Page MenuHomePhabricator

Build an API for generating boot options for iPXE from Netbox et al. based on Serial Number
Open, NormalPublic

Description

  • Build a simple API that given the asset tag (Serial Number in Netbox terminology) of the host returns the boot options
  • lookup the host on Netbox via the Serial Number and generate its FQDN
  • query the DNS for the network config based on FQDN
  • if the hostname is present in a short-lived cache generated by the reimage script, return the iPXE commands, including hostname, network config, and URL of the OS, allowing to override the default OS based on the parameters in the cache.
  • also return the local disk boot option by default (this will become a menu in the future)
  • Hosts will reimain configured to boot from local disk by default for now, the reimage script will continue to force PXE. With the added benefit that if a host remains with the force PXE it will not go into d-i on reboot.

Event Timeline

crusnov created this task.Apr 2 2019, 5:51 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 2 2019, 5:51 PM
crusnov updated the task description. (Show Details)Apr 2 2019, 5:56 PM
crusnov renamed this task from Build an API for generating boot options for iPXE from Netbox et al. based on asset tag to Build an API for generating boot options for iPXE from Netbox et al. based on Serial Number.Apr 2 2019, 6:02 PM
crusnov updated the task description. (Show Details)
crusnov updated the task description. (Show Details)
crusnov triaged this task as Normal priority.Apr 2 2019, 6:06 PM
crusnov updated the task description. (Show Details)

I suppose the conversation we need is:

  • Where will this live?
  • What information will be sent, exactly?
  • Where will the information be stored?
    • Netbox?
    • Puppet?

I suppose the conversation we need is:

  • Where will this live?

The install servers seems a good option IMHO

  • What information will be sent, exactly?

See iPXE documentation, the API will be called like https://ipxe.org/scripting#dynamic_scripts and it should return the boot options for the appropriate d-i image, see also https://ipxe.org/scripting

  • Where will the information be stored?
    • Netbox?
    • Puppet?

Which information are you referring to?
This API should need a storage, just a short-lived in memory cache and it should be writable by the cumin hosts (e.g. the reimage cookbook). It will connect to Netbox in RO mode and gather the FQDN of the host from the Serial Number and then resolve it's addresses via DNS.

I suppose the conversation we need is:

  • Where will this live?

The install servers seems a good option IMHO

  • What information will be sent, exactly?

See iPXE documentation, the API will be called like https://ipxe.org/scripting#dynamic_scripts and it should return the boot options for the appropriate d-i image, see also https://ipxe.org/scripting

  • Where will the information be stored?
    • Netbox?
    • Puppet?

Which information are you referring to?
This API should need a storage, just a short-lived in memory cache and it should be writable by the cumin hosts (e.g. the reimage cookbook). It will connect to Netbox in RO mode and gather the FQDN of the host from the Serial Number and then resolve it's addresses via DNS.

Okay after reading the iPXE script page, let me see if I've got this right:

  1. spicerack/cumin calls an end-point, say PUT https://<deployment>/ipxe/<serial> with DH URL and parameters
  2. DNSv6 returns a URL to iPXE with the value of something like https://<deploy>/ipxe/${serial}
  3. iPXE calls that URL, which returns a #!ipxe script, containing a chain url, and passing the parameters specified in step 1.
  1. spicerack/cumin calls an end-point, say PUT https://<deployment>/ipxe/<serial> with DH URL and parameters

No, spicerack will call an endpoint with the FQDN of the host, not the serial and optionally the OS to use if different from the current default (stretch, buster).

  1. DNSv6 returns a URL to iPXE with the value of something like https://<deploy>/ipxe/${serial}

DHCPv6 will set the DNS and Boot File URL Option, that will point to a custom built image of iPXE that is setup to call an API with the $serial.

  1. iPXE calls that URL, which returns a #!ipxe script, containing a chain url, and passing the parameters specified in step 1.

iPXE will boot, gather the serial and call the API with the $serial and the API will reply the body of the iPXE script with the options to boot from the correct d-i and any eventual additional setting.

Okay the only question that seems open in my mind is how does the service map serial to fqdn?

crusnov claimed this task.Apr 10 2019, 3:31 PM
crusnov added a project: User-crusnov.
crusnov moved this task from Backlog to In Progress on the User-crusnov board.

Okay the only question that seems open in my mind is how does the service map serial to fqdn?

Querying netbox for the serial, getting the FQDN and checking it that is present in the short-lived cache.

crusnov moved this task from In Progress to Backlog on the User-crusnov board.Apr 17 2019, 3:50 PM