metal-api icon indicating copy to clipboard operation
metal-api copied to clipboard
verified publisher icon metal-stack

Configure DNS and NTP in machine allocation

Open simcod opened this issue 1 year ago • 8 comments

This PR is related to MEP-14.

Related PRs:

  • [ ] https://github.com/metal-stack/metal-hammer/pull/139
  • [ ] https://github.com/metal-stack/metal-images/pull/255
  • [ ] https://github.com/metal-stack/metalctl/pull/266
  • [ ] https://github.com/metal-stack/docs/pull/222

simcod avatar Sep 12 '24 11:09 simcod

We should discuss if we also put these two options into the Partition and take it from there if a machine is allocated ?

Other option is to put dns and ntp configuration into the CloudProfile and adopt machine creation in gepm.

majst01 avatar Oct 19 '24 15:10 majst01

It should be a feature of metal-stack and not reliant on Gardener-specific features like CloudProfile. For one customer, having the ability to configure it directly within the Partition would be advantageous. Additionally, for isolated clusters, the DNS servers and NTP servers in the CloudProfile would overwrite the values provided in the Partition. I also tend to require configured DNS and NTP servers for every partition in the future to eliminate any default values in the metal images.

robertvolkmann avatar Oct 21 '24 07:10 robertvolkmann

It should be a feature of metal-stack and not reliant on Gardener-specific features like CloudProfile. For one customer, having the ability to configure it directly within the Partition would be advantageous. Additionally, for isolated clusters, the DNS servers and NTP servers in the CloudProfile would overwrite the values provided in the Partition. I also tend to require configured DNS and NTP servers for every partition in the future to eliminate any default values in the metal images.

On the other hand, properties like image or firewall-image are not defaulted and must be provided during allocation by the GEPM.

For me it is a bit opinionated if we inherit from the partition.

majst01 avatar Oct 21 '24 07:10 majst01

How do you plan to provide the NTP configuration for metal-hammer if the NTP servers cannot be configured in the Partition?

robertvolkmann avatar Oct 21 '24 07:10 robertvolkmann

How do you plan to provide the NTP configuration for metal-hammer if the NTP servers cannot be configured in the Partition?

This is actually done in the pixie-core deployment, but would also be easier if partition contains these configuration.

majst01 avatar Oct 21 '24 07:10 majst01

How do you plan to provide the NTP configuration for metal-hammer if the NTP servers cannot be configured in the Partition?

This is actually done in the pixie-core deployment, but would also be easier if partition contains these configuration.

It seems a bit inconsistent to me that we have to configure the kernel and image URL for metal-hammer directly in the Partition, but not the NTP server that will be used by metal-hammer.

robertvolkmann avatar Oct 21 '24 07:10 robertvolkmann

Regarding the defaulting through the partition entity: I am actually open to offer this defaulting layer when for certain environments this makes everything easier to configure. It seems there can be partitions that do not reach the internet at all and no machine can be provisioned without passing custom DNS and NTP servers. For these scenarios it's really cumbersome to always pass these settings all the time. As long as it's optional to provide, it does not hurt to add this.

Gerrit91 avatar Oct 21 '24 08:10 Gerrit91

@simcod please add matching fields to the Partition entity (v1 and database) and check in the service if they are set and use the partition config for defaults.

majst01 avatar Oct 21 '24 08:10 majst01