Description of problem: I am working with the Massachusetts Open Cloud project at Boston University to prototype an OpenShift baremetal + CNV cluster. The openshift-baremetal-installer spawns a bootstrap vm on the provisioning host to manage the install process. The bootstrap vm has a randomly generated MAC address and there is no provision for passing in a static address configuration via the install configuration. This leads to the following problems: - Our initial deployment was on a network with no dynamic address pool (all hosts must have static reservations). Since the bootstrap vm uses a generated MAC address, it's not possible to create a static reservation. We attempted to work around this issue by passing in a static address configuration using Ignition, but the design of the coreos image means that if it is unable to configure an address via DHCP it will fail to boot before it has a chance to apply the ignition profile. Our workaround was to create a small dynamic address pool explicitly for use by the bootstrap vm, but this may not be a viable solution in all environments. - The environment requires specific firewall exceptions for access to the IPMI network. With a dynamic address pool on the baremetal network, we cannot create the necessary firewall exception because there's no way to predict the address that will be assigned to the bootstrap vm. Ideally, there would be a way to provide a static address configuration for the bootstrap vm via install_config.yaml. Version-Release number of selected component (if applicable): OpenShift 4.4 and 4.5
Verified with registry.svc.ci.openshift.org/ocp/release:4.7.0-0.nightly-2020-11-22-123106.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633