DHCP

8.3.2. DHCP#

Current DHCP server is based on ISC DHCP.

8.3.2.1. Enable DHCP on a network#

By default, DHCP server will be activated on any management network.

If you wish to disable DHCP on a specific management network, use dhcp_server key, and set it to false.

For example, on net-admin network, to disable DHCP on this network:

networks:
  net-admin:
    subnet: 10.10.0.0
    prefix: 16
    dhcp_server: false

Once activated on a network, the DHCP server Ansible role will scan all nodes in the inventory, and if a node is connected via its network_interfaces to the network, it will be added in the DHCP (assuming you provided a MAC address of course) inside this network.

8.3.2.2. Configuration#

8.3.2.2.1. Unknown range#

You can define a range of ip to be used by unknown equipment doing an ip request to the DHCP on a specific network.

This can be very useful during a cluster first deployment, to catch equipments you might have missed on the network (see that as an honeypot).

To do so, define dhcp_unknown_range key under the desired network and set the desired range. For example:

networks:
  net-admin:
    subnet: 10.10.0.0
    prefix: 16
    dhcp_server: true
    dhcp_unknown_range: 10.10.254.1 10.10.254.200

8.3.2.2.2. Services endpoints#

When activated on a network, the DHCP server Ansible role will look for endpoints to be used for PXE, DNS and NTP.

If services_ip is set, it will be used.

If a specific endpoint is set for one or more of these services, via the services key, then it will be used and precedence services_ip if set.

Example of network configuration, very basic dhcp server, with all services bind to a single management node:

networks:
  net-1:
    subnet: 10.10.0.0
    prefix: 16
    dhcp_server: true
    dhcp_unknown_range: 10.10.254.1 10.10.254.200
    services_ip: 10.10.0.1                           # All services are running on 10.10.0.1

Example of network advanced configuration:

networks:
  net-1:
    subnet: 10.10.0.0
    prefix: 16
    dhcp_server: true
    dhcp_unknown_range: 10.10.254.1 10.10.254.254
    services:
      dns:
        - ip4: 8.8.8.8
        - ip4: 8.8.4.4
      ntp:
        - hostname: time-a-g.nist.gov
          ip4: 129.6.15.28
      pxe:
        - hostname: mg1
          ip4: 10.10.0.1

8.3.2.2.3. Gateway#

It is possible (and sometime mandatory) to define a gateway for the network. Please note that some Linux distributions cannot properly deploy during PXE process without a gateway defined in the DHCP server.

You can define gateways to be passed to clients using the gateway4 list:

networks:
  net-1:
    subnet: 10.10.0.0
    prefix: 16
    dhcp_server: true
    dhcp_unknown_range: 10.10.254.1 10.10.254.200
    services_ip: 10.10.0.1
    gateway4:
      - hostname: gw1
        ip4: 10.10.2.1

These gateways will be added as routers in the DHCP configuration for this network.

8.3.2.2.4. Leases settings#

It is possible to tune leases times using the following parameters:

  • dhcp_server_default_lease_time: (default to 600) to set default lease time

  • dhcp_server_max_lease_time: (default to 7200) to set max lease time

Tip: set small leases, like default ones, during cluster deployment to make your life easier. Once cluster enter production, increase leases to lower load on DHCP server.

8.3.2.2.5. Shared networks#

It is possible to combine networks into shared-networks when multiple subnets are on the same NIC, or when using opt82/option_match parameter. To do so, add a dedicated optional shared_network key in the network definition.

Networks of the same shared network must have the same shared_network value, which is the name of this share.

For example to add net-1 and net-2 into the same shared network, define them this way:

networks:
  net-1:
    subnet: 10.10.0.0
    prefix: 16
    shared_network: wolf
  net-2:
    subnet: 10.30.0.0
    prefix: 16
    shared_network: wolf

shared_network variable is optional and is simply ignored if not set.

8.3.2.2.6. iPXE rom tunings#

iPXE roms to be exposed can be set globaly in the DHCP server settings, instead of specifying them inside hatdware groups (hw_ipxe_driver and hw_ipxe_embed). Note: hardware variables will precedence DHCP server global ones for related hosts.

Note that default roms have been tested on many clusters and should be the most compatible ones. But if you need to redefine them, use the following variables:

  • dhcp_server_ipxe_driver: to set ipxe default EFI driver. Available drivers are default, snp and snponly. Variable is set by default to snponly, as it is the most devices compatible driver.

  • dhcp_server_ipxe_embed: to set ipxe default embed script. Available scripts are standard or dhcpretry. Variable is set by default to dhcpretry, as it solves many issues with some vendors switches.

8.3.2.2.7. Add global options#

It is possible to include as many global settings as desired using the dhcp_server_global_settings list.

For example:

dhcp_server_global_settings:
  - ping-check false

Note

Do not include the ; at the end, it is automatically added by the role.

8.3.2.2.8. Add options per subnet#

It is possible to include as many per subnet settings as desired using the dhcp_server_subnet_settings defined under the logical network in networks dict.

For example:

networks:
  net-1:
    subnet: 10.11.0.0
    prefix: 16
    dhcp_server: true
    dhcp_server_subnet_settings:
      - deny unknown-clients

Note

Do not include the ; at the end, it is automatically added by the role.

8.3.2.2.9. Hosts identifiers#

It is possible to use advanced DHCP features to identify an host. The following parameters are available, for the host and its BMC:

  • mac: identify based on MAC address. Same than standard dhcp server.

  • dhcp_client_identifier: identify based on a pattern (string, etc) to recognize an host. Also known as option 61.

  • host_identifier: identify based on an option (agent.circuit-id, agent.remote-id, etc) to recognize an host. Also known as option 82.

  • match: identify based on multiple options in combination to recognize an host. Also known as option 82 with hack.

If using match, because this features is using a specific ‘hack’ in the dhcp server, you MUST define this host in a shared network, even if this shared network contains a single network (see this very well made page for more information: http://www.miquels.cistron.nl/isc-dhcpd/).

8.3.2.2.10. Add dhcp node specific parameters and options#

It is possible to add specific dhcp settings to an host interface, which can be useful in some specific cases. This is achieved adding a list named dhcp_server_settings inside the host’s NIC definition.

For example:

hosts:
  c001:
    network_interfaces:
      - interface: eth0
        ip4: 10.10.3.1
        dhcp_client_identifier: 00:40:1c
        dhcp_server_settings:
          - option pxelinux.magic code 208 = string
          - option pxelinux.configfile code 209 = text
        network: ice1-1

8.3.2.2.11. Multiple identifier entries#

It is possible to have multiple entries for an host interface in the configuration.

For example, set a mac address and a dhcp_client_identifier this way:

hosts:
  c001:
    network_interfaces:
      - interface: eth0
        ip4: 10.10.3.1
        mac: 08:00:27:36:c0:ac
        dhcp_client_identifier: 00:40:1c
        network: net-1

This will create one entry related to mac address and one to dhcp client identifier.

Contents