I understand the PXE network is mandatory for the whole machine lifecycle but I don’t see the need when the machine is deployed.
I mean, with MaaS, we can configure a machine to switch to another network/vlan at deployment time and at the end, machine lifecycle is just controlled by pxe boot which can communicate with the MaaS server and act depending of the machine state.
But It seem all my deployments are failing as soon as the PXE network is not available … is it normal or is it just a misconfiguration on my side ?
Once a machine is deployed you can change the boot order to boot off the disk. The reason it is preferred to keep the machine networking booting is so you can easily change the machines state through MAAS. For example if you suspect your machine has a hardware fault you can run hardware testing while the machine is deployed. If you’ve changed the boot order you’ll have to change it back for testing to run.
MAAS/Curtin does configure your system to fall back on local booting if MAAS isn’t available. On legacy BIOS systems GRUB is written to the boot sector but your BIOS must be manually configured to attempt local boot after network boot. On UEFI systems we configure local boot to occur after the network device that was booted. This can be verified with
Hi @ltrager, thanks for the answer but I think you misunderstood my point.
Here is my setup :
we have a MaaS Region in a management vlan (say zone1, vlan1)
we have a MaaS Rack in a zone with a routed vlan (say zone2, vlan2)
in zone2, we have the untagged pxe lan which is not routed and restricted to the the MaaS Rack server and the machines in this zone (so, not accessible from zone1)
Case 1 : When we deploy a new machine without setting the network, it boots by default on the pxe lan and everything works just fine except that the machine is not accessible from anywhere else than the pxe network since it only has this one … obvious I would say.
Case 2 : Then, if we do the same but, this time, we add a vlan on top of the pxe “interface” (so, we have both pxe lan and vlan2 on the deployed machine), everything is fine but we end with both networks active on the machine.
Case 3 : Now I want to just configure the vlan2 network on the interface and exclude the pxe lan.
I do understand that it should be possible since, after pxe booting, when the machine is deployed, I understand that MaaS fallback the machine to hard drive boot and thus, the OS take over and starts its configured network which is what I want.
Problem is that in Case 3, the machine starts but it takes ages when starting the network (I suspect a timeout here) and MaaS can’t complete the deployment. Installation works well but when rebooting, the machine won’t finish the boot sequence and in MaaS, the status is stuck in “Rebooting”.
So here is my question : is this network (pxe) mandatory and why ? Or is it just a misconfiguration issue on our side ?
I don’t usually set pxe boot as boot option at all.
Maas uses ipmi to set “next boot device” to boot from networ once - when it wants to commission, test or deploy or go to recovery mode.
As far as permanent membership in the pxe network - as soon as maas work is done (and let me say, maas does a great job to prepare bare metal for full provisioning) - pxe network is out of the picture for that server. If we deem needed to run tests or re-deploy, we put server back in maas pxe network and do it.
It does require some network automation which varies by equipment multitude of possible configurations.
I think MAAS wants to be always present on the network for it’s metadata functionality but since it has no https, it cannot be treated as secure and it must be axed before using server for anything production grade.
Also, artifact in maas - not sure if it was by design or just a minor bug - even if you only want to poweroff the machine and then power back on, maas will configure the machine to pxe boot.
Luckily enough, most of the time, it will then pxe boot and figure out there is nothing to do so it will hand over boot process to the first boot drive. This however might not work for nvme or m.2 drives in legacy boot mode. I am not sure how it works in uefi mode.
It is worth investigating but this topic is 11 months old and many things might have already changed.
yeah, @igor, i’m closing this one, because it has been overcome by a couple of versions of MAAS. but i see your point about maintaining network integrity / security here.
that said, if you have a specific issue for which you want to submit a feature request, please don’t hesitate to add a feature to “Features” and alert your support rep that you’ve done so.
