Bug #26043
closedservice command can't connect to remote mongodb
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1676663
Description of problem:
foreman-maintain service can not connect to remote mongodb when pulp configuration contain empty path to a ssl cert.
/etc/pulp/server.conf
...
[database]
name: pulpdb
seeds: <host>:27017
username: pulpuser
password: FILTERED
ssl: true
ssl_certfile:
verify_ssl: false
ca_path: /etc/pki/tls/certs/ca-bundle.crt
unsafe_autoretry: false
...
After 'foreman-maintain service status' /var/log/foreman-maintain/foreman-maintain.log contains:
D, [2019-02-07 23:58:37+0000 #5681] DEBUG -- : Running command scl enable rh-mongodb34 -- mongo u pulpuser -p [FILTERED] --host <host> --port 27017 --ssl --sslCAFile /etc/pki/tls/certs/ca-bundle.crt : output of the command:
--sslPEMKeyFile --eval 'db.version()' pulpdb with stdin nil
D, [2019-02-07 23:58:37+0000 #5681] DEBUG -
2019-02-07T23:58:37.429+0000 E NETWORK [main] cannot read certificate file: --eval error:02001002:system library:fopen:No such file or directory
Failed global initialization: InvalidSSLConfiguration Can not set up PEM key file.
D, [2019-02-07 23:58:37+0000 #5681] DEBUG -- : Mongo version detection failed, choosing from installed versions
Version-Release number of selected component (if applicable):
foreman_maintain (0.2.11)
How reproducible:
always
Steps to Reproduce:
1. Configure Satellite to use remote MongoDB
2. Have ssl_certfile: <empty> in /etc/pulp/server.conf
3. Make sure the remote DB is running
Actual results:
$ foreman-maintain service status
...
rh-mongodb34-mongod is remote and is DOWN.
...
Expected results:
$ foreman-maintain service status
...
rh-mongodb34-mongod is remote and is UP.
...
Additional info:
foreman-maintain also ignores the following parameters that were present in the config:
verify_ssl: false
unsafe_autoretry: false
Updated by Martin Bacovsky about 5 years ago
- Status changed from New to Assigned
- Assignee changed from Anurag Patel to Martin Bacovsky
- Triaged changed from No to Yes
- Team Backlog Foreman Maintain added
Updated by The Foreman Bot about 5 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman_maintain/pull/245 added
Updated by Martin Bacovsky about 5 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset foreman_maintain|aed650fd48ec4ccfd96599e59563830304e3dfc1.