cloud-noc-os01: pxeboot on internal networks and open firewall for dhcp and tftp

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2021-06-25 11:55:13 -07:00 · 2021-06-25 11:55:13 -07:00 · 96edb013e4
commit 96edb013e4
parent a9d119a917
2 changed files with 15 additions and 0 deletions
--- a/inventory/host_vars/cloud-noc-os01.rdu-cc.fedoraproject.org
+++ b/inventory/host_vars/cloud-noc-os01.rdu-cc.fedoraproject.org
@ -14,6 +14,9 @@ dns2: 8.8.4.4
 ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-8-ext
 ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL8-x86_64/

+tcp_ports: ['67', '68']
+udp_ports: ['67','68','69']
+
 vpn: true
 has_ipv4: yes
 eth0_ipv4: 8.43.85.49
--- a/roles/dhcp_server/files/dhcpd.conf.cloud-noc-os01.rdu-cc.fedoraproject.org
+++ b/roles/dhcp_server/files/dhcpd.conf.cloud-noc-os01.rdu-cc.fedoraproject.org
@ -10,6 +10,12 @@ shared-network mgmt {
    	   allow bootp;
           authoritative;

+           class "pxeclients" {
+                 match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+                 next-server 172.23.1.3;
+                 filename "pxelinux/pxelinux.0";
+           }
+
    	   option routers 172.23.1.254;
 	   range 172.23.1.100 172.23.1.249;
 	   }
@ -18,6 +24,12 @@ shared-network mgmt {
    	   allow bootp;
           authoritative;

+           class "pxeclients" {
+                 match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+                 next-server 172.23.5.3;
+                 filename "pxelinux/pxelinux.0";
+           }
+
    	   option routers 172.23.5.254;
 	   range 172.23.5.100 172.23.5.249;
 	   }