RFC: Enable Foreman to manage OS images (Ubuntu 22.04)

This proposal links to the RFC: Rearchitecting how PXE files are deployed and aims on automating a specific aspect of it. As mentioned in the original RFC, more issues arise with OSs changing their deployment process (talking about Ubuntu). This makes it hard to define a general procedure which applies to every OS. In order to address this trend, a new template type was introduced by @lzap which takes care of the boot file setup of an OS.

IMHO the rearchitecting is the best way to handle this change and gives a future-proof way of dealing with upcoming changes. Still, I think it is a major feature to establish a new template type and make the corresponding changes to foreman, smart-proxy, and katello as well. This takes time and until it is completely finished, manual steps (downloading and extracting the ISO image) are necessary to deploy Ubuntu hosts from 20.04.3 onwards. These manual steps are not too easy and there is some discussion going on about it which you might see here and here. In order to provide a default procedure and automate the manual steps, I want to propose a feature to bridge the time until the rearchitecting of PXE file deployment is done: Enable Foreman to download and manage ISO images.

I’ve been working on this for a couple of weeks now and I’d like to share it here. Also, I know it has some parts which are not absolutely clean and need some feedback. The procedure I’m working on brings the following additions:

  • allow a user to declare an URL to an ISO image as Installation Media
  • when deploying a new host, Foremen verifies the Installation Media path. If it resolves to an ISO image, it triggers an additional API call before downloading the boot files
  • on the Smart Proxy side, the API endpoint takes three parameters:
    • the URL to download the image from
    • the local path on the Smart Proxy to store the image
    • a list of files which shall be extracted from the image (kernel and initrd)
  • the Smart Proxy stores the image under /var/www/html/pub/installation_media/ and adds the remaining relative path to it (for example ubuntu/ubuntu-22-04-<some hash>.iso). The reason for this directory is the fact that the image is supposed to be available via http for the boot process
  • afterwards, the Smart Proxy creates a folder directly next to the image and extracts the boot files in there
  • when the Smart Proxy is done, it returns to the Foreman which then continues the default deployment procedure

The parts I’m concerned with:
A downside of this method has already been mentioned in the original feature: It adds a dangling API call which waits for ~1.4 GB image files to be downloaded and extracted on the Smart Proxy side. The extraction part has been minimised by limiting it to the actually needed boot files instead of extracting the whole image. Still, the timeout of an API request must be extended in order to allow such a request(compare the Foreman PR).
Another issue that’s been discussed beforehand is the fact that the boot file download is triggered with every host deployment. It may have been the case that we download the image every time a host is deployed. This issue was avoided and the hosts are just going to re-use the existing image. Still, a mechanism must be implemented which handles concurrency situations when multiple hosts are deployed at the same time and for the first time (which means no image has been prepared until then).

As of now, the code consists of two PRs. One on the Foreman and another one on the Smart Proxy side:

I think, additional PRs in foreman-packaging and foreman-installer are necessary in order to add a dependency for isoinfo and properly manage the /pub/ directory of the proxies.

Thanks for your time & I’m looking forward to your feedback!


I think it makes sense if there’s no capacity to do the full rearchitecture right now. The downsides are clearly listed and such behaviors should be documented.