During an staypuft deployment, if an system has interfaces other than the provisioning interface using DHCP, *and* the system receives information about dns servers via one of those interfaces, that can overwrite /etc/resolv.conf and cause the deployed host to be unable to resolve the name of the foreman host.
To resolve this, the installer should set PEERDNS=no for all interfaces other than the provisioning interface.
This may be a "testing only" problem -- in theory, in a
Real Environment(tm), the foreman server hostname should
be resolvable by any valid dns server...
Happened to me too:
used this layout:
This causes the deployment to fail, because the host is unable to reach the puppet server (doesn't query the right DNS server).
Change proposed in:
Testing it locally right now.
This issue is trickier than we anticipated. Quoting myself from IRC:
larsks | In the kickstart, we set PEERDNS=no on all the physical interfaces.
larsks | Then for some configurations we add a physical interface to br-ex.
larsks | We do not set PEERDNS=no on br-ex.
* | hewbrocca facepalm
larsks | If you are using dhcp on br-ex, BOOM, there goes resolv.conf.
So this issue still needs some thought and possibly some documentation.
(a) Document "do not use dhcp on external network interfaces"
(b) migrate more of slave device network configuration onto br-ex, including PEERDNS, and things like PEERROUTES, DEFROUTE, etc.
(c) Document workaround for deployer to add to kickstart template.
Spoke with Andy Cathrow and this appears to be a blocker.
patch 15 should address this
patch 15 is broken on static IP cases
patch 16 is now available
Running "grep PEERDNS /etc/sysconfig/network-scripts/ifcfg-*" on all openstack hosts, I see that this line is set for all the interfaces except the one used to communicate directly with the staypuft itself, which sets the DNS to the staypuft itself - the correct DNS.
*** Bug 1126101 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.