Red Hat SummitChapter 2. Requirements for bare metal provisioning
To enable cloud users to launch bare-metal instances, your Red Hat OpenStack Services on OpenShift (RHOSO) environment must have the required hardware and network configuration.
2.1. Hardware requirements
The hardware requirements for the bare-metal machines that you want to make available to your cloud users for provisioning depend on the operating system. For information about the hardware requirements for Red Hat Enterprise Linux installations, see the Product Documentation for Red Hat Enterprise Linux.
All bare-metal machines that you want to make available to your cloud users for provisioning must have the following capabilities:
- A NIC to connect to the bare-metal network.
The Redfish power management type, which is connected to a network that is reachable from the
ironic-conductorcontainer.NoteDo not use the IPMI power management type due to security concerns. Use Redfish as the power management type to optimize the performance of the Bare Metal Provisioning service.
- If the Bare Metal Provisioning service is configured to use PXE or iPXE for provisioning, then PXE boot must be enabled on the network interface that is attached to the bare-metal network, and disabled on all other network interfaces for that bare-metal node. This is not a requirement if the Bare Metal Provisioning service is configured to use virtual media for provisioning.
- If the Bare Metal Provisioning service is configured to use virtual media for provisioning, through Redfish or a vendor-specific boot interface on each node, then the bare-metal nodes must be able to reach cluster resources for virtual media disks or other disk images.
2.2. Networking requirements
The cloud operator must create a private bare-metal network for the Bare Metal Provisioning service to use for the following operations:
- The provisioning and management of the bare-metal nodes that host the bare-metal instances.
- Cleaning bare-metal nodes when a node is unprovisioned.
- Project access to the bare-metal nodes.
In order for the Bare Metal Provisioning service to serve PXE boot and DHCP requests, the bare-metal node must be attached either to a port that does not use a VLAN, or to a port that is a VLAN trunk where the native VLAN is the bare-metal network.
The Bare Metal Provisioning service is designed for a trusted tenant environment because the bare-metal nodes have direct access to the control plane network of your Red Hat OpenStack Services on OpenShift (RHOSO) environment.
Cloud users have direct access to the public OpenStack APIs, and to the bare-metal network. A flat bare-metal network can introduce security concerns because cloud users have indirect access to the control plane network. To mitigate this risk, you can configure an isolated bare metal provisioning network for the Bare Metal Provisioning service that does not have access to the control plane.
The bare-metal network must be untagged for provisioning, and must also have access to the Bare Metal Provisioning API.
You must provide access to the bare-metal network for the following:
- The control plane that hosts the Bare Metal Provisioning service.
- The NIC from which the bare-metal machine is configured to PXE-boot.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}