Installation on CentOS 7.2 fails at stage Foreman_proxy::Register
I'm unable to properly install Foreman 1.11.1 on an up-to-date version of CentOS 7.2 (installed from CentOS-7-x86_64-DVD-1511.iso, updated via yum -y update, rebooted). This problem persists in fresh installations, so either I'm doing something wrong or something broke quite recently. There's nothing in the documentation indicating I have done something wrong as far as I can see.
These are the steps I run before:
[root@foreman ~]# echo "192.168.205.10 foreman.beckers.local foreman" >> /etc/hosts
To rule out any potential problems caused by the firewall, I open all ports mentioned in the docs:
[root@foreman ~]# firewall-cmd --permanent --zone=public --add-port=53/tcp \ --add-port=53/udp --add-port=67-68/udp --add-port=69/udp --add-port=80/tcp \ --add-port=443/tcp --add-port=3000/tcp --add-port=3306/tcp --add-port=5910-5930/tcp \ --add-port=5432/tcp --add-port=8140/tcp --add-port=8443/tcp [root@foreman ~]# firewall-cmd --reload success [root@foreman ~]# firewall-cmd --list-all public (default, active) interfaces: ens32 sources: services: dhcpv6-client ssh ports: 3000/tcp 443/tcp 80/tcp 8140/tcp 5432/tcp 3306/tcp 8443/tcp 67-68/udp 5910-5930/tcp 53/tcp 69/udp 53/udp masquerade: no forward-ports: icmp-blocks: rich rules:
This is how I install the necessary repositories and packages:
[root@foreman ~]# yum -y install http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm [root@foreman ~]# yum -y install epel-release http://yum.theforeman.org/releases/1.11/el7/x86_64/foreman-release.rpm [root@foreman ~]# yum -y install foreman-installer
Just to double check, these package versions are installed now:
[root@foreman ~]# rpm -q foreman-installer foreman-installer-1.11.1-1.el7.noarch [root@foreman ~]# rpm -q foreman-selinux foreman-selinux-1.11.1-1.el7.noarch [root@foreman ~]# rpm -q ruby ruby-126.96.36.1998-25.el7_1.x86_64
Now everything should be ready to install Foreman. After reading through the potential installer options I decided to go with the defaults because they should provide me with a minimal (as in: no DHCP or DNS Smart Proxy functionality) but running Foreman instance. Well, the installer always fails at registering the host as smart proxy to itself. These are the relevant messages, I will attach the complete output of foreman-installer -v as .txt file.
[root@foreman ~]# foreman-installer -v [...] [ERROR 2016-05-13 08:52:39 verbose] /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[foreman.beckers.local]: Could not evaluate: Proxy foreman.beckers.local cannot be registered (Could not load data from https://foreman.beckers.local [...] [ERROR 2016-05-13 08:52:50 verbose] /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[foreman.beckers.local]: Failed to call refresh: Proxy foreman.beckers.local cannot be registered (Could not load data from https://foreman.beckers.local [ INFO 2016-05-13 08:52:50 verbose] - is your server down? [ INFO 2016-05-13 08:52:50 verbose] - was rake apipie:cache run when using apipie cache? (typical production settings)): N/A [ERROR 2016-05-13 08:52:50 verbose] /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[foreman.beckers.local]: Proxy foreman.beckers.local cannot be registered (Could not load data from https://foreman.beckers.local [ INFO 2016-05-13 08:52:50 verbose] - is your server down? [ INFO 2016-05-13 08:52:50 verbose] - was rake apipie:cache run when using apipie cache? (typical production settings)): N/A [...] Something went wrong! Check the log for ERROR-level output * Foreman is running at https://foreman.beckers.local Initial credentials are admin / <password> * Foreman Proxy is running at https://foreman.beckers.local:8443 * Puppetmaster is running at port 8140 The full log is at /var/log/foreman-installer/foreman.log
I would like to help debugging this issue as it currently blocks me from using Foreman 1.11.
As the installer states there is still something at katello.beckers.local now. Visiting the page in my browser I'm greeted by a Passenger error screen saying (I have attached the full Ruby stacktrace as .txt file):
Permission denied @ rb_sysopen - /usr/share/foreman/tmp/cache/websockets_ssl_key20160513-14754-c9wgda (Errno::EACCES)The directory mentioned in the error message looks like this:
[root@foreman ~]# ls -lisa /usr/share/foreman/tmp/cache/ total 0 50493 0 drwxr-xr-x. 5 foreman foreman 100 May 13 08:52 . 39075 0 drwxr-xr-x. 3 foreman foreman 80 May 13 08:52 .. 48957 0 drwxrwxr-x. 3 foreman foreman 60 May 13 08:52 794 49830 0 drwxr-xr-x. 3 foreman foreman 60 May 13 08:51 7D5 48961 0 drwxrwxr-x. 3 foreman foreman 60 May 13 08:52 7F9 [root@foreman ~]# tree /usr/share/foreman/tmp/cache/ /usr/share/foreman/tmp/cache/ ├── 794 │ └── F40 │ └── websockets_ssl_key ├── 7D5 │ └── D00 │ └── template_kind_names └── 7F9 └── CE0 └── websockets_ssl_cert 6 directories, 3 files
Updated by Dominic Cleal over 7 years ago
- Status changed from New to Duplicate
Thanks for the report, this has recently been fixed under ticket #14811 and we'll be shipping a minor update shortly. Please set SELinux to permissive for now (/etc/sysconfig/selinux and
setenforce 0), or downgrade Passenger packages to 4.0.18 from our repos (as opposed to 4.0.53 from EPEL7).
Updated by Marvin Beckers over 7 years ago
Wow, that was quick! Thank you for your immediate response. I actually remember seeing this bug report, but I did not connect the dots in my head. The duplicate issues are actually pretty telling.
I'm looking forward to using the minor update soon. You are doing a great job with Foreman/Katello, it's an exceptional tool!