Comments (4)
one proposition i can do here:
After kick start let your vm's do service registration to something like consul
and send tags what function they would expect to be
you can then use ansible kv lookup to set vars based on that.
It's super powerfull and allows you to do geolocations and all
and you can do your IPAM in there if you want :-)
from infrastructure.
Adding context from Slack - there was discussion on having this generate based on information stored in DCIM.
from infrastructure.
Currently when FreeIPA domain controllers are built, the zones are populated with the domain controller issues, including reverse DNS entries. However, there are two problems with the clients:
Their DNS servers in /etc/resolv.conf need to point at the domain controllers in their DC
- This requires a change, potentially to
role-rocky-ipa-client.yml
to assert if the DNS resolver is correct and if not, change it- This change will also require a way to determine, based on subnet, what zone it's in to correct the above if needed
If we encode zone in a subdomain, can we use this instead of calculating subnet? I suppose calculating subnet is OK as we will also have a consistent ip addr plan. I will mull this over. It could actually be computationally faster to determine the right ipa to go to based on the inverse wildcard mask of the subnet. Holy shit.
Like.
I can (I think) write an ansible/jinja python thing that given an ip and mask returns the ipa server for that region, given our ip address plan. Without any other info except the planned ip addresses of the ipa servers.
Kickstarts of systems can also configure the systems to be static addressed to put in another "check"
Clients do not receive PTR records
- A post_task should be added after the initial install to turn on automatic PTR records
- Other domains created (reverse) should also have automatic PTR records
from infrastructure.
If we encode zone in a subdomain, can we use this instead of calculating subnet? I suppose calculating subnet is OK as we will also have a consistent ip addr plan. I will mull this over. It could actually be computationally faster to determine the right ipa to go to based on the inverse wildcard mask of the subnet. Holy shit.
Like.
I can (I think) write an ansible/jinja python thing that given an ip and mask returns the ipa server for that region, given our ip address plan. Without any other info except the planned ip addresses of the ipa servers.
Right yeah, I was wanting to actually to do something like that. Where, we calculate on the subnet that has a predetermined list of IPA replicas serving DNS, because they would be based on location regardless. Inevitably this will be part of the inventory vars too, where IPA servers will be grouped up based on location, that way their /etc/resolv.conf
is checked and if required set to the right DNS values.
from infrastructure.
Related Issues (20)
- Ansible - Chrony Playbook rockylinux.com rather then rockylinux.org is bothering me HOT 1
- [Enhancement] Extra Architectures HOT 1
- Test issue, please ignore
- [Builds] PowerTools likely required for builds and ansible host HOT 4
- Wiki Section for Development(?) HOT 4
- Log aggregation/archive tools HOT 4
- Thiniking about contribution HOT 1
- Setting contribution guidelines for repository contributors HOT 2
- Issue and PR templates
- Ensure DNF metadata is signed HOT 12
- [future ideas] Terraform -> Cloud init architecture & pass off to ansible HOT 6
- [Bug Tracker] Enable SSO on Mantis Bug Tracker HOT 1
- [logic] why ? HOT 1
- https://wiki.rockylinux.org/Infrastructure is not found HOT 1
- where is /var/srpmproc/srpmproc_wrapper HOT 1
- [Enhancement] Ansible Playbooks - Network Time Protocol Client/Server HOT 3
- [Enhancement] Ansible Playbooks - Koji, GitLab EE, Pagure HOT 15
- Document configuration & everything for openproject/netbox/wiki server. HOT 2
- Monitoring the Infrastruture. HOT 1
- Ansible - Chrony Playbook variable precedence issues
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from infrastructure.