-
Notifications
You must be signed in to change notification settings - Fork 464
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
improved static networking configuration
The experience configuring static networking for Fedora CoreOS and Red hat CoreOS has been less than ideal. In this enhancement, we propose improvements to the way we configure static networking targeting bare metal and VMware installs.
- Loading branch information
Showing
1 changed file
with
104 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,104 @@ | ||
| --- | ||
| title: improved-static-networking-configuration | ||
| authors: | ||
| - "@miabbott" | ||
| reviewers: | ||
| approvers: | ||
| - "@ashcrow" | ||
| - "@cgwalters" | ||
| - "@crawford" | ||
| - "@imcleod" | ||
| - "@runcom" | ||
| creation-date: 2020-04-22 | ||
| last-updated: 2020-04-22 | ||
| status: provisional | ||
| see-also: https://github.com/openshift/enhancements/pull/210 | ||
| replaces: | ||
| superseded-by: | ||
| --- | ||
|
|
||
| # Improved Static Networking Configuration | ||
|
|
||
| ## Release Signoff Checklist | ||
|
|
||
| - [ ] Enhancement is `implementable` | ||
| - [ ] Design details are appropriately documented from clear requirements | ||
| - [ ] Test plan is defined | ||
| - [ ] Graduation criteria for dev preview, tech preview, GA | ||
| - [ ] User-facing documentation is created in [openshift-docs](https://github.com/openshift/openshift-docs/) | ||
|
|
||
| ## Summary | ||
| This enhancement describes improvements to how static networking is configured on Fedora CoreOS (FCOS) and RHEL CoreOS (RHCOS). It covers improving the configuration of static networking for bare metal and VMWare hosts. | ||
|
|
||
| ## Motivation | ||
| Many customer environments require static networking and do not allow any type of DHCP server. This is most prominent in VMware environments where they struggle with the OVA images and are resisting the bare metal installer (via ISO) approach. This is also a challenge in bare metal environments due to an unfriendly and time sensitive interactive flow (i.e. catching the `grub` prompt). Due to the intersections of Ignition, Platform ID, and active networking in the `initrd`, many of the current RHCOS images append `ip=dhcp,dhcp6` and catching the bootloader on the console is not a pleasant experience. (Even if a static `ip=::::` is passed it will fail as the platform ID will insert `ip=dhcp` and conflict) | ||
|
|
||
| This is basic networking configuration and users assume basic configurations like this are possible. As RHCOS requires a functional networking config early in the boot process, this eliminates many of the existing mechanisms customers use to handle the assigning of static networking configs. Most of the OpenShift personas we target are not aware of `dracut` arguments and it’s not a great experience to expect them to understand very low-level details of how the OS works. | ||
|
|
||
| ### Goals | ||
| - Provide a guided configuration of networking and Ignition source information | ||
| - Provide tooling to create customized ISOs that include unique Ignition configurations | ||
| - Provide support for a VMWare "backchannel" to provide network configuration and Ignition source information | ||
|
|
||
| ### Non-Goals | ||
| - Providing a fully automated solution for providing static network configuration to a fleet of machines | ||
|
|
||
| ## Proposal | ||
| For the bare metal use case, we are proposing the use of the new [live ISO](https://github.com/openshift/enhancements/pull/210) to provide an interactive environment where users can configure their networking parameters and have them persist to the real root. In this environment, users will be able to invoke a TUI that will allow them to configure networking and Ignition source. This information will be used as part of the install of the host and will persist into the real root. | ||
|
|
||
| Additionally, the new live ISO will provide the ability to embed the networking configuration via an Ignition config, resulting in a custom ISO that can be used to install to a host in an automated fashion. | ||
|
|
||
| For the VMware use case, the proposal is to the existing `guestinfo` method to provide the static networking configuration. | ||
|
|
||
| ### User Stories | ||
|
|
||
| #### Story 1 | ||
| A user wants to spin up a single FCOS node on bare metal using a static networking configuration. They boot the live ISO and are dropped into an interactive FCOS environment. They are able to use a tool to guide them to configure static networking for the host and provide a URL to the Ignition configuration. The user runs `coreos-installer` after the configuration is complete and the host boots into the newly installed OS with static networking configured and Ignition config applied. | ||
|
|
||
| ### Story 2 | ||
| A customer has a fleet of bare metal machines they want to provision with RHCOS and static networking, that will later be used for the installation of OpenShift Container Platform (OCP). They use some automation to generate unique Ignition configs that include the static networking configuration. Using similar automation, they use `coreos-installer iso embed` to embed the Ignition configs into unique ISOs per machine. These ISOs can then be attached to the baseboard machine controller (BMC) or lights out management (LOM) of the host, at which point the hosts can be booted and RHCOS will be automatically installed with the static networking configured and Ignition config applied. | ||
|
|
||
| ### Story 3 | ||
| A customer wants to deploy OCP onto VMware vSphere and use static networking for their hosts. For their specific environment, it is impractical for them to use the bare metal ISO install path. During the definition of the VM using the OVA image, the customer provides data to a `guestinfo` property that specifies the static networking configuration in the form of `dracut` kernel arguments. When the VM is booted, the values in the `guestinfo` property are applied before networking is brought online and the VM continues to boot normally. | ||
|
|
||
| ### Implementation Details/Notes/Constraints | ||
| This enhancement is being delivered across multiple projects and requires coordination among all of them. This requires changes to at least: | ||
| - `coreos-installer` | ||
| - `ignition-dracut` | ||
| - `coreos-assembler` | ||
| - `afterburn` | ||
|
|
||
| ### Risks and Mitigations | ||
| Landing the changes first in FCOS and then delivering them in RHCOS has been the model we've tried to ascribe to as much as possible. However, there are often challenges in enabling the changes in RHCOS due to differences in things like software versions and kernel support. | ||
|
|
||
| If these changes are unable to be made to RHCOS, we may need to consider shipping newer versions of certain pieces of software in RHCOS that is not available in RHEL. | ||
|
|
||
| The biggest risk to delivering the enhancement to RHCOS is the ability to generate and deliver the live ISO (see [#210](https://github.com/openshift/enhancements/pull/210)). | ||
|
|
||
| At the very worst, we would continue to ship the legacy `coreos-installer` and artifacts for RHCOS, which would not contain any of the enhancements outlined here. | ||
|
|
||
| ### Upgrades | ||
| These enhancements should only affect a subset of initial FCOS/RHCOS installs. The upgrade path should not be affected. | ||
|
|
||
| Any hosts that have been installed with static networking configured should be able to upgrade successfully and maintain their networking configuration. | ||
|
|
||
| ### Test Plan | ||
| - Boot FCOS/RHCOS live ISO and confirm user is dropped into a live environment | ||
| - Confirm the same with networking enabled/disabed | ||
| - Confirm there is a tool (TUI perhaps) that can be used to configure networking | ||
| - Confirm there is a message (motd?) that informs users about tool | ||
| - Confirm the OS can be installed onto the underlying disk | ||
| - Confirm the host can be rebooted and networking config persists | ||
| - Use `coreos-installer iso embed` to create unique ISO with provided Ignition config | ||
| - Confirm the unique ISO can be booted after creation | ||
| - Confirm the OS can be installed using the unique ISO without intervention | ||
| - Confirm that DHCP or static networking configuration can be provided via embedded Ignition config | ||
| - Confirm the host can be rebooted and networking config persists | ||
| - Create FCOS/RHCOS VM in VMware and provide `guestinfo` with networking parameters | ||
| - Confirm static networking configuration can be provided to VM | ||
| - Confirm DHCP networking configuration can be provided to VM | ||
| - Confirm VM boots successfully using provided network config | ||
| - Confirm VM reboots successfully and networking persists | ||
|
|
||
| ## Alternatives | ||
| - [RHCOS Ignition Fail to Live](https://github.com/openshift/enhancements/pull/256) |