-
Story
-
Resolution: Done
-
Major
-
None
-
None
-
5
-
False
-
Satellite Rocket Sprint 6, Satellite Rocket Sprint 7
-
sat-rocket
-
Release Note Not Required
-
None
-
None
-
None
We document the installer-managed DHCP service scenario. For upstream this is https://docs.theforeman.org/nightly/Integrating_Provisioning_Infrastructure_Services/index-katello.html#enabling-the-installer-managed-dhcp-service. In this scenario we need to support changing the DHCP key algorithm to something other than hmac-md5.
More concrete, the installer gained -foreman-proxy-dhcp-key-algorithm. Currently in step 3.b. we tell the user to run tsig-keygen -a hmac-md5 _my_omapi_key but the value to parameter to -a becomes free to choose. See man tsig-keygen for the accepted values. Then that value needs to be passed in step 4 with the -foreman-proxy-dhcp-key-algorithm installer parameter.
It's a good idea to also recommend users a better algorithm than hmac-md5. The current default is hmac-sha256.
Acceptance criteria:
- The installer supports this
- The enhanced procedure is documented
- This is tested
