Integrating with preexisting DNS/DHCP

Hello,

I've been doing some testing regarding integrate Foreman with preexisting
infrastructure, namely ISC DHCP servers and BIND DNS.

In the case of DHCP, when installing foreman proxy with the
foreman-installer, the preexisting dhcpd.conf file is overwritten by the
one provided by the installation, I'm guessing that the same applies for
the bind configuration files.

So, my question is, is it possible to have foreman-installer merging the
current config with the new one? And whatever is the case, is it safe to
add configuration manually to those files after foreman proxy has been
installed?

The actual cases I'm thinking of are:

  • Add a dhcp range to the foreman proxy managed ISC DHCP server that
    wouldn't be managed via foreman.
  • Add dns zones to the foreman proxy managed BIND server that wouldn't be
    managed by foreman.
  • Add dns records to foreman proxy managed BIND zones.

By safe I mean knowing that the manually added configuration won't be wiped
by foreman proxy in any case.

Thank you.

Xavier

> By safe I mean knowing that the manually added configuration won't be wiped
> by foreman proxy in any case.

You can install foreman-proxy manually and not via our installer.

Just install the RPM file and then configure it in /etc/foreman-proxy
and this is it.

Unfortunately you are on your own, we don't have that documented. Maybe
side-install proxy on another server via the installer and then go
line-by-line modifying the configuration on your real server. The only
bummer will be likely certificates, you need to make sure you have set
them correctly.

··· -- Later, Lukas #lzap Zapletal

Sorry, I little bit mis-read your email. Find the correct answers
bellow:

> - Add a dhcp range to the foreman proxy managed ISC DHCP server that
> wouldn't be managed via foreman.

Feel free to modify dhcpd.conf at will, just make a note to do the
changes again when you re-run the proxy installer. Alternatively, you
can modify the puppet template if you plan to run it regularly.

Usually, you run the installer only once.

> - Add dns zones to the foreman proxy managed BIND server that wouldn't be
> managed by foreman.

Ditto but with DNS configs.

> - Add dns records to foreman proxy managed BIND zones.

Foreman proxy does use nsupdate to do the updates, you can update the
zones via normal means (e.g. via nsupdate which is the preferred method
which does not require reloading of configuration files.

··· -- Later, Lukas #lzap Zapletal

Ok, but the changes that you make to the config/zone files on a proxy
managed host doesn't get lost, right? (provided that you don't run the
installer)

X

··· On Wed, Jan 14, 2015 at 10:10 AM, Lukas Zapletal wrote:

By safe I mean knowing that the manually added configuration won’t be
wiped
by foreman proxy in any case.

You can install foreman-proxy manually and not via our installer.

Just install the RPM file and then configure it in /etc/foreman-proxy
and this is it.

Unfortunately you are on your own, we don’t have that documented. Maybe
side-install proxy on another server via the installer and then go
line-by-line modifying the configuration on your real server. The only
bummer will be likely certificates, you need to make sure you have set
them correctly.


Later,
Lukas #lzap Zapletal


You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.