Bug #18806
closed
Duplicate declaration: /etc/foreman-proxy/ssl_key.pem
Added by Klaas D almost 8 years ago.
Updated over 6 years ago.
Description
Hi,
when installing a pulp only node there is an error about a duplicate resource statement: (no puppet, no puppetca, no use_sudoers)
[ERROR 2017-03-06 13:28:19 main] Evaluation Error: Error while evaluating a Resource Statement, Duplicate declaration: File[/etc/foreman-proxy/ssl_key.pem] is already declared in file /usr/share/foreman-installer/modules/foreman_proxy/manifests/config.pp:140; cannot redeclare at /usr/share/katello-installer-base/modules/certs/manifests/foreman_proxy.pp:83 at /usr/share/katello-installer-base/modules/certs/manifests/foreman_proxy.pp:83:5 on node pulpnode.de
https://github.com/Katello/puppet-certs/blob/master/manifests/foreman_proxy.pp#L87-L92
and
https://github.com/theforeman/puppet-foreman_proxy/blob/master/manifests/config.pp#L128-L149
in master
I'm not sure where it is correct to declare the file; would it be best to use ensure_resource from stdlib at both occurrences?
Greetings
Klaas
Forgot to say, katello 3.3 stable and foreman 1.14.2
- Status changed from New to Need more information
- Translation missing: en.field_release set to 226
Could you provide all the install options you specified?
foreman-installer --scenario foreman-proxy-content \
--foreman-proxy-content-certs-tar /root/pulpnode01.tld-certs.tar\
--certs-update-all\
--certs-regenerate true\
--foreman-proxy-content-pulp-oauth-secret ""\
--foreman-proxy-content-parent-fqdn "pulpmaster.tld"\
--foreman-proxy-register-in-foreman "true"\
--foreman-proxy-foreman-base-url "https://pulpmaster.tld"\
--foreman-proxy-trusted-hosts "pulpmaster.tld"\
--foreman-proxy-trusted-hosts "pulpnode01.tld"\
--foreman-proxy-oauth-consumer-key ""\
--foreman-proxy-oauth-consumer-secret ""\
--foreman-proxy-puppet false\
--foreman-proxy-content-puppet false\
--foreman-proxy-puppetca false\
--foreman-proxy-tftp false\
--foreman-proxy-templates false
- Status changed from Need more information to New
- Translation missing: en.field_release changed from 226 to 228
- Assignee set to Eric Helms
- Translation missing: en.field_release changed from 228 to 258
- Translation missing: en.field_release changed from 258 to 267
- Has duplicate Bug #20125: Duplicate declaration with --foreman-proxy-puppet false added
- Translation missing: en.field_release changed from 267 to 281
For Katello 3.4.3 the Error message changed a little because its now in a different line:
[ERROR 2017-07-24 16:02:55 main] Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Error while evaluating a Resource Statement, Duplicate declaration: File[/etc/foreman-proxy/ssl_key.pem] is already declared in file /usr/share/foreman-installer/modules/foreman_proxy/manifests/config.pp:145; cannot redeclare at /usr/share/katello-installer-base/modules/certs/manifests/keypair.pp:23 at /usr/share/katello-installer-base/modules/certs/manifests/keypair.pp:23:5 at /usr/share/katello-installer-base/modules/certs/manifests/foreman_proxy.pp:84 on node pulpnode.srv.muenchen.de
- Translation missing: en.field_release changed from 281 to 286
- Status changed from New to Assigned
- Status changed from Assigned to Need more information
Klaas,
I am not sure how to resolve this (or if we even should). Since we are overriding what certs are being deployed, we need in puppet-certs to set file attributes and ensure it exists. Meanwhile, the foreman_proxy also needs to. The only way I can see around this is to change where Katello deploys the foreman proxy certs into /etc/pki/katello and not try to override the default location? Thoughts?
I am also going to move this to 3.5.0 or backlog depending on the outcome as I don't think this is fatal enough for 3.4.
- Translation missing: en.field_release changed from 286 to 295
@eric sorenson Hansen: if I recall right you can just comment out one of the resources that's duplicate - but in general this is a design issue because you're not meant to run a proxy without puppet
- Has duplicate Bug #22443: Evaluation Error: Error while evaluating a Resource Statement, Duplicate declaration: added
So it looks like you should pass in foreman_proxy::manage_puppet_group => false when you disable puppet. With the installer it should be exposed as --foreman-proxy-manage-puppet-group false. Can you verify this solves it for you? If it does we should do this in hiera by default I think.
Ewoud Kohl van Wijngaarden wrote:
So it looks like you should pass in foreman_proxy::manage_puppet_group => false when you disable puppet. With the installer it should be exposed as --foreman-proxy-manage-puppet-group false. Can you verify this solves it for you? If it does we should do this in hiera by default I think.
Running with --foreman-proxy-manage-puppet-group false did indeed work for me and the installer completed successfully.
- Target version deleted (
Katello 3.4.6)
Is there any action required for this issue? We are wondering how to triage it.
- Status changed from Need more information to Assigned
- Assignee changed from Eric Helms to Ewoud Kohl van Wijngaarden
- Target version set to Katello 3.8.0
- Triaged changed from No to Yes
Assigning to Ewoud since he seemed to know what work needs to be done :)
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/Katello/katello-installer/pull/670 added
- Status changed from Ready For Testing to Closed
- Pull request https://github.com/Katello/katello-installer/pull/675 added
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by