Re: [foreman-dev] How to disable puppet management of DHCP/DNS/TFTP
On Fri, Aug 11, 2017 at 08:25:56AM +0200, Lukas Zapletal wrote: Thanks, created http://projects.theforeman.org/issues/20555 If anyone can take a look, this has been pain for a very long time. https://github.com/theforeman/puppet-dns/pull/95 Now, what workaround do you recommend for DNS today? How to essentially stop updating it with our installer? I expect --foreman-proxy-dns-managed=false to do exactly what you want so it surprises me this doesn't work. I've tried it locally and I can add things to /etc/named/zones.conf without it being overwritten. LZ On Thu, Aug 10, 2017 at 5:48 PM, Ewoud Kohl van Wijngaardenwrote: On Tue, Aug 01, 2017 at 01:08:14PM +0200, Lukas Zapletal wrote: I wrote a short blogpost about how to add new DHCP subnet to Foreman: https://theforeman.org/2017/07/adding-new-subnet-for-provisioning.html At the end of the post, I am giving an advice to turn off DHCP puppet management so new declarations won't get overwritten as our puppet modules (or installer not sure) do not support multiple declarations. But when I edit foreman-installer answer files, it does not work actually. I tried to do this via foreman-installer switches (changed the blog post) to: # foreman-installer -v -n --scenario katello \ --foreman-proxy-dns=true --foreman-proxy-dns-managed=false \ --foreman-proxy-dhcp=true --foreman-proxy-dhcp-managed=false This seemed to work but I was fooled, I was running with dry run and we have a bug that the installer actually commits some changes (!!!) so it is actually not working at all and I had to fix my instance after this screwup. Now the question is - how the heck do I stop puppet or our installer from modifying dhcpd.conf? Can someone tell me please so I can change the post once again? I spent an hour trying to figure out. I think this is the wrong approach and it's better to make the installer set up the zones for you. While sadly we don't expose this option in the installer, we can use hiera by placing the following content in /etc/foreman-installer/custom-hiera.yaml: dhcp::pools: isolated.lan: network: 192.168.99.0 mask: 255.255.255.0 gateway: 192.168.99.1 range: 192.168.99.5 192.168.99.49 Now if you re-run the installer you should get an additional subnet. Sadly this is not possible for DNS but we could add that support. -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [foreman-dev] kerberos auth for the API
Hello, yes, kerberos API authentication is tracked in the issue that you sent. Unfortunately there's really no solution yet. Important prerequisites have been released with the Foreman 1.15 (session support in the API) but the API still lacks entry point for external login (equivalent of /users/extlogin). T. On Tue, Aug 8, 2017 at 2:16 AM, Sergei Gerasenkowrote: > Hello, > > I was wondering if anything exists for API authentication using kerberos. I > think this describes the issue and it looks like no solution exists yet, but > I just want to make sure that's the case. > > Thanks! > > -- > You received this message because you are subscribed to the Google Groups > "foreman-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to foreman-dev+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[foreman-dev] Jenkins will show Rails logs for all failed tests
Hey, I had an idea today which turned into: https://github.com/theforeman/foreman/pull/4739 When there is a test failure, it is usually impossible to find the correct log in logs/test.log file for paritular failed tests. This patch automatically adds Rails logs (including ActiveRecord) to STDOUT for every single test failure, so it's visible. Each log transaction starts with "Rails logs for [name of the test] FAILURE" so it's easy to grep it. This hooks into ActiveSupport::TestCase, so make sure you do not use Minitest::Test directly. We do not do that, there was just a one test which was changed. Remember, if you run into issues on Jenkins, open full console output and search for "Rails logs" to find the logs for failed tests (once the PR is merged). -- Later, Lukas @lzap Zapletal -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [foreman-dev] How to disable puppet management of DHCP/DNS/TFTP
Thanks, created http://projects.theforeman.org/issues/20555 If anyone can take a look, this has been pain for a very long time. Now, what workaround do you recommend for DNS today? How to essentially stop updating it with our installer? LZ On Thu, Aug 10, 2017 at 5:48 PM, Ewoud Kohl van Wijngaardenwrote: > On Tue, Aug 01, 2017 at 01:08:14PM +0200, Lukas Zapletal wrote: >> >> I wrote a short blogpost about how to add new DHCP subnet to Foreman: >> >> https://theforeman.org/2017/07/adding-new-subnet-for-provisioning.html >> >> At the end of the post, I am giving an advice to turn off DHCP puppet >> management so new declarations won't get overwritten as our puppet >> modules (or installer not sure) do not support multiple declarations. >> >> But when I edit foreman-installer answer files, it does not work >> actually. I tried to do this via foreman-installer switches (changed >> the blog post) to: >> >> # foreman-installer -v -n --scenario katello \ >> --foreman-proxy-dns=true --foreman-proxy-dns-managed=false \ >> --foreman-proxy-dhcp=true --foreman-proxy-dhcp-managed=false >> >> This seemed to work but I was fooled, I was running with dry run and >> we have a bug that the installer actually commits some changes (!!!) >> so it is actually not working at all and I had to fix my instance >> after this screwup. >> >> Now the question is - how the heck do I stop puppet or our installer >> from modifying dhcpd.conf? Can someone tell me please so I can change >> the post once again? I spent an hour trying to figure out. > > > I think this is the wrong approach and it's better to make the installer set > up the zones for you. While sadly we don't expose this option in the > installer, we can use hiera by placing the following content in > /etc/foreman-installer/custom-hiera.yaml: > > dhcp::pools: > isolated.lan: >network: 192.168.99.0 >mask: 255.255.255.0 >gateway: 192.168.99.1 >range: 192.168.99.5 192.168.99.49 > > Now if you re-run the installer you should get an additional subnet. > > Sadly this is not possible for DNS but we could add that support. > > -- > You received this message because you are subscribed to the Google Groups > "foreman-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to foreman-dev+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Later, Lukas @lzap Zapletal -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.