Bug 1837556 - Unable to set ping_free_ip false settings on Satellite server.
Summary: Unable to set ping_free_ip false settings on Satellite server.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Installer
Version: 6.7.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium vote
Target Milestone: 6.10.0
Assignee: Ewoud Kohl van Wijngaarden
QA Contact: Devendra Singh
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-05-19 16:13 UTC by Varatharaja Perumal G
Modified: 2022-07-19 11:19 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-11-16 14:09:12 UTC
Target Upstream Version:
desingh: needinfo-


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 31415 0 Normal Closed Unable to set ping_free_ip in Foreman Proxy's dhcp.yml 2021-01-08 20:26:19 UTC
Red Hat Product Errata RHSA-2021:4702 0 None None None 2021-11-16 14:09:31 UTC

Description Varatharaja Perumal G 2020-05-19 16:13:24 UTC
Description of problem:

As per BZ (https://bugzilla.redhat.com/show_bug.cgi?id=1744528), we have an option to disable ping_free_ip for DHCP service but we dont have a Custom hiera or Satellite installer option to configure the settings permanently.


Version-Release number of selected component (if applicable):

Red Hat Satellite 6.7

How reproducible:


Steps to Reproduce:

1. create an isolated network managed by a separate capsule with DHCP enabled, with a very small DHCP range (e.g. a pool of 5 addresses) 
2. connect a client to the network and manually assign an address (which is not leased out by the DHCP server, of course) from the DHCP range to it
3. run a manual creation of a new host on the Satellite, assign the host to the isolated network, and click the "Suggest new" link a few times.

With ping_free_ip: true
Satellite will suggest addresses not leased out by the DHCP server, and WILL NOT suggest the address manually assigned in the step 2, because it has been pinged and determined as taken in the real-time. 

With ping_free_ip: false
Satellite will suggest addresses not leased out by the DHCP server, and WILL suggest the address manually assigned in the step 2, because the DHCP db is its only source of info, and no checking pings are made.


Actual results:

When running Satellite-installer dhcp.yml file ping_free_ip settings is removed.

Expected results:

We should have ping_free_ip settings with customer hiera or Satellite installer options.

Additional info:

Comment 1 Ewoud Kohl van Wijngaarden 2020-11-30 16:37:22 UTC
Created redmine issue https://projects.theforeman.org/issues/31415 from this bug

Comment 2 Bryan Kearney 2020-11-30 20:01:32 UTC
Upstream bug assigned to ekohlvan@redhat.com

Comment 3 Bryan Kearney 2020-11-30 20:01:34 UTC
Upstream bug assigned to ekohlvan@redhat.com

Comment 4 Bryan Kearney 2020-12-03 16:01:30 UTC
Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/31415 has been resolved.

Comment 8 Devendra Singh 2021-06-15 05:02:58 UTC
Verified on 6.10 Snap4

Verification points:

1- New option added for configuring the ping-free-ip in installer.

# satellite-installer --help
......
--foreman-proxy-dhcp-ping-free-ip  Perform ICMP and TCP ping when searching free IPs from the pool. This makes
                                  sure that active IP address is not suggested as free, however in locked down
                                  network environments this can cause no free IPs. (current: true)

2- By default value of ping-free-ip is true

3- Changed the value using satellite-installer from default to 'false' and it changed successfully.

# satellite-installer --foreman-proxy-dhcp-ping-free-ip false
2021-06-14 08:10:13 [NOTICE] [root] Loading installer configuration. This will take some time.
2021-06-14 08:10:19 [NOTICE] [root] Running installer with log based terminal output at level NOTICE.
...............
Candlepin orphaned consumers: []
  Success!

4- Checked the updated option in satellite-helper and found value changed.

# satellite-installer --help
........
--foreman-proxy-dhcp-ping-free-ip  Perform ICMP and TCP ping when searching free IPs from the pool. This makes
                                  sure that active IP address is not suggested as free, however in locked down
                                  network environments this can cause no free IPs. (current: false)

5- checked the value of ping_free_ip in /etc/foreman-proxy/settings.d/dhcp.yml and it is correct.
# less /etc/foreman-proxy/settings.d/dhcp.yml|grep ping_free
:ping_free_ip: false

6- Restored the changes using satellite-installer and checked the changes in installer helper.

# satellite-installer --foreman-proxy-dhcp-ping-free-ip true
2021-06-14 08:53:00 [NOTICE] [root] Loading installer configuration. This will take some time.
2021-06-14 08:53:05 [NOTICE] [root] Running installer with log based terminal output at level NOTICE
.....................
.....................
Candlepin orphaned consumers: []
  Success!

# satellite-installer --help

    --foreman-proxy-dhcp-ping-free-ip  Perform ICMP and TCP ping when searching free IPs from the pool. This makes
                                  sure that active IP address is not suggested as free, however in locked down
                                  network environments this can cause no free IPs. (current: true)

7- checked the restored value of ping_free_ip in /etc/foreman-proxy/settings.d/dhcp.yml and it is correct.

# less /etc/foreman-proxy/settings.d/dhcp.yml|grep ping_free
:ping_free_ip: true

Comment 11 errata-xmlrpc 2021-11-16 14:09:12 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Satellite 6.10 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:4702


Note You need to log in before you can comment on or make changes to this bug.