Bug #26277
closed
Foreman provides DHCP address via smart-proxy and used by server but No actual DHCP lease was created.
Description
During provisioning of a virtual machine.
Foreman requests DHCP from the smart-proxy and does "return" / use an IP address from the designated subnet.
But it turned out that the actual lease was not created.
This is the log from the smart-proxy
logs:
proxy.log:
2019-03-07T14:53:32 3bcfd74e [I] Started GET /serverName 2019-03-07T14:53:32 3bcfd74e [I] Finished GET /serverName with 200 (0.4 ms) 2019-03-07T14:53:32 3bcfd74e [I] Started GET /172.21.99.0/mac/00:50:56:8e:95:bc 2019-03-07T14:53:32 3bcfd74e [E] No DHCP record for MAC 172.21.99.0/00:50:56:8e:95:bc found 2019-03-07T14:53:32 3bcfd74e [I] Finished GET /172.21.99.0/mac/00:50:56:8e:95:bc with 404 (1.14 ms) 2019-03-07T14:53:32 3bcfd74e [I] Started GET /172.21.99.0/ip/172.21.99.30 2019-03-07T14:53:32 3bcfd74e [E] No DHCP records for IP 172.21.99.0/172.21.99.30 found 2019-03-07T14:53:32 3bcfd74e [I] Finished GET /172.21.99.0/ip/172.21.99.30 with 404 (1.02 ms)
messages
Mar 7 14:53:32 pr-infra-deploy101 smart-proxy: pr-infra-foreman101.df1.my.net - - [07/Mar/2019:14:53:32 CET] "GET /tftp/serverName HTTP/1.1" 200 28 Mar 7 14:53:32 pr-infra-deploy101 smart-proxy: - -> /tftp/serverName Mar 7 14:53:32 pr-infra-deploy101 smart-proxy: pr-infra-foreman101.df1.my.net - - [07/Mar/2019:14:53:32 CET] "GET /dhcp/172.21.99.0/mac/00:50:56:8e:95:bc HTTP/1.1" 404 58 Mar 7 14:53:32 pr-infra-deploy101 smart-proxy: - -> /dhcp/172.21.99.0/mac/00:50:56:8e:95:bc Mar 7 14:53:32 pr-infra-deploy101 dhcpd: DHCPDISCOVER from f8:f2:1e:46:6d:b0 via ens224: network 172.21.99.0/24: no free leases Mar 7 14:53:32 pr-infra-deploy101 smart-proxy: pr-infra-foreman101.df1.my.net - - [07/Mar/2019:14:53:32 CET] "GET /dhcp/172.21.99.0/ip/172.21.99.30 HTTP/1.1" 404 53 Mar 7 14:53:32 pr-infra-deploy101 smart-proxy: - -> /dhcp/172.21.99.0/ip/172.21.99.30
later after verifying there was no actual lease i asked foreman for a new ip address in the same subnet.
after this op it succesfully created the dhcp lease entry.
again the logs:
proxy.log:
2019-03-07T17:02:15 3bcfd74e [I] Started GET /serverName 2019-03-07T17:02:15 3bcfd74e [I] Finished GET /serverName with 200 (0.52 ms) 2019-03-07T17:02:15 3bcfd74e [I] Started GET /172.21.99.0/mac/00:50:56:8e:95:bc 2019-03-07T17:02:15 3bcfd74e [E] No DHCP record for MAC 172.21.99.0/00:50:56:8e:95:bc found 2019-03-07T17:02:15 3bcfd74e [I] Finished GET /172.21.99.0/mac/00:50:56:8e:95:bc with 404 (1.09 ms) 2019-03-07T17:02:15 3bcfd74e [I] Started GET /172.21.99.0/ip/172.21.99.37 2019-03-07T17:02:15 3bcfd74e [E] No DHCP records for IP 172.21.99.0/172.21.99.37 found 2019-03-07T17:02:15 3bcfd74e [I] Finished GET /172.21.99.0/ip/172.21.99.37 with 404 (0.96 ms) 2019-03-07T17:02:15 3bcfd74e [I] Started GET /serverName 2019-03-07T17:02:15 3bcfd74e [I] Finished GET /serverName with 200 (0.34 ms) 2019-03-07T17:02:15 3bcfd74e [I] Started DELETE /172.21.99.0/mac/00:50:56:8e:95:bc 2019-03-07T17:02:15 3bcfd74e [I] Finished DELETE /172.21.99.0/mac/00:50:56:8e:95:bc with 200 (0.38 ms) 2019-03-07T17:02:16 3bcfd74e [I] Started POST /172.21.99.0 2019-03-07T17:02:16 3bcfd74e [I] Finished POST /172.21.99.0 with 200 (58.56 ms)
messages:
Mar 7 17:02:15 pr-infra-deploy101 smart-proxy: pr-infra-foreman101.df1.my.net - - [07/Mar/2019:17:02:15 CET] "GET /tftp/serverName HTTP/1.1" 200 28 Mar 7 17:02:15 pr-infra-deploy101 smart-proxy: - -> /tftp/serverName Mar 7 17:02:15 pr-infra-deploy101 smart-proxy: pr-infra-foreman101.df1.my.net - - [07/Mar/2019:17:02:15 CET] "GET /dhcp/172.21.99.0/mac/00:50:56:8e:95:bc HTTP/1.1" 404 58 Mar 7 17:02:15 [36mpr-infra-deploy101 smart-proxy: - -> /dhcp/172.21.99.0/mac/00:50:56:8e:95:bc Mar 7 17:02:15 pr-infra-deploy101 smart-proxy: pr-infra-foreman101.df1.my.net - - [07/Mar/2019:17:02:15 CET] "GET /dhcp/172.21.99.0/ip/172.21.99.37 HTTP/1.1" 404 53 Mar 7 17:02:15 pr-infra-deploy101 smart-proxy: - -> /dhcp/172.21.99.0/ip/172.21.99.37 Mar 7 17:02:15 pr-infra-deploy101 smart-proxy: pr-infra-foreman101.df1.my.net - - [07/Mar/2019:17:02:15 CET] "GET /tftp/serverName HTTP/1.1" 200 28 Mar 7 17:02:15 pr-infra-deploy101 smart-proxy: - -> /tftp/serverName Mar 7 17:02:15 pr-infra-deploy101 smart-proxy: pr-infra-foreman101.df1.my.net - - [07/Mar/2019:17:02:15 CET] "DELETE /dhcp/172.21.99.0/mac/00:50:56:8e:95:bc HTTP/1.1" 200 0 Mar 7 17:02:15 pr-infra-deploy101 smart-proxy: - -> /dhcp/172.21.99.0/mac/00:50:56:8e:95:bc Mar 7 17:02:16 pr-infra-deploy101 smart-proxy: pr-infra-foreman101.df1.my.net - - [07/Mar/2019:17:02:16 CET] "POST /dhcp/172.21.99.0 HTTP/1.1" 200 0 Mar 7 17:02:16 pr-infra-deploy101 smart-proxy: - -> /dhcp/172.21.99.0
Updated by Lukas Zapletal about 5 years ago
- Status changed from New to Closed
Olmo, this is not a bug but rather discussion, please open up new thread on community.theforeman.org. I am closing this issue, let me explain:
Foreman tries to probe subnet if there is not a reservation for the particular IP and MAC address, 404 is actually expected result. If this was 200 result, that would result to conflict warning in Foreman. Now, Foreman creates reservation entries (or host entries in ISC DHCP) but never leases. Leases are created by DHCP clients and they eventually expire, Foreman only tracks them.
Updated by Olmo Rupert about 5 years ago
Lukas Zapletal wrote:
Olmo, this is not a bug but rather discussion, please open up new thread on community.theforeman.org. I am closing this issue, let me explain:
Foreman tries to probe subnet if there is not a reservation for the particular IP and MAC address, 404 is actually expected result. If this was 200 result, that would result to conflict warning in Foreman. Now, Foreman creates reservation entries (or host entries in ISC DHCP) but never leases. Leases are created by DHCP clients and they eventually expire, Foreman only tracks them.
Thank you. Maybe you're right it's a discussion. I might me the one that implements foreman in this company. But I have users who just click on create box and then stuff is not working, and wasn't reported nor canceled by foreman, so either false positives, or a bug.
I don't mean "lease" but static reserved lease maybe that's the right word, because I understand that is what the foreman-proxy injects in for example /var/lib/dhcpd/dhcpd.leases
all i can tell is foreman gave that .30 address to the node in the first operation, did not create the static reservation, without an error or failure.
now since i can ask again for an address, which worked, means it's somehow an sporadic issue. but failures like this makes foreman totally unusable and I am responsible for this system in the company where many people rely on. it's not the first time. Though unfortunately i have not been able to have a consistent replication of this problem.
not sure how i can act on this. i'm afraid it will mean moving away from foreman.
Updated by Lukas Zapletal about 5 years ago
Don't get me wrong, but I am afraid you need get better in isolating what is wrong and in communication skills, "it's not the first time" or "moving away from xyz" phrases are better to be used against the one who deployed Foreman. Consider hiring professionals, there are multiple companies or individuals providing support and consultancy. This is Foreman community, a group of people who develop Foreman in either their free time or people payed by companies interested in some way or other.
Updated by Olmo Rupert about 5 years ago
Lukas Zapletal wrote:
Don't get me wrong, but I am afraid you need get better in isolating what is wrong and in communication skills, "it's not the first time" or "moving away from xyz" phrases are better to be used against the one who deployed Foreman. Consider hiring professionals, there are multiple companies or individuals providing support and consultancy. This is Foreman community, a group of people who develop Foreman in either their free time or people payed by companies interested in some way or other.
Understood. The one who would deployed foreman would be me. So my bad. You mean considering hiring Ruby professionals. I understand I can not come up with criticism against an OpenSource project.
I provided the details I had at that point. Isolating the matter I could definitely be more extensive in regards of enabling all the debug settings perhaps.
So excuse me for my somewhat emotional reaction because it's my own fault I implemented this technology. If it happens again I will try to be more complete. But I have not been able to replicate the issue.