PXE-Less from remote network

Hi all,

is possible use PXE-Less discovery/provisioning from remote location over
NAT/Openvpn?

In local network everythink works. USB fdi-bootable-3.3.1.iso boot, I enter
https://FOREMANIP:8443, proxy mode. Discovery status is SUCCESS. In
Discovery hosts I see new host, clik on Provisionin and select HostGroup.
Host change kernel (kexec) and start instaling OS (Ubuntu) without reboot.

I have remote location with OpenWRT router configured as Openvpn client,
all remote lan traffic is routed over this vpn connection. Client boot,
Discovery status is SUCCESS, in Discovery hosts i see new host, But after
click on Provisioning and saving new host, nothing happens. On Foreman gui
a see:

completed - Create IPv4 DNS record for mac525400a04515.mydomain.cz
completed - Deploy TFTP PXEGrub2 config for mac525400a04515.mydomain.cz
completed - Deploy TFTP PXELinux config for mac525400a04515.mydomain.cz
completed - Deploy TFTP PXEGrub config for mac525400a04515.mydomain.cz
completed - Fetch TFTP boot files for mac525400a04515.mydomain.cz
running - Reloading kernel on mac525400a04515.mydomain.cz

Client stay on Discovery status screen.

Now I testing on my laptop connected over VPN, host is kvm VM with virtual
net: NAT. Same problem.

In production.log on server I see ERROR:
.
.
.
2017-02-03T11:27:31 7f001834 [app] [I] Processing by TasksController#show
as /
2017-02-03T11:27:31 7f001834 [app] [I] Parameters:
{"id"=>"7ce38423-bc56-42cf-b523-ba12894e1b2b"}
2017-02-03T11:27:31 7f001834 [app] [I] Rendered tasks/_list.html.erb
(0.3ms)
2017-02-03T11:27:31 7f001834 [app] [I] Completed 200 OK in 5ms (Views:
0.6ms | ActiveRecord: 0.7ms)
2017-02-03T11:27:32 7f001834 [app] [W] Unable to perform kexec on
mac525400a04515
> RestClient::InternalServerError: 500 Internal Server Error
>
/usr/share/foreman/vendor/ruby/2.3.0/gems/rest-client-2.0.0/lib/restclient/abstract_response.rb:223:in
exception_with_response' > /usr/share/foreman/vendor/ruby/2.3.0/gems/rest-client-2.0.0/lib/restclient/abstract_response.rb:103:inreturn!'
.
.
.

On Foreman (1.14.1) I have:

1. Smart proxy with Template module enabled

2. One domain with two subnets:
   172.17.129.0/23 for local network - DHCP, TFTP, DNS, Discovery proxy
   enabled
   10.128.20.0/24 for remote location - TFTP, Discovery proxy enabled

3. Two HostGroup, one with local subnet, second with remote subnet

4. Host OS for provisioning Ubuntu 16.04

OpenVPN server 172.17.129.5 with 10.8.0.0/24
Foreman server 172.17.129.51

What a may check/set for PXE-Less discovery/provisioning remote host?

Thanks.

Hello,

can you switch to tty2 on the discovered node (or enable ssh and
journalctl -f) and then provision, you should see two wget calls
logging all output to the system journal. You will find an error there
like 404 or 403. Try the wget command manually and investigate the
network issue.

LZ

Hi,

in log on discovered node is only this:

Feb 17 14:00:53 fdi /usr/bin/discovery-menu[834]: Entering screen_facts
Feb 17 14:00:53 fdi /usr/bin/discovery-menu[834]: TUI executing: kexec
–version
Feb 17 14:01:07 fdi /usr/bin/discovery-menu[834]: Registering host at (
https://172.17.129.51:8443)
Feb 17 14:01:08 fdi /usr/bin/discovery-menu[834]: Detecting the first NICs
with link
Feb 17 14:01:08 fdi /usr/bin/discovery-menu[834]: Interface with link
found: 54:53:ed:af:aa:7d (enp4s0)
Feb 17 14:01:08 fdi /usr/bin/discovery-menu[834]: Detecting the first NICs
with link
Feb 17 14:01:08 fdi /usr/bin/discovery-menu[834]: Interface with link
found: 54:53:ed:af:aa:7d (enp4s0)
Feb 17 14:01:09 fdi /usr/bin/discovery-menu[834]: Response from server 200:
Feb 17 14:01:09 fdi /usr/bin/discovery-menu[834]: Wrote result 200 to
/tmp/discovery-http-success
Feb 17 14:01:09 fdi /usr/bin/discovery-menu[834]: Entering screen_status

After Provision, nothing happens on discovered host. No more lines in log,
no error… nothing… Host stay on Status screen, log stay on "Entering
screen_status"

Any idea?
Thanks.

Hi,

thanks, but this is realy last lines in logs. I am connected by ssh to
client, journalctl, discovery-debug, tty2 … scroll down, End,
PgDown… Entering screen_status is last line. After 10min, new lines
about Cleanup… No wget call.

Feb 21 13:00:05 fdi /usr/bin/discovery-menu[708]: Wrote result 200 to
/tmp/discovery-http-success
Feb 21 13:00:06 fdi /usr/bin/discovery-menu[708]: Entering screen_status
Feb 21 13:10:48 fdi systemd[1]: Starting Cleanup of Temporary Directories…
Feb 21 13:10:48 fdi systemd[1]: Started Cleanup of Temporary Directories.

I trying install new Foreman 1.14.1 on clean CentOS 7 and setup only
Discovery. Trying older fdi-bootable-3.2.0.iso. Still same problem.

Then it must be something on the way, I see Foreman is getting 500
error. If you have a Subnet associated with Discovery proxy, that
proxy should be proxying the call, but it's doing 500. Investigate
that. See our manual on how communication is done.

LZ

These logs are correct, but irrelevant, kexec --version is executed
during fact collection. Scroll down when you see wget calls, these are
likely failing.