Bare Metal Management With Razor (4/N)

Having digressed into issues of gender and Twitter censorship, let's get back to talking about Razor.

I'm pretty happy with the system as a whole. It's easy to set up and easy to understand, and I appreciate that they've put together a bunch of off-the-shelf components in a way that facilitates extension.

The experimental install that I documented (1, 2, 3) would need significant work to support 24x7 operations. Things that would need to be done:

• Redundant Razor servers. This is easy enough to accomplish, since the server itself is stateless. Just build a couple and hide them behind a VIP.
• HA Postgress DB. The current Postgres docs list a number of different solutions which are supported to varying degrees.
• HA DHCP. A little Googling suggests that Dnsmasq isn't awesome at failover; the recommendation seems to be to use ISC DHCP instead because it has a built-in failover protocol.

There's also the question of how you handle multiple LANs. DHCP requests, by design, are confined to a single broadcast domain. If you want Razor to be able to handle request for hosts across multiple broadcast domains then you need to overcome this limitation. Typically this is accomplished via DHCP relay, the details of which will vary depending on what DHCP server you're using.

Lastly, there's the question of IP management and DNS. If you're imaging systems, giving them names, and assigning them IP addresses semi-permanently, you'd like a system that's aware of the fact and then does the right things: updates DNS records, stops offering assigned IPs via DHCP, and so on. Dnsmasq doesn't do anything in this regard, so in a real world setting you'd want a smarter piece of software handling DNS and DHCP. ISC has a system called Kea that is intended for this use case, though I wasn't aware that it even existed until writing this post.

Anyway, in conclusion: Razor is pretty awesome, supports the bare metal management use case better than other systems I've looked at, and does OS imaging pretty well too. Its not quite as robust out-of-the-box as Foreman or MAAS in terms of things like distributed operation and IP management, but that can be overcome with a little bit of additional work.