Implement disableDHCP functionality:

If the Hardware object specifies that DHCP is disabled we don't respond to DHCP packets. Signed-off-by: Jacob Weinstock <[email protected]>
tinkerbell · Oct 23, 2024 · 632bc4c · 632bc4c
1 parent f8b5d6d
commit 632bc4c
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 0 deletions.
diff --git a/internal/backend/file/file.go b/internal/backend/file/file.go
@@ -57,6 +57,7 @@ type dhcp struct {
 	LeaseTime        int              `yaml:"leaseTime"`        // DHCP option 51.
 	Arch             string           `yaml:"arch"`             // DHCP option 93.
 	DomainSearch     []string         `yaml:"domainSearch"`     // DHCP option 119.
+	Disabled         bool             // If true, no DHCP response should be sent.
 	Netboot          netboot          `yaml:"netboot"`
 }
 
@@ -305,6 +306,9 @@ func (w *Watcher) translate(r dhcp) (*data.DHCP, *data.Netboot, error) {
 	// domain search
 	d.DomainSearch = r.DomainSearch
 
+	// disabled
+	d.Disabled = r.Disabled
+
 	// allow machine to netboot
 	n.AllowNetboot = r.Netboot.AllowPXE
 

diff --git a/internal/backend/kube/kube.go b/internal/backend/kube/kube.go
@@ -160,6 +160,8 @@ func (b *Backend) GetByIP(ctx context.Context, ip net.IP) (*data.DHCP, *data.Net
 
 		return nil, nil, err
 	}
+	d.Disabled = i.DisableDHCP
+
 	// Facility is used in the default HookOS iPXE script so we get it from the hardware metadata, if set.
 	facility := ""
 	if hardwareList.Items[0].Spec.Metadata != nil {

diff --git a/internal/dhcp/data/data.go b/internal/dhcp/data/data.go
@@ -45,6 +45,7 @@ type DHCP struct {
 	LeaseTime        uint32           // DHCP option 51.
 	Arch             string           // DHCP option 93.
 	DomainSearch     []string         // DHCP option 119.
+	Disabled         bool             // If true, no DHCP response should be sent.
 }
 
 // Netboot holds info used in netbooting a client.

diff --git a/internal/dhcp/handler/reservation/handler.go b/internal/dhcp/handler/reservation/handler.go
@@ -83,6 +83,12 @@ func (h *Handler) Handle(ctx context.Context, conn *ipv4.PacketConn, p data.Pack
 
 			return
 		}
+		if d.Disabled {
+			log.Info("DHCP is disabled for this MAC address, no response sent")
+			span.SetStatus(codes.Ok, "disabled DHCP response")
+
+			return
+		}
 		log.Info("received DHCP packet", "type", p.Pkt.MessageType().String())
 		reply = h.updateMsg(ctx, p.Pkt, d, n, dhcpv4.MessageTypeOffer)
 		log = log.WithValues("type", dhcpv4.MessageTypeOffer.String())
@@ -98,6 +104,12 @@ func (h *Handler) Handle(ctx context.Context, conn *ipv4.PacketConn, p data.Pack
 
 			return
 		}
+		if d.Disabled {
+			log.Info("DHCP is disabled for this MAC address, no response sent")
+			span.SetStatus(codes.Ok, "disabled DHCP response")
+
+			return
+		}
 		log.Info("received DHCP packet", "type", p.Pkt.MessageType().String())
 		reply = h.updateMsg(ctx, p.Pkt, d, n, dhcpv4.MessageTypeAck)
 		log = log.WithValues("type", dhcpv4.MessageTypeAck.String())