From 7ba682eefcfa5dbf516e9ca372f34d7a57fc5533 Mon Sep 17 00:00:00 2001 From: Steven Hardy Date: Wed, 28 Jul 2021 13:04:26 +0100 Subject: [PATCH 1/2] baremetal: Ensure ipv6 bootstrap VM client-id is predictable In #4052 we added interfaces to control the MAC addresses for the NICs in the bootstrap VM, so that in environments where DHCP pools are not allowed, a static reservation can be made. Unfortunately that doesn't work in ipv6 environments currently, because NetworkManager needs a specific configuration similar to that applied via the MCO[1] for cluster hosts to ensure the generated client-ID is derived from the MAC and predictable. [1] https://github.com/openshift/machine-config-operator/blob/master/templates/common/on-prem/files/NetworkManager-onprem.conf.yaml --- .../files/etc/NetworkManager/conf.d/99-baremetal.conf | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 data/data/bootstrap/baremetal/files/etc/NetworkManager/conf.d/99-baremetal.conf diff --git a/data/data/bootstrap/baremetal/files/etc/NetworkManager/conf.d/99-baremetal.conf b/data/data/bootstrap/baremetal/files/etc/NetworkManager/conf.d/99-baremetal.conf new file mode 100644 index 00000000000..b43e4a80cff --- /dev/null +++ b/data/data/bootstrap/baremetal/files/etc/NetworkManager/conf.d/99-baremetal.conf @@ -0,0 +1,3 @@ +[connection] +ipv6.dhcp-duid=ll +ipv6.dhcp-iaid=mac From b6830dc15a56e8a3b2b574c6e63b2dd341fc5010 Mon Sep 17 00:00:00 2001 From: Steven Hardy Date: Wed, 28 Jul 2021 13:42:59 +0100 Subject: [PATCH 2/2] baremetal: clarify docs for MACAddress options These control the MAC for the bootstrap VM NICs, not the bridges on the host where the VM is running. --- docs/user/metal/customization_ipi.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/user/metal/customization_ipi.md b/docs/user/metal/customization_ipi.md index 4882e310d76..fe7abecf6b5 100644 --- a/docs/user/metal/customization_ipi.md +++ b/docs/user/metal/customization_ipi.md @@ -10,9 +10,9 @@ `clusterProvisioningIP` | The third address on the provisioning network. `172.22.0.3` | The IP within the cluster where the provisioning services run. | `bootstrapProvisioningIP` | The second address on the provisioning network. `172.22.0.2` | The IP on the bootstrap VM where the provisioning services run while the control plane is being deployed. | `externalBridge` | `baremetal` | The name of the bridge of the hypervisor attached to the external network. | -`externalMACAddress` | `` | A MAC address to use for the external bridge. This is optional and if blank is generated by libvirt. | +`externalMACAddress` | `` | A MAC address to use for the external NIC on the bootstrap VM. This is optional and if blank is generated by libvirt. | `provisioningBridge` | `provisioning` | The name of the bridge on the hypervisor attached to the provisioning network. | -`provisioningMACAddress` | `` | A MAC address to use for the provisioning bridge. This is optional and if blank is generated by libvirt. | +`provisioningMACAddress` | `` | A MAC address to use for the provisioning NIC on the bootstrap VM. This is optional and if blank is generated by libvirt. | `provisioningNetworkCIDR` | `172.22.0.0/24` | The CIDR for the network to use for provisioning. | `provisioningDHCPExternal` | `false` | Flag indicating that DHCP for the provisioning network is managed outside of the cluster by existing infrastructure services. | `provisioningDHCPRange` | The tenth through the second last IP on the provisioning network. `172.22.0.10,172.22.0.254` | The IP range to use for hosts on the provisioning network. |