Bootdisk » History » Version 10
Lukas Zapletal, 04/21/2015 12:33 PM
| 1 | 1 | Stephen Benjamin | h1. Bootdisk |
|---|---|---|---|
| 2 | |||
| 3 | h2. Requirements |
||
| 4 | |||
| 5 | https://trello.com/c/to0NYlGk/7-using-discovery-without-dhcp-2 |
||
| 6 | |||
| 7 | I would like a boot disk option that provides the following: |
||
| 8 | |||
| 9 | * A single ISO that allows me to provision a system against any configured hostgroup on the Satellite. |
||
| 10 | * The ISO would not require me to pre-create a host in Satellite. |
||
| 11 | * The ISO would allow me to provide a user provided IP address or use DHCP to find the Satellite server. |
||
| 12 | * The ISO will be generated on the Satellite |
||
| 13 | * The ISO will provide a means to provision via a Capsule |
||
| 14 | * The functionality to generate the ISO will be exposed via the API, UI & CLI. |
||
| 15 | * Functionality to provide a local IP and VLAN to the target host |
||
| 16 | |||
| 17 | h2. Approaches |
||
| 18 | |||
| 19 | h3. Bootdisk |
||
| 20 | |||
| 21 | 5 | Stephen Benjamin | In the bootdisk approach, the Generic bootdisk provides a menu like below. |
| 22 | 1 | Stephen Benjamin | |
| 23 | 5 | Stephen Benjamin | When the user first boots, they have the option for configuring DHCP or manually entering network configuration. |
| 24 | |||
| 25 | 1 | Stephen Benjamin | !bootdisk.png! |
| 26 | |||
| 27 | 5 | Stephen Benjamin | Manual network configuration: |
| 28 | |||
| 29 | !network.png! |
||
| 30 | |||
| 31 | After configuring network, you can select from the main menu: |
||
| 32 | |||
| 33 | * Existing host record (traditional generic bootdisk) |
||
| 34 | 6 | Stephen Benjamin | * New host from host group |
| 35 | 2 | Stephen Benjamin | * The provisioning URL can be customized, for example, if DNS is not available and you need to use an IP |
| 36 | |||
| 37 | 5 | Stephen Benjamin | !main.png! |
| 38 | 1 | Stephen Benjamin | |
| 39 | 5 | Stephen Benjamin | If creating a new host, iPXE chain loads the host group menu off of the Foreman server. |
| 40 | |||
| 41 | 2 | Stephen Benjamin | *Workflow* |
| 42 | |||
| 43 | They are prompted for a host name: |
||
| 44 | |||
| 45 | 5 | Stephen Benjamin | !hostname.png! |
| 46 | 2 | Stephen Benjamin | |
| 47 | 1 | Stephen Benjamin | And then hostgroup, and (if enabled) organization, and location: |
| 48 | 2 | Stephen Benjamin | |
| 49 | !hostgroup.png! |
||
| 50 | |||
| 51 | !org_select.png! |
||
| 52 | |||
| 53 | !loc_select.png! |
||
| 54 | 1 | Stephen Benjamin | |
| 55 | 5 | Stephen Benjamin | Finally the user confirms the selections and: |
| 56 | 2 | Stephen Benjamin | |
| 57 | 7 | Stephen Benjamin | * iPXE sends the options to Foreman |
| 58 | 2 | Stephen Benjamin | * Foreman creates the new Host, and runs orchestration |
| 59 | * Server boots vmlinuz/initrd |
||
| 60 | * Loads kickstart |
||
| 61 | * Provisions as normal |
||
| 62 | 5 | Stephen Benjamin | |
| 63 | !boot.png! |
||
| 64 | 2 | Stephen Benjamin | |
| 65 | 3 | Stephen Benjamin | |
| 66 | 2 | Stephen Benjamin | *This is ridiculously insecure, because we're running orchestration with access to services like DNS, Realm, Puppet, etc* |
| 67 | |||
| 68 | Options: |
||
| 69 | |||
| 70 | 3 | Stephen Benjamin | * Have bootdisk ask for login |
| 71 | ** Only supports HTTP (plaintext) |
||
| 72 | 4 | Stephen Benjamin | ** Foreman if SSL is enabled does not allow HTTP login |
| 73 | 1 | Stephen Benjamin | ** Discovery, in its full RHEL environment, could do this |
| 74 | 4 | Stephen Benjamin | * Tokens |
| 75 | 2 | Stephen Benjamin | ** Have a bootdisk wizard that lets a user generate a bootdisk image with embedded tokens, that give access only to specific host groups/orgs/locations |
| 76 | |||
| 77 | |||
| 78 | 1 | Stephen Benjamin | |
| 79 | h3. Discovery |
||
| 80 | 8 | Lukas Zapletal | |
| 81 | 9 | Lukas Zapletal | The idea is to introduce TUI allowing users to do standard provisioning (register in Foreman using a hostgroup first, called "managed") or standalone (just select a kickstart without creating a host). Prototype is implemented as a ruby service using newt bindings, the service awaits 10 seconds before initiating discovery (key press cancels). |
| 82 | |||
| 83 | 8 | Lukas Zapletal | !Screenshot1.png! |
| 84 | |||
| 85 | 9 | Lukas Zapletal | New status screen was crafted where users can investigate current status, reboot or even enable ssh daemon setting and unlocking root account. |
| 86 | |||
| 87 | 8 | Lukas Zapletal | !Screenshot2.png! |
| 88 | |||
| 89 | !Screenshot3.png! |
||
| 90 | |||
| 91 | !Screenshot4.png! |
||
| 92 | |||
| 93 | !Screenshot5.png! |
||
| 94 | |||
| 95 | !Screenshot6.png! |
||
| 96 | |||
| 97 | !Screenshot7.png! |
||
| 98 | |||
| 99 | 9 | Lukas Zapletal | Upon countdown cancellation, menu appears allowing to initiate provisioning or return to discovery process. |
| 100 | |||
| 101 | 8 | Lukas Zapletal | !Screenshot8.png! |
| 102 | |||
| 103 | 10 | Lukas Zapletal | By default DHCP is enabled for all interfaces, but users are able to enter net credentials manually (this screen was not prototyped). |
| 104 | |||
| 105 | 8 | Lukas Zapletal | !Screenshot9.png! |
| 106 | |||
| 107 | 10 | Lukas Zapletal | Selection of the process: Managed - pre-register host, Unmanaged - just select kickstart and go. |
| 108 | |||
| 109 | 8 | Lukas Zapletal | !Screenshot10.png! |
| 110 | 9 | Lukas Zapletal | |
| 111 | 10 | Lukas Zapletal | If Managed was selected, foreman url, type and credentials must be entered, host name and host group must be entered on the next screen and then the system is rebooted (via kexec) into Anaconda. |
| 112 | |||
| 113 | 9 | Lukas Zapletal | !Screenshot11.png! |
| 114 | |||
| 115 | !Screenshot12.png! |
||
| 116 | 10 | Lukas Zapletal | |
| 117 | When Unmanaged was selected, user only needs to enter foreman url and type and on the next screen select kickstart to use. Then the host is rebooted into Anaconda. The list of kickstarts would be handed over via new "Discovery Unmanaged" template (JSON). |
||
| 118 | 9 | Lukas Zapletal | |
| 119 | !Screenshot13.png! |
||
| 120 | |||
| 121 | !Screenshot14.png! |