IPs are not registered in freeipa with novajoin
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
novajoin |
Confirmed
|
Medium
|
Unassigned |
Bug Description
We are using novajoin in tripleo overcloud installation. Not all of the IP addresses are defined in our templates (neither pre-registered in DNS), and we would like to register the correct IPs in freeipa DNS on the fly during the installation. It's not very trivial to achieve this, we ended up using tricky customizations without touching the official yaml workflow.
Also there are couple of problems when the host is enrolled during cloud-init:
1. only works with cloud-init version which is not officially available on CentOS
2. it is unpredictable whether enrollment is successful at cloud-init time, since the network may not be ready when vendordata provided job runs
3. the enrollment picks up the first IP address which may not be the correct one according to the final hosts file created
We have found it better to curl the OTP token at later stage and register it with the correct IP based on role type.
It would be great if DNS registration could be solved in future versions.
Changed in novajoin: | |
status: | New → Confirmed |
Changed in novajoin: | |
importance: | Undecided → Medium |
Point #1 is being addressed, and a newer CentOS version will include a newer cloud-init.
can you ellaborate more on point #2?
Picking up a correct IP (at least in TripleO) is tricky, since network isolation means that there are several valid IPs for that node. On the other hand, we do create (in the overcloud deployment) several "sub-hosts" for the specific networks that could be associated with the IPs. perhaps, we could specify in the metadata which interface to get the IP from, and use that in the cloud-init script? What do you think?