Project

General

Profile

Actions

Bug #8389

closed

foreman-installer does not start foreman-proxy with mixed-case hostnames

Added by Fabien Combernous over 9 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Category:
Foreman modules
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

I used rpms from the foreman repo : foreman-installer-1.6.2-1.el6.

My hostname is named uppercase like MYHOSTNAME.mydomain.

The foreman-installer failed with the following message :

Could not start Service[foreman-proxy]: Execution of '/sbin/service foreman-proxy start' returned 1: Starting foreman-proxy : [FAILED]
/Stage[main]/Foreman_proxy::Service/Service[foreman-proxy]/ensure: change from stopped to running failed: Could not start Service[foreman-proxy]: Execution of '/sbin/service foreman-proxy start' returned 1: Starting foreman-proxy : [FAILED]
/Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[MYHOSTNAME.mydomain]: Failed to call refresh: Could not load data from https://MYHOSTNAME.mydomain
/Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[MYHOSTNAME.mydomain]: Could not load data from https://MYHOSTNAME.mydomain
Installing Done [100%] [...................................................]
Something went wrong! Check the log for ERROR-level output

It was on a VM. So i did a rollback with snapshot, renamed the host in lowercase. Then re-run the installer. This time it finished without any error message.


Related issues 1 (0 open1 closed)

Related to Installer - Bug #6352: Default install fails when hostname contains uppercase charactersClosedEwoud Kohl van WijngaardenActions
Actions #1

Updated by Fabien Combernous over 9 years ago

  • Related to Bug #6352: Default install fails when hostname contains uppercase characters added
Actions #2

Updated by Dominic Cleal over 9 years ago

Do you have any logs from the smart proxy showing why it didn't start? I can't think of a reason off the top of my head why the hostname would prevent the startup, unless perhaps the cert filenames were incorrect in /etc/foreman-proxy/settings.yml.

Actions #3

Updated by Fabien Combernous over 9 years ago

  • File foreman-installer.log added

As attached document, the full log indicated by the foreman-installer.

Actions #4

Updated by Dominic Cleal over 9 years ago

Yeah, that doesn't show the proxy logs. My only suspicion is the SSL certificate names...

[ INFO 2014-11-13 10:41:19 main] +:ssl_certificate: /var/lib/puppet/ssl/certs/MYHOSTNAME.mydomain.pem
[ INFO 2014-11-13 10:41:19 main] +:ssl_private_key: /var/lib/puppet/ssl/private_keys/MYHOSTNAME.mydomain.pem

Actions #5

Updated by Fabien Combernous over 9 years ago

Files are presents but lowercase

Actions #6

Updated by Dominic Cleal over 9 years ago

  • Project changed from Smart Proxy to Installer
  • Category set to Foreman modules
Actions #7

Updated by Tommy McNeely over 9 years ago

Just had this happen here too...

[root@DevForeman foreman-proxy]# tail -50 proxy.log 
# Logfile created on Tue Nov 18 15:29:27 -0700 2014 by logger.rb/1.2.6
E, [2014-11-18T15:29:28.452345 #3779] ERROR -- : Unable to access the SSL keys. Are the values correct in settings.yml and do permissions allow reading?: No such file or directory - /var/lib/puppet/ssl/private_keys/DevForeman.dev.pem
E, [2014-11-18T15:29:28.452426 #3779] ERROR -- : Both http and https are disabled, unable to start.
E, [2014-11-18T15:30:35.812443 #4117] ERROR -- : Unable to access the SSL keys. Are the values correct in settings.yml and do permissions allow reading?: No such file or directory - /var/lib/puppet/ssl/private_keys/DevForeman.dev.pem
E, [2014-11-18T15:30:35.812551 #4117] ERROR -- : Both http and https are disabled, unable to start.
[root@DevForeman foreman-proxy]# ls -l /var/lib/puppet/ssl/
ca/                   certs/                private/              public_keys/
certificate_requests/ crl.pem               private_keys/         
[root@DevForeman foreman-proxy]# ls -l /var/lib/puppet/ssl/private_keys/
total 4
-rw-r-----. 1 puppet puppet 3247 Nov 18 15:29 devforeman.dev.pem

Actions #8

Updated by Matt Altieri about 9 years ago

I was able to get a broken install going [due to uppercase letters in hostname] by first changing the hostname to all lowercase & re-running the installer (which at least generated new puppet certs - I can't say for sure how much else it did succeed at repairing ... but I can say what it didn't).

Orig Error - I suspect the failure to get settings was due to IPtables, as well:

[root@Foreman ~]# foreman-installer
 /Stage[main]/Foreman_proxy::Service/Service[foreman-proxy]/ensure: change from stopped to running failed: Could not start Service[foreman-proxy]: Execution of '/sbin/service foreman-proxy start' returned 1:  at /usr/share/foreman-installer/modules/foreman_proxy/manifests/service.pp:9
 /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[Foreman.McUnimportant]: Failed to call refresh: Could not load data from https://Foreman.McUnimportant
Installing             Done                                               [100%] [...............................................................]
  Something went wrong! Check the log for ERROR-level output
  * Foreman is running at https://Foreman.McUnimportant
      Initial credentials are admin / redacted
  * Foreman Proxy is running at https://Foreman.McUnimportant:8443
  * Puppetmaster is running at port 8140
  The full log is at /var/log/foreman-installer/foreman-installer.log

However, the re-run didn't fix the uppercase hostname in the apache config files

[root@Foreman conf.d]# grep McUnimportant ./*
./05-foreman.conf:  ServerName Foreman.McUnimportant
./05-foreman.conf:PassengerPreStart http://Foreman.McUnimportant
./05-foreman-ssl.conf:  ServerName Foreman.McUnimportant
./05-foreman-ssl.conf:PassengerPreStart https://Foreman.McUnimportant

...edited these, and still no luck.

Because the settings in /usr/share/foreman-proxy/config/settings.yml were still pointed at the uppercase, original certificate name -- which no longer existed.

Edited these three lines to point at the proper cert name:

:ssl_ca_file: /var/lib/puppet/ssl/certs/ca.pem
:ssl_certificate: /var/lib/puppet/ssl/certs/foreman.mcunimportant.pem
:ssl_private_key: /var/lib/puppet/ssl/private_keys/foreman.mcunimportant.pem

And Voila:

[root@foreman ca]# service foreman-proxy start
Starting foreman-proxy:                                    [  OK  ]

...hope this is helpful.

Actions #9

Updated by Ewoud Kohl van Wijngaarden about 9 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/puppet-foreman_proxy/pull/148 added
  • Pull request deleted ()

Untested code, but it should work since I copied it from puppet-foreman which already does a similar thing.

Actions #10

Updated by Dominic Cleal over 8 years ago

  • Subject changed from foreman-installer does not start foreman-proxy to foreman-installer does not start foreman-proxy with mixed-case hostnames
  • Status changed from Ready For Testing to Closed
  • Assignee set to Ewoud Kohl van Wijngaarden
  • % Done changed from 0 to 100
  • translation missing: en.field_release set to 104
Actions #11

Updated by Dominic Cleal about 8 years ago

  • translation missing: en.field_release changed from 104 to 71

Non-trivial due to a few module updates.

Actions

Also available in: Atom PDF