_for timeout (600
seconds) was exceeded'
On further inspection, Foreman is not calling the smart proxy:
nsupdate -k on the DNS server, and from the Foreman server creates
the DNS record correctly.
Jan 21 06:28:28 mydns named: client 10.0.0.3#32705: updating zone
'stack/IN': adding an RR at 'test2.stack' A
calling the smart proxy API from Foreman using curl also creates the
DNS record correctly.
curl -i -d "fqdn=test2.stack&value=10.0.0.4&type=A"
D, [2014-01-21T06:28:28.163191 #910] DEBUG – : running
/usr/bin/nsupdate -k /etc/bind/rndc.key
D, [2014-01-21T06:28:28.165608 #910] DEBUG – : nsupdate: executed -
D, [2014-01-21T06:28:28.173745 #910] DEBUG – : nsupdate: executed -
update add test2.stack. 86400 A 10.0.0.4
with the smart proxy in 'debug' logging, there is no record of
Foreman attempting an API request to make a DNS record.
SSL certs on mydns.stack have been generated, and are accessible to
all required domains resolve using the DNS server: foreman.stack
(10.0.0.2), mydns.stack (10.0.0.3)
i'm not using floating_ip's in Openstack - all created Instances have IP's
are on my local network.
Foreman server also has foreman-proxy configured to deal with Puppet,
Puppet CA, and TFTP.
Both smart proxies are added to Foreman, with mydns.stack is added to the
'stack' domain and used when creating a 'New Host'.
here is my foreman-proxy.conf from mydns.stack: (some commented options
removed to make it more readable)
···--- # SSL Setup :ssl_certificate: /var/lib/puppet/ssl/certs/mydns.stack.pem :ssl_ca_file: /var/lib/puppet/ssl/certs/ca.pem :ssl_private_key: /var/lib/puppet/ssl/private_keys/mydns.stack.pem
enable the daemon to run in the background
port used by the proxy
Enable TFTP management
Enable DNS management
use this setting if you are managing a dns server which is not localhost
though this proxy
Enable DHCP management
The vendor can be either isc or native_ms
enable PuppetCA management
enable Puppet management
Where our proxy log files are stored
filename or STDOUT
valid options are
WARN, DEBUG, Error, FATAL, INFO, UNKNOWN
any input would be greatly appreciated - i feel like i’m missing something
really obvious here!