[Spacewalk-list] Spacewalk multi tier / proxy / PXE boot questions

Tue Apr 19 12:59:16 UTC 2011

> My organization is investigating the use of Spacewalk to provision around 6
> functionally different types of appliances in a multi tier, geographically
> spread spacewalk master / spacewalk proxy setup. We will be targeting many
> servers in tens to hundreds of different datacenters in various locations in
> and outside the U.S., with dozens to hundreds of servers per datacenter.
> Investigations and tests so far have confirmed Spacewalk is very well suited
> for this task.
>
> What questions we have left for the most part revolve around PXE booting and
> kickstart selection:
>
>
> 1. Though services to support PXE booting (TFTP server, cobbler, etc) are an
> integral part of Spacewalk, they appear not to be part of Spacewalk Proxy
> (as installed following the installation guidelines). In our case, it is
> exactly those Spacewalk Proxy installations that we want to bootstrap from,
> as they are on site and we want to keep the target systems themselves off
> the wider internet.
>
> a) Is my understanding correct that, in order to get this work, I should
> "manually" install tftpd and pxelinux/* on the Spacewalk Proxy servers?
> b) How do I then tie in to cobbler, etc, which I can see from the config
> files is proxied from the master?
> c) Are there any guidelines/recommendations/best practices documented that I
> can follow to make sure I get the best out of this configuration?
>
>
> 2. Potentially closely related (depending on the answer) to #1: As much as
> possible from a central location, we would like to tie IP or MAC addresses
> to kickstart profiles. I.e.: we would like to centrally pre-define which one
> of the 6 functionally different appliance types should be provisioned on a
> specific piece of hardware. In Spacewalk, I understand this can be achieved
> by specifying IP address ranges with kickstart profiles.
>
> a) what is the recommended way of tying hardware to one of several kickstart
> profiles? (is that indeed ip address ranges?)
> b) how does this feature still apply if a proxy is involved?
> c) Does this feature still apply if NAT translation is used?
>
>
> 3. I cannot seem to get the pxe_just_once flag to work to prevent PXE boot
> loops when PXE booting is configured top most in the BIOS boot order. Not
> even when taking Spacewalk Proxy out of the loop.
>
> a) Is this known to work? What would be factors that would cause it not to
> work? Any pointers or suggestions?
> b) How does this work with Spacewalk proxy as apparently this is part of
> cobbler? (ties in to question 1b)
>
>
> As a final general comment: am I missing something, conceptually, that I
> thought this whole PXE booting functionality should be part of Spacewalk
> Proxy (maybe even more than of Spacewalk)? How do other people use this? Is
> this is feature we can expect somewhere in the future?
>
> Thanks in advance for your answers and suggestions, even if they are
> covering just part of my many questions.

Hi

We do something similar in that we have a logical single spacewalk
master, its actually a HA pair, and then we have proxies in each of
our DC's. These proxies also appear logically as one but again are a
HA pair.

>From our POV even though the installer trees are served locally via
the proxy ALL dhcp and PXE comes from the logical master no matter
where they are physically located. To us having a single place the
DHCP is handled actually makes it more secure for us to control which
mac's get which OS. We use this to manage many thousands of systems in
greater than 5 DC's spread out over many thousand miles and for us its
fine. Yes in some of the more remote DC's TFTP can take a bit of time
but thats only the initial bare metal as rebuilds are fine using koan.

HTH