Document URL: https://dxp-docp-prod.apps.ext-waf.spoke.prod.us-west-2.aws.paas.redhat.com/documentation/en-us/red_hat_satellite/6.13/html-single/provisioning_hosts/index?lb_target=preview# Section Number and Name: Chapter 5. Configuring iPXE to Reduce Provisioning Times 4th point in last Procedure section , just above "5.1. Booting Virtual Machines" Describe the issue: We mention this: ~~ Optionally, configure Foreman discovery. For more information, see Chapter 7, Configuring the Discovery Service. * In the Satellite web UI, navigate to Administer > Settings, and click the Provisioning tab. * Locate the Default PXE global template entry row and in the Value column, change the value to discovery. ~~ That link takes us to https://dxp-docp-prod.apps.ext-waf.spoke.prod.us-west-2.aws.paas.redhat.com/documentation/en-us/red_hat_satellite/6.13/html-single/provisioning_hosts/index?lb_target=preview#Configuring_the_Discovery_Service_provisioning and in has no relevant details about iPXE with Discovery at all. Let's say we have completed the other prerequisites and also tested the "5.1. Booting Virtual Machines" successfully, The Discovery via iPXE itself will fail when attempting and selecting the Discovery option from iPXE global menu. as port 8000 has no services running but iPXE\Httpboot will try to use that with httpboot endpoint to fetch fdi-image vmlinuz file. Suggestions for improvement: * First, Please decide if we will be fully supporting the Foreman DIscovery over iPXE for BIOS-based systems. * If yes, Then we need to ensure that we have proper steps documented about it. Additional information: Consider fixing 6.12 and 6.11 as well
Some notes: A) We can get the discovery successfully completed, by additionally running "satellite-installer --foreman-proxy-http true" on the satellite and opening port 8000 in firewall. B) While point A sorts the issue with Discovery itself, Once the host is discovered, I can't create the host from Satellite UI due to this Nasty BUG https://bugzilla.redhat.com/show_bug.cgi?id=2069324#c4 which we haven't fixed ( I don't know why ) C) So I use hammer command and now I can create a host profile from Discovered hosts and Submit it for build i.e. hammer discovery provision --name mac525400fea371 --hostgroup-id 1 --organization-id 1 --location-id 2 --new-name rhel79 --subnet-id 1 --pxe-loader 'iPXE Embedded' --build true And that continues to build the host via iPXE approach.
One more thing I discovered as a part of the same testing. After enabling the http feature in Comment 1, Everything works fine when the deployment is happening via Satellite. But When we try to discover the system ( using iPXE ) within a Capsules network, It will fail at the very first Network Boot. Reason: Capsule's IP is not in the list of trusted_proxies of Satellite\Foreman Solution: ON satellite add the IP of the capsule ( 192.168.124.3/24 ) as a trusted proxy along with the other localhost entries. satellite-installer --foreman-trusted-proxies 127.0.0.1/8 --foreman-trusted-proxies ::1 --foreman-trusted-proxies 192.168.124.3/24 The discovery still fails at some later stage but for now, These much are good enough
(In reply to Sayan Das from comment #2) > One more thing I discovered as a part of the same testing. > > After enabling the http feature in Comment 1, Everything works fine when the > deployment is happening via Satellite. > > But When we try to discover the system ( using iPXE ) within a Capsules > network, It will fail at the very first Network Boot. > > > Reason: Capsule's IP is not in the list of trusted_proxies of > Satellite\Foreman > > Solution: ON satellite add the IP of the capsule ( 192.168.124.3/24 ) as a > trusted proxy along with the other localhost entries. > > satellite-installer --foreman-trusted-proxies 127.0.0.1/8 > --foreman-trusted-proxies ::1 --foreman-trusted-proxies 192.168.124.3/24 > > The discovery still fails at some later stage but for now, These much are > good enough FYI https://bugzilla.redhat.com/show_bug.cgi?id=2171295