7a067a97a8
It is not always desired to open the DHCP server for any host just because introspection is active. Add an option to ensure that only nodes being introspected are added to the DHCP servers allow list. Also adds ethoib support in the dnsmasq PXE filter. Also fix a typo in ethoib_interfaces option help text. Change-Id: I4cd7f4f0a449dcc23897ec9288cb57ec9bd647d7
18 lines
767 B
YAML
18 lines
767 B
YAML
---
|
|
features:
|
|
- |
|
|
By default the DHCP filtering will open the DHCP server for any node when
|
|
introspection is active. It will only block DHCP for enrolled nodes that
|
|
are not being introspected. Doing so is required to support interface
|
|
discovery (which by default will enroll the pxe port to ironic if not
|
|
present). This behaviour is not always wanted, as nodes not managed by
|
|
ironic may boot the inspection image.
|
|
|
|
A new option was added ``[pxe_filter]deny_unknown_macs`` which allow
|
|
changeing this behaviour so that the DHCP server only allow enrolled nodes
|
|
being introspected and deny everything else.
|
|
|
|
.. Note:: If this option is ``True``, nodes must have at least one
|
|
enrolled port prior to introspection.
|
|
|