Bootdisk » History » Revision 8
Revision 7 (Stephen Benjamin, 04/14/2015 03:09 PM) → Revision 8/10 (Lukas Zapletal, 04/21/2015 12:23 PM)
h1. Bootdisk
h2. Requirements
https://trello.com/c/to0NYlGk/7-using-discovery-without-dhcp-2
I would like a boot disk option that provides the following:
* A single ISO that allows me to provision a system against any configured hostgroup on the Satellite.
* The ISO would not require me to pre-create a host in Satellite.
* The ISO would allow me to provide a user provided IP address or use DHCP to find the Satellite server.
* The ISO will be generated on the Satellite
* The ISO will provide a means to provision via a Capsule
* The functionality to generate the ISO will be exposed via the API, UI & CLI.
* Functionality to provide a local IP and VLAN to the target host
h2. Approaches
h3. Bootdisk
In the bootdisk approach, the Generic bootdisk provides a menu like below.
When the user first boots, they have the option for configuring DHCP or manually entering network configuration.
!bootdisk.png!
Manual network configuration:
!network.png!
After configuring network, you can select from the main menu:
* Existing host record (traditional generic bootdisk)
* New host from host group
* The provisioning URL can be customized, for example, if DNS is not available and you need to use an IP
!main.png!
If creating a new host, iPXE chain loads the host group menu off of the Foreman server.
*Workflow*
They are prompted for a host name:
!hostname.png!
And then hostgroup, and (if enabled) organization, and location:
!hostgroup.png!
!org_select.png!
!loc_select.png!
Finally the user confirms the selections and:
* iPXE sends the options to Foreman
* Foreman creates the new Host, and runs orchestration
* Server boots vmlinuz/initrd
* Loads kickstart
* Provisions as normal
!boot.png!
*This is ridiculously insecure, because we're running orchestration with access to services like DNS, Realm, Puppet, etc*
Options:
* Have bootdisk ask for login
** Only supports HTTP (plaintext)
** Foreman if SSL is enabled does not allow HTTP login
** Discovery, in its full RHEL environment, could do this
* Tokens
** Have a bootdisk wizard that lets a user generate a bootdisk image with embedded tokens, that give access only to specific host groups/orgs/locations
h3. Discovery
!Screenshot1.png!
!Screenshot2.png!
!Screenshot3.png!
!Screenshot4.png!
!Screenshot5.png!
!Screenshot6.png!
!Screenshot7.png!
!Screenshot8.png!
!Screenshot9.png!
!Screenshot10.png!