IPv6: dhcp/provisioner: make ipv6 aware

If the admin network is IPv6 setup the ISC DHCPD server to configure and use the IPv6 daemon. For this use a seperate set of ipv6 files to list hosts and subnets as ipv6 hosts and subnets will fail if v4 dhcp tries to load them. Also make sure tftp is listening on both IPv4 and v6.
crowbar · Dec 19, 2018 · 1dcdbb3 · 1dcdbb3
1 parent cd35a6c
commit 1dcdbb3
Show file tree

Hide file tree

Showing 16 changed files with 247 additions and 57 deletions.
diff --git a/chef/cookbooks/dhcp/attributes/default.rb b/chef/cookbooks/dhcp/attributes/default.rb
@@ -1,6 +1,6 @@
 
 default[:dhcp][:interfaces] = ["eth0"]
-default[:dhcp][:options] = [
+default[:dhcp][:options][:v4] = [
     "ddns-update-style none",
     "allow booting",
     "option option-128 code 128 = string",
@@ -10,4 +10,16 @@
     "option dhcp-client-debug code 226 = unsigned integer 16",
     "option dhcp-client-debug 0"
 ]
+default[:dhcp][:options][:v6] = [
+    "ddns-update-style none",
+    "allow booting",
+    "option option-128 code 128 = string",
+    "option option-129 code 129 = text",
+    "option dhcp-client-state code 225 = unsigned integer 16",
+    "option dhcp-client-state 0",
+    "option dhcp-client-debug code 226 = unsigned integer 16",
+    "option dhcp-client-debug 0",
+    "option dhcp6.bootfile-url code 59 = string",
+    "option dhcp6.client-arch-type code 61 = array of unsigned integer 16"
+]
 
diff --git a/chef/cookbooks/dhcp/providers/host.rb b/chef/cookbooks/dhcp/providers/host.rb
@@ -13,8 +13,11 @@
 # limitations under the License.
 #
 
+require "ipaddr"
+
 action :add do
   Chef::Log.debug "Adding #{new_resource.name}.conf to /etc/dhcp3/hosts.d"
+  is_ipv6 = IPAddr.new(new_resource.ipaddress).ipv6?
   filename = "/etc/dhcp3/hosts.d/#{new_resource.name}.conf"
   template filename do
     cookbook "dhcp"
@@ -24,7 +27,9 @@
       hostname: new_resource.hostname,
       macaddress: new_resource.macaddress,
       ipaddress: new_resource.ipaddress,
-      options: new_resource.options
+      options: new_resource.options,
+      prefix: new_resource.prefix,
+      is_ipv6: is_ipv6
     )
     owner "root"
     group "root"
@@ -33,9 +38,10 @@
       notifies :restart, resources(service: "dhcp3-server"), :delayed
     end
   end
+  host_list_file = is_ipv6 ? "host6_list.conf" : "host_list.conf"
   utils_line "include \"#{filename}\";" do
     action :add
-    file "/etc/dhcp3/hosts.d/host_list.conf"
+    file "/etc/dhcp3/hosts.d/#{host_list_file}"
     if node[:provisioner][:enable_pxe]
       notifies :restart, resources(service: "dhcp3-server"), :delayed
     end
@@ -54,11 +60,13 @@
     end
     new_resource.updated_by_last_action(true)
   end
-  utils_line "include \"#{filename}\";" do
-    action :remove
-    file "/etc/dhcp3/hosts.d/host_list.conf"
-    if node[:provisioner][:enable_pxe]
-      notifies :restart, resources(service: "dhcp3-server"), :delayed
+  ["host_list.conf", "host6_list.conf"].each do |host_list|
+    utils_line "include \"#{filename}\";" do
+      action :remove
+      file "/etc/dhcp3/hosts.d/#{host_list}"
+      if node[:provisioner][:enable_pxe]
+        notifies :restart, resources(service: "dhcp3-server"), :delayed
+      end
     end
   end
 end

diff --git a/chef/cookbooks/dhcp/providers/subnet.rb b/chef/cookbooks/dhcp/providers/subnet.rb
@@ -13,11 +13,20 @@
 # limitations under the License.
 #
 
+require "ipaddr"
+
 action :add do
+  if IPAddr.new(new_resource.network["subnet"]).ipv6?
+    subnet_template =  "subnet6.conf.erb"
+    subnet_list_file = "subnet6_list.conf"
+  else
+    subnet_template = "subnet.conf.erb"
+    subnet_list_file = "subnet_list.conf"
+  end
   filename = "/etc/dhcp3/subnets.d/#{new_resource.subnet}.conf"
   template filename do
     cookbook "dhcp"
-    source "subnet.conf.erb"
+    source subnet_template
     variables(
       network: new_resource.network,
       options: new_resource.options,
@@ -33,7 +42,7 @@
   end
   utils_line "include \"#{filename}\";" do
     action :add
-    file "/etc/dhcp3/subnets.d/subnet_list.conf"
+    file "/etc/dhcp3/subnets.d/#{subnet_list_file}"
     if node[:provisioner][:enable_pxe]
       notifies :restart, resources(service: "dhcp3-server"), :delayed
     end
@@ -52,11 +61,13 @@
     end
     new_resource.updated_by_last_action(true)
   end
-  utils_line "include \"#{filename}\";" do
-    action :remove
-    file "/etc/dhcp3/subnets.d/subnet_list.conf"
-    if node[:provisioner][:enable_pxe]
-      notifies :restart, resources(service: "dhcp3-server"), :delayed
+  ["subnet_list.conf", "subnet6_list.conf"].each do |subnet_list|
+    utils_line "include \"#{filename}\";" do
+      action :remove
+      file "/etc/dhcp3/subnets.d/#{subnet_list}"
+      if node[:provisioner][:enable_pxe]
+        notifies :restart, resources(service: "dhcp3-server"), :delayed
+      end
     end
   end
 end

diff --git a/chef/cookbooks/dhcp/recipes/default.rb b/chef/cookbooks/dhcp/recipes/default.rb
@@ -48,6 +48,21 @@
   group "root"
   mode 0644
 end
+file "/etc/dhcp3/groups.d/group6_list.conf" do
+  owner "root"
+  group "root"
+  mode 0644
+end
+file "/etc/dhcp3/subnets.d/subnet6_list.conf" do
+  owner "root"
+  group "root"
+  mode 0644
+end
+file "/etc/dhcp3/hosts.d/host6_list.conf" do
+  owner "root"
+  group "root"
+  mode 0644
+end
 
 bash "build omapi key" do
   code <<-EOH
@@ -63,18 +78,27 @@
 intfs = [Chef::Recipe::Barclamp::Inventory.get_network_by_type(node, "admin").interface]
 address = Chef::Recipe::Barclamp::Inventory.get_network_by_type(node, "admin").address
 
-d_opts = node[:dhcp][:options]
+require "ipaddr"
+admin_addr = IPAddr.new(address)
+
+if admin_addr.ipv4?
+  d_opts = node[:dhcp][:options][:v4]
+  dhcpd_conf = "dhcpd.conf"
+else
+  d_opts = node[:dhcp][:options][:v6]
+  dhcpd_conf = "dhcpd6.conf"
+end
 
 case node[:platform_family]
 when "debian"
   case node[:lsb][:codename]
   when "natty","oneiric","precise"
-    template "/etc/dhcp/dhcpd.conf" do
+    template "/etc/dhcp/#{dhcpd_conf}" do
       owner "root"
       group "root"
       mode 0644
       source "dhcpd.conf.erb"
-      variables(options: d_opts)
+      variables(options: d_opts, is_ipv6: admin_addr.ipv6?)
       if node[:provisioner][:enable_pxe]
         notifies :restart, "service[dhcp3-server]"
       end
@@ -90,12 +114,12 @@
       end
     end
   else
-    template "/etc/dhcp3/dhcpd.conf" do
+    template "/etc/dhcp3/#{dhcpd_conf}" do
       owner "root"
       group "root"
       mode 0644
       source "dhcpd.conf.erb"
-      variables(options: d_opts)
+      variables(options: d_opts, is_ipv6: admin_addr.ipv6?)
       if node[:provisioner][:enable_pxe]
         notifies :restart, "service[dhcp3-server]"
       end
@@ -115,17 +139,17 @@
 
   dhcp_config_file = case
     when node[:platform_version].to_f >= 6
-      "/etc/dhcp/dhcpd.conf"
+      "/etc/dhcp/#{dhcpd_conf}"
     else
-      "/etc/dhcpd.conf"
+      "/etc/#{dhcpd_conf}"
     end
 
   template dhcp_config_file do
     owner "root"
     group "root"
     mode 0644
     source "dhcpd.conf.erb"
-    variables(options: d_opts)
+    variables(options: d_opts, is_ipv6: admin_addr.ipv6?)
     if node[:provisioner][:enable_pxe]
       notifies :restart, "service[dhcp3-server]"
     end
@@ -143,12 +167,12 @@
   end
 
 when "suse"
-  template "/etc/dhcpd.conf" do
+  template "/etc/#{dhcpd_conf}" do
     owner "root"
     group "root"
     mode 0644
     source "dhcpd.conf.erb"
-    variables(options: d_opts)
+    variables(options: d_opts, is_ipv6: admin_addr.ipv6?)
     if node[:provisioner][:enable_pxe]
       notifies :restart, "service[dhcp3-server]"
     end
@@ -168,7 +192,11 @@
 
 service "dhcp3-server" do
   if %w(suse rhel).include?(node[:platform_family])
-    service_name "dhcpd"
+    if admin_addr.ipv4?
+      service_name "dhcpd"
+    else
+      service_name "dhcpd6"
+    end
   elsif node[:platform] == "ubuntu"
     case node[:lsb][:codename]
     when "maverick"

diff --git a/chef/cookbooks/dhcp/resources/host.rb b/chef/cookbooks/dhcp/resources/host.rb
@@ -19,6 +19,7 @@
 attribute :hostname, kind_of: String
 attribute :macaddress, kind_of: String
 attribute :ipaddress, kind_of: String
+attribute :prefix, kind_of: String
 attribute :group, kind_of: String
 attribute :options, kind_of: Array, default: []
 
diff --git a/chef/cookbooks/dhcp/templates/default/dhcpd.conf.erb b/chef/cookbooks/dhcp/templates/default/dhcpd.conf.erb
@@ -21,6 +21,34 @@ log-facility local7;
 # Fix for https://bugzilla.opensuse.org/show_bug.cgi?id=961536
 always-reply-rfc1048 true;
 
+<% if @is_ipv6 -%>
+# Other options we may want?
+#option dhcp6.rfc4833-tz-posix-string code 41 = string;
+#option dhcp6.rfc4833-tz-name code 42 = string;
+#
+# Use example:
+#   option dhcp6.rfc4833-tz-posix-string "EST5EDT4,M3.2.0/02:00,M11.1.0/02:00";
+#   option dhcp6.rfc4833-tz-name         "Europe/Zurich";
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+
+# Set preference to 255 (maximum) in order to avoid waiting for
+# additional servers when there is only one
+##option dhcp6.preference 255;
+
+# Server side command to enable rapid-commit (2 packet exchange)
+##option dhcp6.rapid-commit;
+
+# The delay before information-request refresh
+#  (minimum is 10 minutes, maximum one day, default is to not refresh)
+#  (set to 6 hours)
+#option dhcp6.info-refresh-time 21600;
+
+include "/etc/dhcp3/groups.d/group6_list.conf";
+include "/etc/dhcp3/subnets.d/subnet6_list.conf";
+include "/etc/dhcp3/hosts.d/host6_list.conf";
+<% else -%>
 include "/etc/dhcp3/groups.d/group_list.conf";
 include "/etc/dhcp3/subnets.d/subnet_list.conf";
 include "/etc/dhcp3/hosts.d/host_list.conf";
+<% end -%>
diff --git a/chef/cookbooks/dhcp/templates/default/host.conf.erb b/chef/cookbooks/dhcp/templates/default/host.conf.erb
@@ -2,7 +2,12 @@ host <%= @name %> {
   option host-name "<%= @hostname %>";
   hardware ethernet <%= @macaddress %>;
 <% if @ipaddress -%> 
+<%   if @is_ipv6 -%>
+  fixed-address6 <%= @ipaddress %>;
+  fixed-prefix6 <%= @prefix %>;
+<%   else -%>
   fixed-address <%= @ipaddress %>;
+<%   end -%>
 <% else -%>
   deny booting;
 <% end -%> 

diff --git a/chef/cookbooks/dhcp/templates/default/subnet6.conf.erb b/chef/cookbooks/dhcp/templates/default/subnet6.conf.erb
@@ -0,0 +1,19 @@
+# File managed by Crowbar
+<% if node[:provisioner][:enable_pxe] -%>
+
+subnet6 <%= @network["subnet"] %>/<%= @network["netmask"]%> {
+  option subnet-mask <%= @network["netmask"] %>;
+<% @options.each do |option| -%>
+  <%= option %>;
+<%   end -%>
+<% @pools.each do |pool| -%>
+   pool6 {
+     range6 <%=@network["ranges"][pool]["start"]%> <%=@network["ranges"][pool]["end"]%>;
+     <% @pool_options[pool].each do |opt| -%>
+     <%=opt%><%=if opt[-1,1] != '}' then ';' else '' end%>
+     <% end if @pool_options[pool] -%>
+   }
+<% end -%>
+}
+
+<% end -%>
diff --git a/chef/cookbooks/dhcp/templates/default/suse-sysconfig-dhcpd.erb b/chef/cookbooks/dhcp/templates/default/suse-sysconfig-dhcpd.erb
@@ -2,6 +2,7 @@
 # Do not edit.
 <% unless @interfaces.empty? -%>
 DHCPD_INTERFACE="<%= @interfaces.collect! {|i| "#{i}" }.join(" ") %>"
+DHCPD6_INTERFACE="<%= @interfaces.collect! {|i| "#{i}" }.join(" ") %>"
 <% end -%>
 DHCPD_IFUP_RESTART=""
 DHCPD_RUN_CHROOTED="no"

diff --git a/chef/cookbooks/provisioner/recipes/base.rb b/chef/cookbooks/provisioner/recipes/base.rb
@@ -346,10 +346,15 @@
   mode "0644"
 end
 
+require "ipaddr"
 crowbar_node = node_search_with_cache("roles:crowbar").first
 address = crowbar_node["crowbar"]["network"]["admin"]["address"]
 protocol = crowbar_node["crowbar"]["apache"]["ssl"] ? "https" : "http"
-server = "#{protocol}://#{address}"
+server = if IPAddr.new(address).ipv6?
+  "#{protocol}://[#{address}]"
+else
+  "#{protocol}://#{address}"
+end
 password = crowbar_node["crowbar"]["users"]["crowbar"]["password"]
 verify_ssl = !crowbar_node["crowbar"]["apache"]["insecure"]