Sure. That definitely makes sense. It does seem logical to me that foreman would manage DHCP/DNS on a proxy if it's installed, but I also understand why this isn't the case.
Is the rule of thumb just to... not run foreman-install if you can avoid it? On Mon, Oct 3, 2016 at 5:23 PM Greg Sutcliffe <[email protected]> wrote: > It is intended yes. Broadly speaking, there are two use cases: > > 1) A brand new user, with no Foreman installed yet, wants to manage a > basic setup (single network) with DHCP and DNS. > > 2) Ana existing user wants to add the Subnets and Domains to his proxy > from Foreman via a configuration management tool. > > The issue is that the foreman-installer is only set up for case (1) - it > uses our puppet-dhcp and puppet-dns modules underneath, but the abstraction > in foreman-installer is quite basic, and really only works for a single > network. Further, foreman-installer stores it's answers in a cache file, > and doesn't reference Foreman for data (because for 95% of it's work, there > *is* no Foreman instance to query). > > What you want sounds like (2) to me - that is, you wish to deploy Subnets > and Domains from Foreman to your proxies. However, we'reinto new territory > now - Foreman's general rule of thumb is that it doesn't modify configs if > it can avoid it, as that's the job of config management. > > The usually recommended solution is to use the puppet-dhcp and puppet-dns > modules directly on your proxies, passing in the appropriate data. This > could be statically entered or generated using ERB in the class parameters > (presumably you'd want some subnet of Subnet.all and Domain.all). Once > properly configured, you'd have the proxies deploying new subnets and > domains direct from the Foreman UI data. > > I appreciate that's probably more work than you were looking for, but > there's no way around it (and you're far from the first to stumble over > this). The foreman-installer isn't designed for complex networks, it's for > bootstrapping a basic Foreman setup with all the working features (even if > some are off by default). > > Hope that helps! > Greg > > -- > You received this message because you are subscribed to the Google Groups > "Foreman users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/foreman-users. > For more options, visit https://groups.google.com/d/optout. > -- KAYAK Neil Hanlon Devops Engineer +1 978 902 8171 -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
