[foreman-users] Re: Katello 3.4.3 Released: Now with Pulp 2.13

2017-07-19 Thread jpavel 
For my part, I'm very grateful you did it this way - the problems 
introduced were blocking us, and upgrading to 3.4.3 was simple enough. 
Thank you!

On Friday, July 14, 2017 at 11:51:00 AM UTC-4, Eric Helms wrote:
>
> Happy Friday,
>
> Today we are announcing the GA of Katello 3.4.3 which is an update to our 
> backend Pulp system. This update brings in Pulp 2.13.2 which is a minor 
> release update from previous Pulp 2.12. This is the first release we've 
> upgraded the Pulp stack in a z-stream for. 
>
> There are a number of issues users hit and have to work around that had 
> been identified as having been fixed in Pulp 2.13 which is why we have 
> chosen to update it for Katello 3.4.3. We would appreciate any feedback as 
> you upgrade as to how users feel about this sort of update in a z-stream 
> release.
>
> Please file any issues you find and we will promptly look at them. We will 
> be planning to do a more normal z-stream release in the coming week to 
> bring in a number of updates to the application itself.
>
> As always, we thank you for your patience, and for using your software. 
> Cheers!
>
> -- 
> Eric D. Helms
> Red Hat Engineering
>

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

[foreman-users] Help with plugin - Gem loading error: cannot load such file

2017-07-19 Thread jpavel 
What's really strange is that I have thus plugin working on a test 
installation, but I can't get it to work on production.

*NOT MY 
CODE* https://github.com/0110001001100101011001010111/foreman_azure_rm 
- this is something I'm really, really interested in getting working.

The gem builds fine (gem build foreman_azure_rm.gemspec) - and I can 
install the same exact gem on my test server.

I install it via: scl enable tfm "gem install 
/root/foreman_azure_rm/foreman_azure_rm-1.3.0.gem"

I can see the gem in 
/opt/rh/rh-ruby22/root/usr/local/share/gems/gems/foreman_azure_rm-1.3.0

I create /usr/share/foreman/bundler.d/Gemfile.local.rb, with a single line: 
gem 'foreman_azure_rm'

I restart httpd, and I get: *Gem loading error: cannot load such file -- 
foreman_azure_rm (RuntimeError)*

If I run: scl enable tfm "gem list", I see the gem listed. And when I list: 
scl enable tfm "gem contents foreman_azure_rm", everything is listed in the 
/opt/rh/rh-ruby22/root/usr/local/share/gems/gems path.

Any help on how I can troubleshoot this? Have I done something wrong?


-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

Re: Re: [foreman-users] foreman-ansible callback

2017-07-19 Thread Daniel Lobato Garcia 
On 07/19, Dan Sk wrote:
> Hi Daniel Lobato,
> thanks for the replay. I use foreman with katello. So I
> used /etc/pki/katello/certs/katello-apache.crt
> and /etc/pki/katello/private/katello-apache.key as mentioned
> in /etc/httpd/conf.d/05-foreman-ssl.conf but still without success.

Are you sure that's it? My Apache config file is 05-katello-ssl.conf,
and the cert/key are:


  SSLCertificateFile "/etc/pki/katello/certs/katello-default-ca.crt"
  SSLCertificateKeyFile "/etc/pki/katello/private/katello-default-ca.key"




>
> Here are current logs:
> ==> /var/log/foreman/production.log <==
> 2017-07-19 09:27:50 d0a8c61a [app] [I] Started POST "/api/v2/hosts/facts"
> for 172.27.9.166 at 2017-07-19 09:27:50 +0200
> 2017-07-19 09:27:50 d0a8c61a [app] [I] Processing by
> Api::V2::HostsController#facts as JSON
> 2017-07-19 09:27:50 d0a8c61a [app] [I]   Parameters:
> {"facts"=>"[FILTERED]", "name"=>"client.in.corp", "apiv"=>"v2",
> :host=>{"name"=>"client.in.corp"}}
> 2017-07-19 09:27:50 d0a8c61a [app] [W] No SSL cert with CN supplied -
> request from 172.27.9.166,
> 2017-07-19 09:27:50 d0a8c61a [app] [W] SSO failed
> 2017-07-19 09:27:50 d0a8c61a [app] [I]   Rendered
> api/v2/errors/access_denied.json.rabl within api/v2/layouts/error_layout
> (1.0ms)
> 2017-07-19 09:27:50 d0a8c61a [app] [I] Filter chain halted as
> #
> rendered or redirected
> 2017-07-19 09:27:50 d0a8c61a [app] [I] Completed 403 Forbidden in 10ms
> (Views: 2.1ms | ActiveRecord: 0.5ms)
> 2017-07-19 09:27:50 5216bc1a [app] [I] Started POST "/api/v2/hosts/facts"
> for IP_FOREMAN_URL at 2017-07-19 09:27:50 +0200
> 2017-07-19 09:27:50 5216bc1a [app] [I] Processing by
> Api::V2::HostsController#facts as JSON
> 2017-07-19 09:27:50 5216bc1a [app] [I]   Parameters:
> {"facts"=>"[FILTERED]", "name"=>"client.in.corp", "apiv"=>"v2",
> :host=>{"name"=>"client.in.corp"}}
> 2017-07-19 09:27:50 5216bc1a [app] [W] No SSL cert with CN supplied -
> request from IP_FOREMAN_URL,
> 2017-07-19 09:27:50 5216bc1a [app] [W] SSO failed
> 2017-07-19 09:27:50 5216bc1a [app] [I]   Rendered
> api/v2/errors/access_denied.json.rabl within api/v2/layouts/error_layout
> (0.5ms)
> 2017-07-19 09:27:50 5216bc1a [app] [I] Filter chain halted as
> #
> rendered or redirected
> 2017-07-19 09:27:50 5216bc1a [app] [I] Completed 403 Forbidden in 5ms
> (Views: 1.4ms | ActiveRecord: 0.0ms)
>
> Is there any debug mode or curl command which could give me some hint?
>
> Thank you very moch.
> Daniel Slezak
>
> Dne úterý 18. července 2017 17:23:01 UTC+2 Daniel Lobato napsal(a):
> >
> > On 07/18, Dan Sk wrote:
> > >
> > >
> > > Hi,
> > >
> > > I am lost with setting of callback/foreman.py.
> > >
> > > We use Foreman 1.15.2, Katello 3.4.2, foreman_ansible 1.4.5 (with
> > updated callback/forman.py from github) and ansible 2.3.1 on CentOS 7.
> > >
> > > I think i know where Foreman runs.
> > > curl -k -H "Accept: application/json" https://fqdn.in.corp/status
> > > {"result":"ok","status":"ok","version":"1.15.2","db_duration_ms":"3"}
> > >
> > > Checked certification as is on
> > https://www.theforeman.org/plugins/foreman_ansible/1.x/index.html#2.1Ansiblecallback
> > > Request check for certifications
> > http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
> > > python
> > >
> > > import requests
> > > requests.get('https://fqdn.in.corp/',
> > cert=('/etc/foreman/client_cert.pem', '/etc/foreman/client_key.pem'))
> > >
> > > 
> > >
> > > But when run ansible -m setup client.in.corp i see
> > >
> > > 2017-07-18 14:26:25 91503c77 [app] [I] Started POST
> > "/api/v2/hosts/facts" for IP_FOREMAN_URL at 2017-07-18 14:26:25 +0200
> > > 2017-07-18 14:26:25 91503c77 [app] [I] Processing by
> > Api::V2::HostsController#facts as JSON
> > > 2017-07-18 14:26:25 91503c77 [app] [I]   Parameters:
> > {"facts"=>"[FILTERED]", "name"=>"client.in.corp", "apiv"=>"v2",
> > :host=>{"name"=>"client.in.corp"}}
> > > 2017-07-18 14:26:25 91503c77 [app] [D] Importer
> > Katello::RhsmFactImporter does not implement
> > authorized_smart_proxy_features.
> > > 2017-07-18 14:26:25 91503c77 [app] [D] Importer
> > ForemanAnsible::StructuredFactImporter does not implement
> > authorized_smart_proxy_features.2017-07-18 14:26:25 91503c77 [app] [W] No
> > SSL cert with CN supplied - request from IP_FOREMAN_URL,
> > > 2017-07-18 14:26:25 91503c77 [app] [W] SSO failed
> > > 2017-07-18 14:26:25 91503c77 [app] [I]   Rendered
> > api/v2/errors/access_denied.json.rabl within api/v2/layouts/error_layout
> > (0.8ms)
> > > 2017-07-18 14:26:25 91503c77 [app] [I] Filter chain halted as
> > #
> >

[foreman-users] Problem installing a smart-proxy with puppet on Foreman 1.15/Katello 3.4

2017-07-19 Thread louis . coilliot 
Hello,

I have a fresh new Foreman 1.15/Katelo 3.4 installation.

I try to get a smart-proxy working with the puppet master feature, with the 
puppet CA on the main Foreman server.

Problem 1 : when I try to install the smart proxy with the procedure 
from https://theforeman.org/manuals/1.15/#3.2.3InstallationScenarios 
section 'Standalone Puppet master', I can't get my smart proxy to 
communicate with the main server. I get some SSL certs verification failed.

So I try the procedure 
from https://theforeman.org/plugins/katello/3.4/installation/smart_proxy.html, 
as I have Katello installed.

The command I'm using is :

foreman-installer \
--scenario foreman-proxy-content\
--foreman-proxy-content-parent-fqdn   "$MAINSRV"\
--foreman-proxy-register-in-foreman   "true"\
--foreman-proxy-foreman-base-url  "https://$MAINSRV"\
--foreman-proxy-trusted-hosts "$MAINSRV"\
--foreman-proxy-trusted-hosts "$CAPSULE"\
--foreman-proxy-oauth-consumer-key"$OCK"\
--foreman-proxy-oauth-consumer-secret "$OCS"\
--foreman-proxy-content-pulp-oauth-secret "$POS"\
--foreman-proxy-content-certs-tar "/root/${CAPSULE}-certs.tar"\
--foreman-proxy-puppetca  "false" \
--foreman-proxy-puppet"true" \
--foreman-proxy-tftp  "false" \
--foreman-proxy-logs  "false" \
--foreman-proxy-templates "false" \
--puppet-server-foreman-url   "https://$MAINSRV;

I also provided the keys for the puppet master, from the doc 
"https://theforeman.org/manuals/1.15/#3.2.3InstallationScenarios;, section 
'SSL certificate authority setup'

Those keys are not in the certs.tar and if I don't provide them the 
installer on the smart proxy recreates a puppet CA, I think.



Problem 2: during the installation of the packages, I get :

Installing : foreman-installer-katello-3.4.2-1.el7.noarch   
 48/48 
warning: %posttrans(foreman-installer-katello-3.4.2-1.el7.noarch) scriptlet 
failed, exit status 26
Non-fatal POSTTRANS scriptlet failure in rpm package 
foreman-installer-katello-3.4.2-1.el7.noarch



Problem 3 : when I run the command 'foreman-installer', during the first 
run I get :

 '/usr/bin/pulp-gen-ca-certificate' returned 1 instead of one of [0]
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/errors.rb:106:in 
`fail'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/exec.rb:164:in 
`sync'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:236:in
 
`sync'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:134:in
 
`sync_if_needed'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:88:in
 
`block in perform_changes'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:87:in
 
`each'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:87:in
 
`perform_changes'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:21:in
 
`evaluate'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:230:in 
`apply'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:246:in 
`eval_resource'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:163:in 
`call'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:163:in 
`block (2 levels) in evaluate'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:387:in `block in 
thinmark'
/opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in `realtime'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:386:in `thinmark'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:163:in 
`block in evaluate'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:118:in
 
`traverse'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:154:in 
`evaluate'
/usr/share/gems/gems/kafo-2.0.0/modules/kafo_configure/lib/puppet/parser/functions/add_progress.rb:30:in
 
`evaluate_with_trigger'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:222:in 
`block in apply'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/log.rb:155:in 
`with_destination'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/report.rb:142:in 
`as_logging_destination'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:221:in 
`apply'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:171:in 
`block in apply_catalog'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:224:in `block in 
benchmark'
/opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in `realtime'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:223:in 
`benchmark'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:170:in 
`apply_catalog'

Re: [foreman-users] minor upgrade

2017-07-19 Thread Lukas Zapletal 
You are not expected to do that, RPM packages do call db migration and
seed automatically, but I always recommend to run puppet on *noop*
mode to see the drift.

foreman-installer --scenario katello -v -n

LZ

On Wed, Jul 19, 2017 at 9:24 AM, Johan Loubser  wrote:
> Hello
>
> When doing minor upgrade (normal yum update on CentOS 7) do i need to do
> "foreman-installer --scenario katello --upgrade"
> And in specific case 3.4.2 to 3.4.3 (pulp upgrade 2.12 to 2.13)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Foreman users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to foreman-users+unsubscr...@googlegroups.com.
> To post to this group, send email to foreman-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/foreman-users.
> For more options, visit https://groups.google.com/d/optout.



-- 
Later,
  Lukas @lzap Zapletal

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

Re: [foreman-users] foreman-ansible callback

2017-07-19 Thread Dan Sk 
Hi Daniel Lobato,
thanks for the replay. I use foreman with katello. So I 
used /etc/pki/katello/certs/katello-apache.crt 
and /etc/pki/katello/private/katello-apache.key as mentioned 
in /etc/httpd/conf.d/05-foreman-ssl.conf but still without success.

Here are current logs:
==> /var/log/foreman/production.log <==
2017-07-19 09:27:50 d0a8c61a [app] [I] Started POST "/api/v2/hosts/facts" 
for 172.27.9.166 at 2017-07-19 09:27:50 +0200
2017-07-19 09:27:50 d0a8c61a [app] [I] Processing by 
Api::V2::HostsController#facts as JSON
2017-07-19 09:27:50 d0a8c61a [app] [I]   Parameters: 
{"facts"=>"[FILTERED]", "name"=>"client.in.corp", "apiv"=>"v2", 
:host=>{"name"=>"client.in.corp"}}
2017-07-19 09:27:50 d0a8c61a [app] [W] No SSL cert with CN supplied - 
request from 172.27.9.166, 
2017-07-19 09:27:50 d0a8c61a [app] [W] SSO failed
2017-07-19 09:27:50 d0a8c61a [app] [I]   Rendered 
api/v2/errors/access_denied.json.rabl within api/v2/layouts/error_layout 
(1.0ms)
2017-07-19 09:27:50 d0a8c61a [app] [I] Filter chain halted as 
#
 
rendered or redirected
2017-07-19 09:27:50 d0a8c61a [app] [I] Completed 403 Forbidden in 10ms 
(Views: 2.1ms | ActiveRecord: 0.5ms)
2017-07-19 09:27:50 5216bc1a [app] [I] Started POST "/api/v2/hosts/facts" 
for IP_FOREMAN_URL at 2017-07-19 09:27:50 +0200
2017-07-19 09:27:50 5216bc1a [app] [I] Processing by 
Api::V2::HostsController#facts as JSON
2017-07-19 09:27:50 5216bc1a [app] [I]   Parameters: 
{"facts"=>"[FILTERED]", "name"=>"client.in.corp", "apiv"=>"v2", 
:host=>{"name"=>"client.in.corp"}}
2017-07-19 09:27:50 5216bc1a [app] [W] No SSL cert with CN supplied - 
request from IP_FOREMAN_URL, 
2017-07-19 09:27:50 5216bc1a [app] [W] SSO failed
2017-07-19 09:27:50 5216bc1a [app] [I]   Rendered 
api/v2/errors/access_denied.json.rabl within api/v2/layouts/error_layout 
(0.5ms)
2017-07-19 09:27:50 5216bc1a [app] [I] Filter chain halted as 
#
 
rendered or redirected
2017-07-19 09:27:50 5216bc1a [app] [I] Completed 403 Forbidden in 5ms 
(Views: 1.4ms | ActiveRecord: 0.0ms)

Is there any debug mode or curl command which could give me some hint?

Thank you very moch.
Daniel Slezak

Dne úterý 18. července 2017 17:23:01 UTC+2 Daniel Lobato napsal(a):
>
> On 07/18, Dan Sk wrote: 
> > 
> > 
> > Hi, 
> > 
> > I am lost with setting of callback/foreman.py. 
> > 
> > We use Foreman 1.15.2, Katello 3.4.2, foreman_ansible 1.4.5 (with 
> updated callback/forman.py from github) and ansible 2.3.1 on CentOS 7. 
> > 
> > I think i know where Foreman runs. 
> > curl -k -H "Accept: application/json" https://fqdn.in.corp/status 
> > {"result":"ok","status":"ok","version":"1.15.2","db_duration_ms":"3"} 
> > 
> > Checked certification as is on 
> https://www.theforeman.org/plugins/foreman_ansible/1.x/index.html#2.1Ansiblecallback
>  
> > Request check for certifications 
> http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
>  
> > python 
> > 
> > import requests 
> > requests.get('https://fqdn.in.corp/', 
> cert=('/etc/foreman/client_cert.pem', '/etc/foreman/client_key.pem')) 
> > 
> >  
> > 
> > But when run ansible -m setup client.in.corp i see 
> > 
> > 2017-07-18 14:26:25 91503c77 [app] [I] Started POST 
> "/api/v2/hosts/facts" for IP_FOREMAN_URL at 2017-07-18 14:26:25 +0200 
> > 2017-07-18 14:26:25 91503c77 [app] [I] Processing by 
> Api::V2::HostsController#facts as JSON 
> > 2017-07-18 14:26:25 91503c77 [app] [I]   Parameters: 
> {"facts"=>"[FILTERED]", "name"=>"client.in.corp", "apiv"=>"v2", 
> :host=>{"name"=>"client.in.corp"}} 
> > 2017-07-18 14:26:25 91503c77 [app] [D] Importer 
> Katello::RhsmFactImporter does not implement 
> authorized_smart_proxy_features. 
> > 2017-07-18 14:26:25 91503c77 [app] [D] Importer 
> ForemanAnsible::StructuredFactImporter does not implement 
> authorized_smart_proxy_features.2017-07-18 14:26:25 91503c77 [app] [W] No 
> SSL cert with CN supplied - request from IP_FOREMAN_URL, 
> > 2017-07-18 14:26:25 91503c77 [app] [W] SSO failed 
> > 2017-07-18 14:26:25 91503c77 [app] [I]   Rendered 
> api/v2/errors/access_denied.json.rabl within api/v2/layouts/error_layout 
> (0.8ms) 
> > 2017-07-18 14:26:25 91503c77 [app] [I] Filter chain halted as 
> #
>  
> 
>  
> rendered or redirected 
> > 2017-07-18 14:26:25 91503c77 [app] [I] Completed 403 Forbidden in 6ms 
> (Views: 1.6ms | ActiveRecord: 0.0ms) 
> > 
> > 
> > If i use FOREMAN_USER/FOREMAN_PASSWORD combination facts upload 
> correctly. So i am pretty sure it is installed correctly. 
> > 
> > Configuration part in callback/foreman.py 
> >  FOREMAN_URL =