I specified "ntp=**.***.***.**" on the PXE boot but the node still tries external ntp servers that are not reachable through our firewall. Aug 8 12:36:30 DMZ **.***.***.**:123 5.39.184.5:123 UDP block Aug 8 12:36:29 DMZ **.***.***.**:123 146.185.130.223:123 UDP block It should connect to the firewall ip I tell it to connect to.
Sorry, forgot to add "enforcing=0" to the pxe boot config. So it appears to be an selinux error.. The NTP service during install still fails, but after reboot it's fine. I don't know how this impacts the certificate generation at install though.
Fixed with 8e48be35e70d41027d60d93e569e9bbcbfd829bf