Greetings Thomas, So ideally the DNS comes from DHCP. It sounds like in this case, a union of configuration is using FQDNs whereas the template was likely framed with some expectation that the value would be an IP. If it was an IP it should just likely work, but DNS is likely better overall. To remedy that, it seems like the dnsmasq template just needs to be updated to include a server or servers. Ultimately dnsmasq is not. a recursive resolver in itself, so requests really need to be forwarded. You could always just manually inject a dns resolution configuration into your IPA ramdisks as well. We have some examples in the ironic documentation on taking apart, modifying, and re-packaging an IPA ramdisk. Hope this helps! -Julia On Mon, Nov 3, 2025 at 7:17 AM Thomas Sell <thomas.sell@mdc-berlin.de> wrote:

Hey everyone,

I'm facing a weird issue when trying to enroll baremetal compute hosts into Ironic using the self-enrollment/discovery method. Our Openstack is running 2025.1 and is based on Kolla-Ansible/Kayobe.

What I'm seeing:

- New hosts iPXE boot into IPA ramdisk. - IPA does its thing, gathering information. - IPA tries to report back to http://{{ kolla_internal_fqdn }}:5050 - The API call fails because no nameservers are available.

I've tried to figure out where the IPA ramdisk is supposed to get its DNS config from and could not. There are no dhcp-options set in Ironic's dnsmasq.conf and looking at the Ansible template for this file, I believe this is by design. Inside the ramdisk /etc/resolv.conf is empty, yet IPA is configured to call-back to a FQDN, not an IP.

I'm a bit puzzled about how this is supposed to work. We're using IPA images downloaded from https://tarballs.openstack.org. Do I need to build my own image? I also cannot find any mention of a separate DNS config for Ironic introspection in the documentation.

Any help or hints are appreciated!

Best, Thomas