As the subject suggests. Is this even possible? I want to be able to kick off a new VM from Foreman and have it iPXE it’s OS (this part I’ve got worked out). I also want the VM to have at least two NICs configured to receive their IP address via DHCP from Foreman, or more specifically, from the smart proxy running on the same machine as my Foreman server.
Given that I’m really new to Foreman, my current understanding is that I need an additional smart proxy on each VLAN running DHCP. Am I correct in that understanding? Is it possible to use a single smart proxy and configure dhcp relay on my router to forward the dhcp request to my one and only smart proxy running on the foreman server?
So far, I’ve been able to get it to provision the VM with two NICs. The first NIC is getting an IP address assigned to it, but the second is not.
I think I may have this working but I’m hoping for a sanity check. Additionally, I figure this post could likely benefit from some additional details.
My Foreman VM is running on a Libvirt hypervisor. The Foreman VM is also running my smart-proxy. It has tftp, dhcp, and logs services enabled. The hypervisor has two bridges called “control”, and “storage”. The Foreman VM has two interfaces connected to each of the bridges. The interface on the “control” bridge is the main (or primary) interface through which I’m accessing the Foreman web console. The foreman-installer took care of the dhcp configuration for the “control” network.
I’m hoping to be able to provision VMs that each have two interfaces as well. One on each bridge.
To get this working, I edited the /etc/dhcpd.conf file and added a second dhcp pool for the storage network. I also learned yesterday that I could define the second dhcp pool in the /etc/foreman-installer/custom-hiera.yaml file. I also ensured that the dhcpd service was listening on both interfaces. This way, dhcp relay should not be required on the router. I also ensured that the “control” and “storage” subnets were defined within the Foreman web console and ensured that the dhcp service on the smart-proxy was configured to serve them.
Next I edited my compute profile to include two NICs, one on each bridge. I also ensured that my Host Group was configured to use this compute profile.
So finally, I’m ready to deploy a host. I go to “Host”, “Create Host”. On the “Host” tab, I select my Host Group and all the remaining fields are automatically filled in. So far, this is what I expect to happen. However, if I go to the “Interfaces” tab, I see the two NICs that’ll be added to the VM. The first interface appears to have been properly populated with an IP address. It’s also set to be the “managed”, “primary”, and “provision” interface. To my knowledge, that is all correct. Where I’m struggling is with the second interface. It does not yet have an IP address issued to it. If I select the Edit button, I can see that the IPv4 Subnet dropdown is empty. If I select the “storage” subnet, that’s when the interface is issued an IP address. From there I can click “Ok” and “Submit” and the VM will provision successfully, with IPs on both interfaces.
So I think I have this working. I’m just hung up on the fact that I have to edit the second interface and specify the “storage” subnet before it’s issued an IP. Is that expected behavior? Or have I missed a step where I can define which subnet should be used by default for the second NIC?
Another observation. If I deploy a new host without going to the “interfaces” tab and editing the second interface then Foreman will provision the VM with the second interface configured with “bootproto=none”. Which means it doesn’t get an IP address on that interface until I change it to “dhcp”. It will also have a default MTU of 1500, which in my “storage” subnet, I specify 9000.
Additionally, the IP reservation will not be tracked by Foreman in the “DHCP Reservations for Storage Network”.
So it appears that it would be a required step in my workflow to go to the “interfaces” tab and ensure that the second NIC is defined for the “storage” subnet before kicking off the build. Is there no way to specify which subnet to configure for the second NIC as part of my “host group” or “compute profile”?
Hey, a single DHCP proxy can manage multiple subnets, its just our installer can only set one. To set multiple you need to use hiera.yaml in order to define more subnets. Then you register them into Foreman (you need to do this manually) and you are good to go.
Then you can of course have as many as NICs as you want, all managed by Foreman and Proxy, just a single one can be marked as “provision” NIC - the one that is used for PXE booting.
I think I’ve got that part worked out. So it appears that, as of today, it would be a required step in my workflow to go to the “interfaces” tab and select the subnet for the second, or any additional NICs before kicking off the build. Does that sound right?
It seems it’d be an easy thing to assign a subnet to a NIC when creating my Compute Profile. I’m already defining which bridge the interface should be connected to. An additional drop down for the subnet would seem logical on that page.
