Re: [foreman-users] Re: foreman/katello smart-proxy setup

2017-06-03 Thread Eric D Helms 
Katello does not use the puppet certificates for a majority of
configuration which means that if you follow the Smart Proxy instructions
you pointed to you'll likely end up with a smart proxy that cannot
communicate back to the server.

Was your DHCP smart proxy an existing smart proxy or a fresh install? I
would recommend looking at how to install a smart proxy when you have a
Katello install:

https://theforeman.org/plugins/katello/3.4/installation/smart_proxy.html

This by default configures the smart proxy with content for syncing content
to an external location or datacenter. If you are not wanting to use this
and thus want a lighter weight smart proxy with your Katello install you
can disable Pulp setup and configuration.

Eric

On May 29, 2017 5:35 AM, "Vincenzo Z"  wrote:

> update when I use the foreman-installer without Katello I can add my DHCP
> proxy without problems:
>
> foreman-installer --scenario foreman --foreman-admin-password test
>
>
>
> Le mercredi 24 mai 2017 15:12:11 UTC+2, Vincenzo Z a écrit :
>>
>> Hello,
>>
>>
>> I'm trying to install katello/foreman with a DHCP smart-proxy located on
>> another server.
>>
>> My first attempt was to use a certificate signed by our internal CA with
>> this command:
>> foreman-installer --scenario katello --foreman-admin-password test
>> --certs-server-cert "/root/katello_certs/katello2.example.com.crt"
>> --certs-server-cert-req "/root/katello_certs/katello2.example.com.csr"
>> --certs-server-key "/root/katello_certs/katello2.example.com.key"
>> --certs-server-ca-cert "/root/katello_certs/cacert.pem"
>>
>> Installation was successful and I was able to connect to my foreman web
>> interface without SSL warnings.
>>
>>
>> Next step was to setup the connection between my foreman and my DHCP
>> smart-proxy:
>>
>> So I followed the steps documented here https://theforeman.org/manuals
>> /1.15/index.html#4.3SmartProxies
>>
>> generate my cert on my foreman server:
>>
>> puppet cert generate dhcp.example.com
>>
>> copy cert, ca and key to the /etc/foreman-proxy/ssl directory on my DHCP 
>> smart-proxy
>>
>> edit my setting.yml config file like this:
>>
>> ---
>> :settings_directory: "/etc/foreman-proxy/settings.d"
>> :daemon: true
>> :daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid
>> :bind_host: '*'
>> :https_port: 8443
>> :ssl_certificate: /etc/foreman-proxy/ssl/dhcp.example.com.pem
>> :ssl_ca_file: /etc/foreman-proxy/ssl/ca.pem
>> :ssl_private_key: /etc/foreman-proxy/ssl/dhcp.example.com.key
>> :trusted_hosts:
>> - katello2.example.com
>> :log_file: /var/log/foreman-proxy/proxy.log
>> :log_level: DEBUG
>>
>> open firewall ports
>>
>> When I try to connect from my foreman web interface with this URL 
>> https://dhcp.example.com:8443
>>
>> I get this error message in the log file of my DHCP smart-proxy:
>>
>> "OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=unknown
>> state: tlsv1 alert unknown ca"
>>
>>
>> It's a CA issue maybe because I'm playing with internal CA so I tried
>> with the self-signed certificates generated with the foreman/katello
>> installation:
>>
>> foreman-installer --scenario katello --foreman-admin-password "test"
>>
>> Same error.
>>
>>
>> I think I miss something in the smart-proxy setup  and I don't play with
>> the right certificates.
>>
>> I probably don't use the same CA to sign my foreman certificate and my
>> DHCP smart-proxy certificate.
>>
>> Can somebody put me in the good direction to solve this problem?
>>
>>
>> Best regards,
>>
>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Foreman users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to foreman-users+unsubscr...@googlegroups.com.
> To post to this group, send email to foreman-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/foreman-users.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

Re: [foreman-users] Applicable packages not updated since upgrade since upgrade from Katello3.3 to 3.4

2017-06-03 Thread Eric D Helms 
Howdy,

You are the second user to report an issue around applicable packages in
3.4. Would you mind filing a redmine issue with details for us to
investigate?

Eric

On Jun 3, 2017 5:46 AM, "pascalp"  wrote:

> Hello,
>
> ever since I updated Katello from 3.3 to 3.4 I do not get any available
> package updates listed at "content hosts". Manually doing a "yum update" on
> a machine shows available updates.
> I also noticed there is no execution of task "Generate applicability" ever
> since the upgrade in the task history.
>
> 
>
> foreman-1.15.0-1.el7.noarch
> katello-3.4.0-3.el7.noarch
> pulp-server-2.12.2-1.el7.noarch
>
> I would be glad for any advice on how to troubleshoot/solve this.
>
> Thanks
>
> Pascal
>
> --
> You received this message because you are subscribed to the Google Groups
> "Foreman users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to foreman-users+unsubscr...@googlegroups.com.
> To post to this group, send email to foreman-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/foreman-users.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

Re: [foreman-users] Katello not showing available Updates

2017-06-03 Thread Eric D Helms 
Howdy Tim,

Let's check a few items to narrow down what the issue might be:

 * you've got katello-agent installed on the host and goferd is running;
does the UI indicate that it knows katello-agent is installed?
 * if you look at the package list for the content host do you see the
outdated nginx listed?
 * The content host is currently registered to a content view that contains
the EPEL repository? (I assume yes since yum update picks up the update but
just checking)

You could try restarting goferd on the host.

Eric

On Jun 3, 2017 10:07 AM, "Tim Hofmann"  wrote:

Hey guys,

i got a strange issue. I did a fresh install of katello 3.4 on CentOS 7.
On a second CentOs 7 VM i installed an outdated nginx version.
On the next step i added the EPEL Repo's to Katello synced them and added
my Outdated nginx VM. I also installed the katello agent on this vm.

The Problem is now that katello isnt't showing up any availible updates for
my outdated nginx VM (on yum update the newer version on nginx is showing
up).

Is this by design or i am doing something wrong?

thanks in advance and sorry for my bad english :-/

-- 
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

[foreman-users] Katello not showing available Updates

2017-06-03 Thread Tim Hofmann 
Hey guys,

i got a strange issue. I did a fresh install of katello 3.4 on CentOS 7.
On a second CentOs 7 VM i installed an outdated nginx version.
On the next step i added the EPEL Repo's to Katello synced them and added 
my Outdated nginx VM. I also installed the katello agent on this vm.

The Problem is now that katello isnt't showing up any availible updates for 
my outdated nginx VM (on yum update the newer version on nginx is showing 
up).

Is this by design or i am doing something wrong?

thanks in advance and sorry for my bad english :-/

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

Re: [foreman-users] pxelinux.cfg file not created when using discovery plugin API

2017-06-03 Thread ejsteitz 
I had a similar issue. Removal of line 8  host.clear_association_cache in 
app/services/foreman_discovery/host_converter.rb 

 appears 
to have fixed it! Thank you

On Wednesday, May 17, 2017 at 2:52:08 AM UTC-6, Lukas Zapletal wrote:
>
> Hello, might be also http://projects.theforeman.org/issues/19313 
>
> Try to comment out this line: 
>
>
> https://github.com/theforeman/foreman_discovery/pull/346/files#diff-d165f1f7d8058930cfef75cad203b33eR8
>  
>
> LZ 
>
> On Tue, May 16, 2017 at 5:17 AM, Sean Larimore  > wrote: 
> > I'm running into an issue where the pxelinux.cfg file is not created 
> when 
> > using discovery plugin API to provision discovered hosts. Foreman 
> returns a 
> > 200 response and the node shows up in the inventory but after rebooting 
> it 
> > does not boot into the installer because of the missing pxelinux.cfg 
> file. 
> > I'm running foreman_discovery-8.0.1 with Foreman 1.14.3. My log output 
> is 
> > below. Any ideas on how to resolve the issue? 
> > 
> > 
> > 
> > 
> > 
> > /var/log/foreman/production.log 
> > 
> > 2017-05-15T20:42:47 d83643db [app] [I] Processing by 
> > Api::V2::DiscoveredHostsController#update as JSON 
> > 2017-05-15T20:42:47 d83643db [app] [I]   Parameters: 
> > {"discovered_host"=>{"ip"=>"44.128.25.4", "mac"=>"00:6b:f1:61:c2:d2", 
> > "name"=>"baremetal.example.com", "hostgroup_id"=>"18"}, "apiv"=>"v2", 
> > "id"=>"277"} 
> > 2017-05-15T20:42:47 d83643db [app] [I] Authorized user admin(Admin User) 
> > 2017-05-15T20:42:48 d83643db [app] [I]   Rendered 
> > 
> vendor/ruby/2.3.0/gems/foreman_discovery-8.0.1/app/views/api/v2/discovered_hosts/update.json.rabl
>  
>
> > (1.0ms) 
> > 2017-05-15T20:42:48 d83643db [app] [I] Completed 200 OK in 1323ms 
> (Views: 
> > 1.8ms | ActiveRecord: 50.9ms) 
> > 
> > 
> > /var/log/foreman-proxy/proxy.log 
> > 
> > I, [2017-05-15T20:42:48.339478 ]  INFO -- : 44.128.12.21 - - 
> > [15/May/2017:20:42:48 -0600] "PUT /discovery/44.128.25.4/power/reboot 
> > HTTP/1.1" 200 15 0.0948 
> > I, [2017-05-15T20:42:49.239788 ]  INFO -- : 44.128.12.21 - - 
> > [15/May/2017:20:42:49 -0600] "GET /tftp/serverName HTTP/1.1" 200 17 
> 0.0005 
> > I, [2017-05-15T20:42:49.574627 ]  INFO -- : 44.128.12.21 - - 
> > [15/May/2017:20:42:49 -0600] "GET /tftp/serverName HTTP/1.1" 200 17 
> 0.0005 
> > E, [2017-05-15T20:42:50.304281 ] ERROR -- : Failed to authenticate node 
> . 
> > Missing some headers 
> > 
> > I'm using Ansible for the API call. Playbook below. 
> > 
> > --- 
> > 
> > - hosts: localhost 
> >   tasks: 
> > 
> >   - name: Provision Bare Metal Server 
> > uri: 
> >   url: https://foreman/api/v2/discovered_hosts/278 
> >   user: "user" 
> >   password: "pass" 
> >   body_format: json 
> >   method: PUT 
> >   status_code: 200 
> >   validate_certs: no 
> >   force_basic_auth: yes 
> >   headers: 
> > Content-Type: "application/json" 
> >   body: 
> > discovered_host: 
> >   name: "baremetal.example.com" 
> >   hostgroup_id: "18" 
> >   build: "1" 
> >   mac: "00:6b:f1:61:c2:d2" 
> >   ip: "44.128.25.4" 
> > 
> > 
> > Thanks! 
> > 
> > Sean 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups 
> > "Foreman users" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an 
> > email to foreman-user...@googlegroups.com . 
> > To post to this group, send email to forema...@googlegroups.com 
> . 
> > Visit this group at https://groups.google.com/group/foreman-users. 
> > For more options, visit https://groups.google.com/d/optout. 
>
>
>
> -- 
> Later, 
>   Lukas @lzap Zapletal 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

[foreman-users] Katello 3.3 to 3.4 Upgrade (upgraded failed on Upgrade Step: db_seed) but seems to work?

2017-06-03 Thread Devin Acosta 
I upgraded today from 3.3 to 3.4 version of Katello. It appears that the 
upgrade worked cause I am able to log into Katello and from what I can tell 
everything is working, however it died at the Upgrade Step of "db_seed", 
not sure if this is expected, or if I need to worry about it? I did 
snapshot the VM before upgrading, but things appear to be working? I went 
to the http://{katello/about page and it shows happy, not sure if i should 
be concerned about this?

Success!
katello-service restart finished successfully!
Upgrade Step: db_seed...
rake aborted!
ArgumentError: wrong number of arguments (2 for 3..4)
/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-1.3.1/app/models/job_template.rb:80:in
 
`import!'
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/75-job_templates.rb:6:in
 
`block (3 levels) in '
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/75-job_templates.rb:4:in
 
`each'
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/75-job_templates.rb:4:in
 
`block (2 levels) in '
/opt/theforeman/tfm/root/usr/share/gems/gems/audited-4.4.1/lib/audited/auditor.rb:283:in
 
`without_auditing'
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/75-job_templates.rb:3:in
 
`block in '
/usr/share/foreman/app/models/concerns/foreman/thread_session.rb:75:in `as'
/usr/share/foreman/app/models/concerns/foreman/thread_session.rb:81:in 
`as_anonymous_admin'
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/75-job_templates.rb:2:in
 
`'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/dependencies.rb:268:in
 
`load'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/dependencies.rb:268:in
 
`block in load'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/dependencies.rb:240:in
 
`load_dependency'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/dependencies.rb:268:in
 
`load'
/usr/share/foreman/db/seeds.rb:38:in `block in '
/usr/share/foreman/db/seeds.rb:36:in `each'
/usr/share/foreman/db/seeds.rb:36:in `'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/dependencies.rb:268:in
 
`load'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/dependencies.rb:268:in
 
`block in load'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/dependencies.rb:240:in
 
`load_dependency'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/dependencies.rb:268:in
 
`load'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/engine.rb:547:in
 
`load_seed'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activerecord-4.2.5.1/lib/active_record/tasks/database_tasks.rb:250:in
 
`load_seed'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activerecord-4.2.5.1/lib/active_record/railties/databases.rake:183:in
 
`block (2 levels) in '
Tasks: TOP => db:seed
(See full trace by running task with --trace)
Successfully encrypted field for Setting::Auth oauth_consumer_key
Successfully decrypted field for Setting::Auth oauth_consumer_key
Successfully decrypted field for Setting::Auth oauth_consumer_key
Successfully encrypted field for Setting::Auth oauth_consumer_secret
Successfully decrypted field for Setting::Auth oauth_consumer_secret
Successfully decrypted field for Setting::Auth oauth_consumer_secret
Seeding /usr/share/foreman/db/seeds.d/02-permissions_list.rb
Seeding /usr/share/foreman/db/seeds.d/02-roles_list.rb
Seeding /usr/share/foreman/db/seeds.d/03-auth_sources.rb
Seeding /usr/share/foreman/db/seeds.d/03-permissions.rb
Seeding /usr/share/foreman/db/seeds.d/03-roles.rb
Seeding /usr/share/foreman/db/seeds.d/04-admin.rb
Seeding /usr/share/foreman/db/seeds.d/05-taxonomies.rb
Seeding /usr/share/foreman/db/seeds.d/06-architectures.rb
Seeding /usr/share/foreman/db/seeds.d/07-data.rb
Seeding /usr/share/foreman/db/seeds.d/07-provisioning_templates.rb
Seeding /usr/share/foreman/db/seeds.d/08-data.rb
Seeding /usr/share/foreman/db/seeds.d/08-partition_tables.rb
Seeding /usr/share/foreman/db/seeds.d/10-installation_media.rb
Seeding 
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/101-locations.rb
Seeding 
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/102-organizations.rb
Seeding 
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/103-provisioning_templates.rb
Seeding 
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/104-proxy.rb
Seeding 
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/106-mail_notifications.rb
Seeding 
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/107-enable_dynflow.rb
Seeding 
/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.0.2/db/seeds.d/108-subcription-bookmarks.rb
Seeding

[foreman-users] After Foreman install - there is no smartproxy and foremanserver is not added to himself

2017-06-03 Thread Samuel Marischek 
Hello, 

i have a problem new foremaninstallations at CentOS7. I followed the 
quickstart instructions on theforeman.org. I've done the installation many 
time, but every installation the same resul:
/Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[foreman.tux.local]/
ensure: change from absent to present failed: Proxy foreman.tux.local 
cannot be registered: Unable to communicate with the proxy: ERF12-2530 [
ProxyAPI::ProxyException]: Unable to detect features ([Errno::ECONNREFUSED]: 
Connection refused - connect(2) for "foreman.tux.local" port 8443) for 
proxy https://foreman.tux.local:8443/features Please check the proxy is 
configured and running on the host.



I don't know this error, everythin is resolvable. The Installcommand was 
only

foreman-installer


Maybe someone can help me to add the forehost to itself as smartproxy. 

Thanks a lot. 

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

[foreman-users] Applicable packages not updated since upgrade since upgrade from Katello3.3 to 3.4

2017-06-03 Thread pascalp 
Hello,

ever since I updated Katello from 3.3 to 3.4 I do not get any available 
package updates listed at "content hosts". Manually doing a "yum update" on 
a machine shows available updates.
I also noticed there is no execution of task "Generate applicability" ever 
since the upgrade in the task history.


foreman-1.15.0-1.el7.noarch
katello-3.4.0-3.el7.noarch
pulp-server-2.12.2-1.el7.noarch

I would be glad for any advice on how to troubleshoot/solve this.

Thanks

Pascal

-- 
You received this message because you are subscribed to the Google Groups 
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to foreman-users+unsubscr...@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.