UNCLASSIFIED - NO CUI

Skip to content

Refactor PXE Role with Generalized Netboot Tarball Fetch Script

John Pattersonrequested to merge
feature/pxe-role-mod into main

General MR

Summary

This MR introduces a unified netboot processing system for the PXE Ansible role, replacing conditional logic with a generalized approach that supports custom netboot images while maintaining mandatory Debian fallback.

Key Changes

Unified Netboot Architecture

  • Added mandatory_netboots structure defining Debian with nexus/fallback URIs
  • Combined with user-defined additional_netboots into unified all_netboots processing
  • Single pipeline processes all netboot images (mandatory + additional)

Generalized Processing Logic

  • Replaced debian-specific conditional blocks with loops over all netboots
  • Each netboot gets full nexus-first, fallback-second treatment
  • Hash verification support extended to all netboot images

Enhanced Configuration Support

  • Users configure additional_netboots with nexus_uri, fallback_uri, hash, extract_path
  • Flexible grub configuration paths per netboot image
  • Maintains same nexus authentication and validation patterns

Always-Available Debian Fallback

  • Debian processing runs unconditionally as mandatory dependency
  • Debian preseed generation no longer conditional on netboot_tarballs
  • Ensures reliable default PXE boot option regardless of user configuration

Execution Results

Configuration Processing: mandatory_netboots combined with additional_netboots into unified list Nexus Integration: Each netboot checks nexus availability, falls back to upstream on failure Hash Verification: SHA256 validation for all images (direct hash or extracted from hash file) Multi-OS Support: Framework handles debian + unlimited additional netboot images Backwards Compatible: Existing deployments continue working unchanged

Why the Unified Approach was Implemented

Previous Implementation Issues

  • Debian hardcoded with separate conditional logic
  • netboot_tarballs completely replaced debian instead of supplementing it
  • Preseed generation dependent on debian-specific netboot presence

New Implementation Benefits

  • Consistent Processing: Same nexus/fallback logic applied to all netboot images
  • Mandatory Fallback: Debian always available regardless of user configuration
  • Scalable Architecture: Supports unlimited additional netboot images
  • Simplified Logic: Single processing pipeline instead of separate conditional blocks
  • Enhanced Reliability: Nexus authentication and hash verification for all images

Nexus Integration Preserved

  • All netboot images (including debian) check nexus first before fallback
  • Same authentication and certificate validation patterns
  • Users can specify nexus URIs for additional netboots in additional_netboots variable
  • Consistent with existing nexus usage patterns throughout the role

Relevant logs/screenshots

Screenshot 2025-08-12 at 11.26.15 AM.png

Linked Issue

issue

Upgrade Notices

N/A

Edited by John Patterson

Merge request reports

UNCLASSIFIED - NO CUI