CoreSMD - Connect CoreDHCP/CoreDNS to SMD

Contents

• CoreSMD - Connect CoreDHCP/CoreDNS to SMD
  • Contents
  • Introduction
    • CoreDHCP
    • CoreDNS
  • Overview
  • Configuration
  • Build and Install
    • Build/Install with GoReleaser
      • Environment Variables
      • Building Locally with GoReleaser
      • Building Locally on Bare Metal
      • Building a Local Container
  • Testing
    • CoreDHCP
    • CoreDNS
  • Running
    • Configuration
    • Preparation: SMD and BSS
    • Preparation: TFTP
    • Running
      • CoreDHCP
      • CoreDNS
  • More Reading

---

Introduction

CoreSMD provides plugins for both CoreDHCP and CoreDNS that allow DHCP requests and DNS lookups to use SMD, the OpenCHAMI inventory service.

CoreDHCP

CoreSMD provides two plugins. The first plugin, coresmd, uses SMD as a source of truth to provide DHCP leases for both DHCPv4 and DHCPv6. The second plugin, bootloop, dynamically assigns temporary IP addresses to unknown MACs until they can be updated in SMD.

This repository is part of the OpenCHAMI project. It extends CoreDHCP by integrating it with the SMD service so DHCP leases can be centrally managed. There are two primary plugins:

1. coresmd Provides DHCP leases (IPv4 and IPv6) based on data from SMD.

2. bootloop Assigns temporary IPv4 addresses to unknown nodes. It also returns a DHCPNAK if it sees a node that has become known to SMD since its last lease, forcing a full DHCP handshake to get a new address (from coresmd).

The goal of bootloop is to ensure unknown nodes/BMCs continually attempt to get new IP addresses if they become known in SMD, while still having a short, discoverable address for tasks like Magellan.

See examples/coredhcp/ for configuration examples.

CoreDNS

The coresmd plugin allows hostnames/FQDNs for nodes and BMCs stored in SMD to be resolved to IP addresses (both IPv4 and IPv6). It supports A, AAAA, and PTR record lookups.

See examples/coredns/ for configuration examples.

---

Overview

CoreSMD acts as a pull-through cache of DHCP and DNS information from SMD, ensuring that new or updated details in SMD can be reflected in DHCP lease assignments and DNS records. This facilitates more dynamic environments where nodes might be added or changed frequently, and also simplifies discovery of unknown devices via the bootloop CoreDHCP plugin.

---

Configuration

Take a look at examples/. In there are configuration examples and documentation for both CoreDHCP and CoreDNS.

Build and Install

The plugins in this repository can be built into CoreDHCP/CoreDNS either using a container-based approach (via the provided Dockerfile) or by statically compiling them into CoreDHCP/CoreDNS on bare metal. Additionally, this project uses GoReleaser to automate releases and include build metadata.

Build/Install with GoReleaser

Environment Variables

To include detailed build metadata, ensure the following environment variables are set:

• BUILD_HOST: The hostname of the machine where the build is performed.
• GO_VERSION: The version of Go used for the build.
• BUILD_USER: The username of the person or system performing the build.

You can set them with:

export BUILD_HOST=$(hostname)
export GO_VERSION=$(go version | awk '{print $3}')
export BUILD_USER=$(whoami)

Building Locally with GoReleaser

1. Install GoReleaser if not already present.
2. Run GoReleaser in snapshot mode to produce a local build without publishing:

   goreleaser release --snapshot --clean --skip=publish

3. Check the dist/ directory for the built binaries, which will include the embedded metadata.

Building Locally on Bare Metal

Simply run go build for each project:

go build ./build/coredhcp
go build ./build/coredns

This will put coredhcp and coredns binaries in the repository root which can be used for building a container in the next step.

Verify that CoreDHCP contains the coresmd and bootloop plugins:

$ ./coredhcp --plugins | grep -E 'coresmd|bootloop'
bootloop
coresmd

...and that CoreDNS contains the coresmd plugin:

$ ./coredns --plugins | grep coresmd
coresmd

Building a Local Container

To build a container that contains both CoreDHCP and CoreDNS, go through the Building Locally on Bare Metal step above, then run:

docker build . --tag ghcr.io/openchami/coresmd:latest

---

Testing

CoreDHCP

Currently, the repository does not include standalone test scripts for these plugins. However, once compiled into CoreDHCP, you can test the overall DHCP server behavior using tools like:

• dhcping
• dnsmasq DHCP client testing

Because the plugins integrate with SMD, also verify that your SMD instance is returning correct data, and confirm the environment variables (if using GoReleaser) are correctly embedded in the binary.

CoreDNS

See: https://github.com/OpenCHAMI/coresmd/tree/main/examples/coredns#testing

---

Running

Configuration

CoreDHCP requires a config file to run. See examples/coredhcp/coredhcp.yaml for an example with detailed comments on how to enable and configure coresmd and bootloop.

CoreDNS similarly has a Corefile to use. See examples/coredns/ for examples of Corefiles.

Preparation: SMD and BSS

Before running CoreDHCP/CoreDNS, ensure the OpenCHAMI services (notably BSS and SMD) are configured and running. Their URLs should match what you configure in the CoreDHCP config file.

Preparation: TFTP

By default, coresmd includes a built-in TFTP server with iPXE binaries for 32-/64-bit x86/ARM (EFI) and legacy x86. If you use the bootloop plugin and set the iPXE boot script path to "default", it will serve a built-in reboot script to unknown nodes. Alternatively, you can point this to a custom TFTP path if different functionality is desired.

Running

Once all prerequisites are set, you can run CoreDHCP or CoreDNS.

CoreDHCP

• Podman CLI Use host networking and mount your config file (this example mounts in system certificate bundle):

  podman run \
    --rm \
    --name=coresmd-coredhcp \
    --hostname=coresmd-coredhcp \
    --cap-add=NET_ADMIN,NET_RAW \
    --volume=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem:/root_ca/root_ca.crt:ro,Z \
    --volume=/etc/openchami/configs/coredhcp.yaml:/etc/coredhcp/config.yaml:ro,Z \
    --network=host \
    ghcr.io/openchami/coresmd:latest

  [!NOTE] --cap-add may or may not be needed on some distros.

• Podman Quadlet:

  [Unit]
  Description=The CoreSMD CoreDHCP container
  
  [Container]
  ContainerName=coresmd-coredhcp
  
  HostName=coresmd-coredhcp
  Image=ghcr.io/openchami/coresmd:latest
  
  AddCapability=NET_ADMIN
  AddCapability=NET_RAW
  
  Volume=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem:/root_ca/root_ca.crt:ro,Z
  Volume=/etc/openchami/configs/coredhcp.yaml:/etc/coredhcp/config.yaml:ro,Z
  
  Network=host
  
  PodmanArgs=--http-proxy=false
  
  [Service]
  Restart=always

• Bare Metal Execute the locally built binary:

  ./coredhcp -conf /path/to/config.yaml

CoreDNS

• Podman CLI Use host networking and mount your config file (this example mounts in system certificate bundle):

  podman run \
    --rm \
    --name=coresmd-coredns \
    --hostname=coresmd-coredns \
    --cap-add=NET_ADMIN,NET_RAW \
    --volume=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem:/root_ca/root_ca.crt:ro,Z \
    --volume=/etc/openchami/configs/Corefile:/etc/coredhcp/Corefile:ro,Z \
    --network=host \
    ghcr.io/openchami/coresmd:latest \
    /coredns

  [!NOTE] --cap-add may or may not be needed on some distros.

• Podman Quadlet:

  [Unit]
  Description=The CoreSMD CoreDNS container
  
  [Container]
  ContainerName=coresmd-coredns
  
  HostName=coresmd-coredhcp
  Image=ghcr.io/openchami/coredns:latest
  
  Exec=/coredns
  
  AddCapability=NET_ADMIN
  AddCapability=NET_RAW
  
  Volume=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem:/root_ca/root_ca.crt:ro,Z
  Volume=/etc/openchami/configs/Corefile
  
  Network=host
  
  PodmanArgs=--http-proxy=false
  
  [Service]
  Restart=always

• Bare Metal Execute the locally built binary:

  ./cored-conf /path/to/config.yaml

---

More Reading

• CoreDHCP GitHub
• CoreDNS GitHub
• OpenCHAMI Project
• SMD GitHub
• GoReleaser Documentation
• Magellan (OpenCHAMI)