Problem: We’ve recently installed Foreman+Katello (3.18 + 4.20) and have been trying to deploy a Dell server with Alma 9.7 via iPXE with it that’ll have a bonded (802.3ad) interface from 2 NICs.The provisioning process is quite smooth, we set one of the interfaces in the GUI to act as “provision” and add net.ifnames=0 biosdevname=0 vlan=eth0.XX:eth0 ip=dhcpso it can connect to the network.
We’ve noticed however that this setting in the provisioning cmdline seems to persist into the actual install, so we end up with two identical VLAN entries in NetworkManager and an vlanXX@eth0 interface that’s up and getting the IP address. If we edit NetworkManager manually post-install, we can successfully get the bond up with the VLAN tag. Is there any way to stop this from happening, or are we approaching this process from the wrong angle?
Expected outcome: The bond is the only interface with a VLAN entry after install, instead of the individual interface.
Foreman and Proxy versions: 3.18
Foreman and Proxy plugin versions: 3.18
Distribution and version: Rocky Linux 9.7 on Foreman Host
We’ve also found that for some reason our vlan connection that’s being generated for the bond is being assigned to itself? It’s never given a parent of bond0 in the generated kickstart:
Adding this to the %post section in the kickstart sorts this out: sed -i 's/^parent=vlan1$/parent=bond0/' /etc/NetworkManager/system-connections/vlan1.nmconnection
I don’t think this will work. You should set the vlan in the foreman interface. Then foreman will configure the vlan… Manually setting it yourself will create another interface.
We do set it in the foreman interface, but for some reason it’s not getting attributed to the bond in the actual kickstart, so NM ends up attributing the vlan to itself. We do have to manually set the vlan on the cmdline though to download the kickstart file once it’s past iPXE.
First port (going into the first switch) has identifier eth0 set as Provision and Managed
Second port (going into the other switch) has identifier eth1 set as just managed
Device with identifier bond0 with eth0 and eth1 as slaves, 802.3ad, set as just managed
Device with identifier vlan1 attached to bond0 with vlan tag, ipv4, domain and DNS name. Set as Managed, Primary, Remote Execution (and Virtual NIC).
We have the VLAN set in the server’s BIOS so that iPXE can get to the Next Server and start the chainload. We then have net.ifnames=0 biosdevname=0 vlan=eth0.XX:eth0 ip=dhcp(as mentioned in the beginning) in the kernel parameters for the Kickstart iPXE Template so that once it’s past iPXE it can continue to stay connected and download the kickstart and packages.
This messy method does work, but yes ideally we’d like to adjust this to be as painless as possible. We do have full control of the switches + DHCP + DNS but these are very new switches and we don’t have much experience configuring them
The provision interface gets an IP address without issue since during the provision stage it’s not an LACP bond yet (and is configured as such on the switches). It’s more when the install finishes, nm-init-rd is carrying over some of that ad-hoc cmdline config to the actual install itself
But you cannot have both: the network configuration in foreman must be consistent: a slave interface does not have an ip address and cannot be a provision interface. I guess, it should detect this as error but doesn’t. Thus, the resulting kickstart will get weird or broken.
Set up the bond in foreman and let it configure the kernel options for booting as well as the kickstart network configuration. That should give you a consistent configuration.
bond0 with eth0 and eth1 as slaves, set as managed
vlan1 associated with bond0, with provision, primary, remote execution, etc all checked
Initial provisioning worked, but when it booted into the OS the interface configs were a little strange. vlan1 was replaced with “bond0.1@bond0”. The vlan1 I setup does get made though. The bond I had setup was also just completely missing eth0 as well. vlan1 had been assigned to itself, bond0 had ipv4 set to Disabled, and the initial eth0 and eth1 profiles that it should’ve created were missing any mention of the bond at all.
After untangling this the vlan came up properly, nm-initrd-generator is definitely causing issues somewhere.
That’s happening because you are trying to use obsolete, old-style naming schemas. The vlan 1 tagged interface on a base interface bond0 is bond0.1. That’s the official name and that is what foremane expects and what help says.
If you follow the standard naming schema as the help text says it will work.
Apologies shortly after the last reply I did adjust the namings to what they’re supposed to be, still ending up with the same result but NetworkManager is duplicating configs for the individual interfaces with wildly different names, some with a port type of bond and some without, then creating its own “vlan1” with a parent of bond0.1 without me even specifying it anywhere.
Getting closer, but it’s still provisioning the bond VLAN interface (bond0.1) as its own bond set to balance-rr instead of a virtual interface post-install..
I’ve given up for now and gone back to how it was setup beforehand. Something seems to be broken between the Kickstart that Foreman generates and what nm-initrd-generator decides to do with the PXE parameters foreman passes through. It’s generating duplicates and broken configs no matter what I do
