I'm looking to setup a katello server to manage/build servers in our
environment. Currently I have a multi-homed Katello/foreman server with a
private network without DNS which is used to provision servers. DHCP/PXE
boot is configured on the katello server for the private network managed by
katello/foreman. A public network that each server will be on and will not
have DHCP/PXE enabled. This is how we currently have provisioning of
servers setup using cobbler.
The problem I'm running into is that during the kickstart install of the OS
it attempts to retrieve the kickstart file from http://foreman.domain.com
which it's unable to resolve. I also notice that the repo urls also
include the fqdn of the katello/foreman server. I would like to specify
that kickstarts and product/repos are accessed via the private IP address
or even better be accessible via both public/priv IP addresses. One
thought that comes to mind is to setup split brain dns on the
katello/foreman server where the katello/foreman servers fqdn would resolve
to it's private IP address. this would work since dhcpd is already
configured to point servers requesting dhcp addresses on the private side
with it's IP address as the DNS server.
Does this sound like a reasonable approach or is there a better method?
> Does this sound like a reasonable approach or is there a better method?
Hello,
there is a Templates Smart Proxy plugin which can be enabled. Then
foreman_url renders to Smart Proxy associated with the subnet and the
plugin forwards the requests. This works for all templates which are
accessed from nodes. You can deploy a Proxy if it is a good fit.
Looks like I found an old thread that discusses setting the following
values for the following.
Administer > settings > General
foreman_url <set to priv IP on dhcp/tftp server>
Administer > settings > provisioning
unattended_url <set to priv IP on dhcp/tftp server>
I also went in and change the fqdn used in the OS url to be the private
10.x.x.x address of the katello/foreman server.
This seems to of fixed my issues.
···
On Thursday, 22 October 2015 02:41:50 UTC-6, Edward Clay wrote:
>
> Hello,
>
> I'm looking to setup a katello server to manage/build servers in our
> environment. Currently I have a multi-homed Katello/foreman server with a
> private network without DNS which is used to provision servers. DHCP/PXE
> boot is configured on the katello server for the private network managed by
> katello/foreman. A public network that each server will be on and will not
> have DHCP/PXE enabled. This is how we currently have provisioning of
> servers setup using cobbler.
>
> The problem I'm running into is that during the kickstart install of the
> OS it attempts to retrieve the kickstart file from
> http://foreman.domain.com which it's unable to resolve. I also notice
> that the repo urls also include the fqdn of the katello/foreman server. I
> would like to specify that kickstarts and product/repos are accessed via
> the private IP address or even better be accessible via both public/priv IP
> addresses. One thought that comes to mind is to setup split brain dns on
> the katello/foreman server where the katello/foreman servers fqdn would
> resolve to it's private IP address. this would work since dhcpd is already
> configured to point servers requesting dhcp addresses on the private side
> with it's IP address as the DNS server.
>
> Does this sound like a reasonable approach or is there a better method?
>
Ivan… do we need to take any of the multihome certificate discussion
and get it into upstream docs?
– bk
···
On 10/22/2015 09:38 AM, Lukas Zapletal wrote:
>> Does this sound like a reasonable approach or is there a better method?
>
> Hello,
>
> there is a Templates Smart Proxy plugin which can be enabled. Then
> foreman_url renders to Smart Proxy associated with the subnet and the
> plugin forwards the requests. This works for all templates which are
> accessed from nodes. You can deploy a Proxy if it is a good fit.
>
