from:"fbo"

[foreman-users] Re: Import Salt States fails with ERF12-4701 and ERF-12-7301

2017-02-09 Thread fbo

Sorry, my fault. Seems we really need to create a saltuser, and the 
disable_ssl option was not a good idea.

Works fine now

Le mercredi 8 février 2017 16:57:52 UTC+1, fbo a écrit :
>
> Hi,
>
> I recently installed The Foreman on a server, and moved our Salt Master 
> also on it ( previous master was on a RedHat 6.6 ). I'm trying to get the 
> salt reports on foreman and having issues with configuration.
>
> Here are the config files : 
>
> - /etc/salt/master :
> external_auth:
>   pam:
> root:
>   - '@runner'
>
> rest_cherrypy:
>   port: 9191
>   host: 10.0.244.110
>   disable_ssl: true
>   ssl_key: /etc/puppetlabs/puppet/ssl/private_keys/testserver.pem
>   ssl_crt: /etc/puppetlabs/puppet/ssl/certs/testserver.pem
>   webhook_disable_auth: True
>
> - /etc/foreman-proxy/settings.d/salt.yml :
> :enabled: https
> :autosign_file: /etc/salt/autosign.conf
> :salt_command_user: root
> # Some features require using the Salt API - such as listing environments 
> and retrieving state info
> :use_api: true
> :api_url: https://testserver:9191
> :api_auth: pam
> :api_username: root
> :api_password: 
>
> The important lines in proxy log file /var/log/foreman-proxy/proxy.log :
>
> W, [2017-02-08T16:10:55.438461 ]  WARN -- : TCPServer Error: Address 
> already in use - bind(2)
> ...
> E, [2017-02-08T16:31:53.172904 ] ERROR -- : Failed to list environments: 
> SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown 
> protocol
> D, [2017-02-08T16:31:53.173046 ] DEBUG -- : Failed to list environments: 
> SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown 
> protocol
>
> They don't seem to communicate, probably for authentification reasons. I 
> tried to replace the saltuser with root user, and to disable security to 
> see if it works, but still got this error.
> I tried to look for different values for api_auth also but couldn't find 
> any doc
>
> Any idea why ? Or a simple procedure to configure this ? Both run on the 
> same server, no particular need for a specific Salt user.
>
> Thanks for your help
>

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

[foreman-users] Import Salt States fails with ERF12-4701 and ERF-12-7301

2017-02-08 Thread fbo

Hi,

I recently installed The Foreman on a server, and moved our Salt Master 
also on it ( previous master was on a RedHat 6.6 ). I'm trying to get the 
salt reports on foreman and having issues with configuration.

Here are the config files : 

- /etc/salt/master :
external_auth:
  pam:
root:
  - '@runner'

rest_cherrypy:
  port: 9191
  host: 10.0.244.110
  disable_ssl: true
  ssl_key: /etc/puppetlabs/puppet/ssl/private_keys/testserver.pem
  ssl_crt: /etc/puppetlabs/puppet/ssl/certs/testserver.pem
  webhook_disable_auth: True

- /etc/foreman-proxy/settings.d/salt.yml :
:enabled: https
:autosign_file: /etc/salt/autosign.conf
:salt_command_user: root
# Some features require using the Salt API - such as listing environments 
and retrieving state info
:use_api: true
:api_url: https://testserver:9191
:api_auth: pam
:api_username: root
:api_password: 

The important lines in proxy log file /var/log/foreman-proxy/proxy.log :

W, [2017-02-08T16:10:55.438461 ]  WARN -- : TCPServer Error: Address 
already in use - bind(2)
...
E, [2017-02-08T16:31:53.172904 ] ERROR -- : Failed to list environments: 
SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown 
protocol
D, [2017-02-08T16:31:53.173046 ] DEBUG -- : Failed to list environments: 
SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown 
protocol

They don't seem to communicate, probably for authentification reasons. I 
tried to replace the saltuser with root user, and to disable security to 
see if it works, but still got this error.
I tried to look for different values for api_auth also but couldn't find 
any doc

Any idea why ? Or a simple procedure to configure this ? Both run on the 
same server, no particular need for a specific Salt user.

Thanks for your help

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

[foreman-users] Re: Import Salt States fails with ERF12-4701 and ERF-12-7301

[foreman-users] Import Salt States fails with ERF12-4701 and ERF-12-7301

2 matches

Site Navigation

Mail list logo

Footer information