Project

General

Profile

Bug #25970

Remote execution bug again can't send back the report of the remote execution to the foreman

Added by Mario Gamboa 9 months ago. Updated 8 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

The issue is in the smart_proxy_dynflow_core confguration

  1. Path to dynflow database, leave blank for in-memory non-persistent database
    :database:
  1. URL of the foreman, used for reporting back
    :foreman_url: 'http://localhost:3000'
  1. SSL settings for client authentication against Foreman
  2. :foreman_ssl_ca: ssl/foreman_ca.pem
  3. :foreman_ssl_key: ssl/foreman_key.pem
  4. :foreman_ssl_cert: ssl/foreman_cert.pem

:console_auth: false

  1. Set to true to make the core fork to background after start
  2. :daemonize: false
  3. :pid_file: /var/run/foreman-proxy/smart_proxy_dynflow_core.pid

as you can see the foreman_url is pointing to the localhost that is incorrect must be the point to the foreman server

as workaround

  1. URL of the foreman, used for reporting back
    :foreman_url: 'https://foreman.server'
  1. SSL settings for client authentication against Foreman
    :foreman_ssl_ca: ssl/foreman_ca.pem
    :foreman_ssl_key: ssl/foreman_key.pem

Related issues

Related to Foreman Remote Execution - Bug #20206: Remote Execution sending error after upgrade katello 3.4.3New2017-07-05

History

#1 Updated by Mario Gamboa 9 months ago

  • Related to Bug #20206: Remote Execution sending error after upgrade katello 3.4.3 added

#2 Updated by Ivan Necas 9 months ago

What procedure has been followed to set up the instance? Is this manual configuration or an installer has been used?

#3 Updated by Mario Gamboa 9 months ago

From REX documentation 1.3
foreman-installer --enable-foreman-plugin-remote-execution\
--enable-foreman-proxy-plugin-remote-execution-ssh

mkdir ~foreman-proxy/.ssh
chown foreman-proxy ~foreman-proxy/.ssh
sudo -u foreman-proxy ssh-keygen -f ~foreman-proxy/.ssh/id_rsa_foreman_proxy -N ''

restorecon -RvF ~foreman-proxy/.sshservice httpd restart
service foreman-tasks restart
service foreman-proxy restart
service smart_proxy_dynflow_core restart

That's it

#4 Updated by Justin Sherrill 9 months ago

  • Category deleted (Orchestration)
  • Project changed from Katello to Foreman Remote Execution

#5 Updated by Ivan Necas 9 months ago

Have the installer finished successfully? When I tested with nighties, everything worked as expected (I'm also not aware of any related changes to this) recently:

foreman-installer --enable-foreman-plugin-remote-execution --enable-foreman-proxy-plugin-remote-execution-ssh --disable-system-checks
Installing             Done                                               [100%] [.......................]
  Success!
  * Katello is running at https://centos7-katello-nightly.example.com
  * To install an additional Foreman proxy on separate machine continue by running:

      foreman-proxy-certs-generate --foreman-proxy-fqdn "$FOREMAN_PROXY" --certs-tar "/root/$FOREMAN_PROXY-certs.tar" 
  The full log is at /var/log/foreman-installer/katello.log
[root@centos7-katello-nightly ~]# cat /etc/smart_proxy_dynflow_core/settings.yml 
---
# Path to dynflow database, leave blank for in-memory non-persistent database
:database: 
:console_auth: true

# URL of the foreman, used for reporting back
:foreman_url: https://centos7-katello-nightly.example.com

# SSL settings for client authentication against foreman.
:foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
:foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
:foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem

# Listen on address
:listen: 0.0.0.0

# Listen on port
:port: 8008

:use_https: true
:ssl_ca_file: /etc/foreman-proxy/ssl_ca.pem
:ssl_certificate: /etc/foreman-proxy/ssl_cert.pem
:ssl_private_key: /etc/foreman-proxy/ssl_key.pem

#6 Updated by Mario Gamboa 8 months ago

  • Status changed from New to Resolved

i just upgrade to the latest version 3.11 and is solved

Also available in: Atom PDF