Project

General

Profile

Bootdisk » History » Version 4

Stephen Benjamin, 04/08/2015 09:33 AM

1 1 Stephen Benjamin
h1. Bootdisk
2
3
h2. Requirements
4
5
https://trello.com/c/to0NYlGk/7-using-discovery-without-dhcp-2
6
7
I would like a boot disk option that provides the following:
8
9
* A single ISO that allows me to provision a system against any configured hostgroup on the Satellite.
10
* The ISO would not require me to pre-create a host in Satellite.
11
* The ISO would allow me to provide a user provided IP address or use DHCP to find the Satellite server.
12
* The ISO will be generated on the Satellite
13
* The ISO will provide a means to provision via a Capsule
14
* The functionality to generate the ISO will be exposed via the API, UI & CLI.
15
* Functionality to provide a local IP and VLAN to the target host
16
17
h2. Approaches
18
19
h3. Bootdisk
20
21 2 Stephen Benjamin
In the bootdisk approach, the Generic bootdisk would be modified to provide a menu like the one shown below:
22
23
!bootdisk.png!
24
25
*Notes*:
26
* If the user does not have DHCP, they may configure networking manually.
27
* The provisioning URL can be customized, for example, if DNS is not available and you need to use an IP
28
* If the user wants to build an existing host, they can boot from the existing record
29
* Otherwise they can create an entirely new host
30
31
If creating a new host, iPXE chainloads off of the Foreman server.
32
33
*Workflow*
34
35
They are prompted for a host name:
36
37
!new_host.png!
38
39
And then hostgroup, and (if enabled) organization, and location:
40
41
!hostgroup.png!
42
43
!org_select.png!
44
45
!loc_select.png!
46
47
Finally:
48
49
* iPXE Boots off Foreman
50
* Foreman creates the new Host, and runs orchestration
51
* Server boots vmlinuz/initrd
52
* Loads kickstart
53
* Provisions as normal
54
55
56 3 Stephen Benjamin
*This is ridiculously insecure, because we're running orchestration with access to services like DNS, Realm, Puppet, etc*  
57 2 Stephen Benjamin
58
Options:
59
60
* Have bootdisk ask for login
61 3 Stephen Benjamin
** Only supports HTTP (plaintext)
62
** Foreman if SSL is enabled does not allow HTTP login
63 4 Stephen Benjamin
** Discovery, in its full RHEL environment, could do this
64 1 Stephen Benjamin
* Tokens
65 4 Stephen Benjamin
** Have a bootdisk wizard that lets a user generate a bootdisk image with embedded tokens, that give access only to specific host groups/orgs/locations
66 2 Stephen Benjamin
67
68
69 1 Stephen Benjamin
h3. Discovery