I've a problem with the clients inventory for which I always have "No inventory data" after a fresh install. Looking further it seems it's because the host is still in "Build" status.

I verified the KS used during the installation and here's the notification to foreman section :

1. Inform the build system that we are done.
   echo "Informing Foreman that we are built"
   wget -q -O /dev/null --no-check-certificate http://foremanserver:3000/unattended/built
   exit 0
   %end

so the link is good and I tried to run the command "wget -q -O /dev/null --no-check-certificate http://foremanserver:3000/unattended/built" manually and this has no effect in forman which tell the client still in build mode...

Is there any configuration I missed ?

Thanks in advance

Hi Ohadlevy,

Yes of course I tried to manually run the command directly from the client !

Any idea ?

Thanks

Hello,

I found the problem of this case.

To be clear :

Foreman / puppet master are installed on the same machine which is on LAN and WAN (with restrictions).
Now, when I create a new machine into LAN, the notification will be send on the PUBLIC address of foreman. Meaning this new client will use its gateway to access internet and when foreman see the request coming the IP address is not the private one of the new machine of course but the public one of the Gateway / Firewall !!!

This is tricky and I don't know if you will not find another way to advise foreman that the build is done...

Like to hardcode the client IP in the URL...

What do you think ?

Hardcoding the client IP in the URL is really bad in case of unauthentified query.

How about managing this issue the same way it is done for the kickstart query?
It should be possible to spoof the "build done" message only if user is authenticated.
This way, you can pass authentication to wget/curl/whatever and it wont break your security.