Actions
Bug #27255
closed
katello-change-hostname fails with ERROR '/opt/puppetlabs/bin/puppetserver ca setup' returned 1 instead of one of [0]
Difficulty:
easy
Triaged:
Yes
Bugzilla link:
Description
katello-change-hostname fails with ERROR when /opt/puppetlabs/bin/puppetserver ca setup tried to replace existing certs/keys during installer run
# katello-change-hostname qe-foreman-rhel7-tier1.example.com -y -u admin -p changeme Checking hostname validity Checking overall health of server Checking credentials Updating default Foreman Proxy Updating installation media paths updating hostname in /etc/hostname setting hostname checking if hostname was changed stopping services removing old cert rpms deleting old certs backed up /var/www/html/pub to /var/www/html/pub/qe-foreman-rhel7.example.com-20190708104807.backup updating hostname in /etc/hosts updating hostname in foreman installer scenarios backing up last_scenario.yaml removing last_scenario.yaml re-running the installer foreman-installer --scenario katello -v --disable-system-checks --certs-regenerate=true --foreman-proxy-register-in-foreman true restoring last_scenario.yaml cleaning up temporary files [ INFO 2019-07-08T10:48:37 verbose] Executing hooks in group pre_migrations ... [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Error: [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/ca_crl.pem' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/infra_crl.pem' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/certs/ca.pem' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/crl.pem' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/ca_pub.pem' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/inventory.txt' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/infra_inventory.txt' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/infra_serials' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/serial' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/root_key.pem' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Existing file at '/etc/puppetlabs/puppet/ssl/ca/ca_key.pem' [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: If you would really like to replace your CA, please delete the existing files first. [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: Note that any certificates that were issued by this CA will become invalid if you [ WARN 2019-07-08T10:49:26 verbose] /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: replace it! [ERROR 2019-07-08T10:49:26 verbose] '/opt/puppetlabs/bin/puppetserver ca setup' returned 1 instead of one of [0]
On nightly there is extra line saying "restoring last_scenario.yaml" while downstream 6.6 is OK without this line
foreman-1.23.0-0.12.develop.20190707155541git1100d84.el7.noarch katello-3.13.0-0.3.master.el7.noarch katello-common-3.13.0-0.3.master.el7.noarch
Updated by Ewoud Kohl van Wijngaarden almost 5 years ago
- Category set to Tooling
It looks like katello-change-hostname isn't cleaning up the Puppet CA properly and Puppet 6 has additional checks around this.
Updated by Jonathon Turel almost 5 years ago
- Target version set to Katello 3.13.0
- Triaged changed from No to Yes
Updated by Jonathon Turel almost 5 years ago
- Status changed from New to Assigned
Updated by The Foreman Bot over 4 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman-packaging/pull/3938 added
Updated by Jonathon Turel over 4 years ago
- Target version changed from Katello 3.13.0 to Katello 3.12.2
Updated by Chris Roberts over 4 years ago
- Status changed from Ready For Testing to Resolved
- Difficulty set to easy
- Fixed in Releases Katello 3.12.2 added
- Found in Releases Katello 3.11.1 added
Updated by The Foreman Bot over 4 years ago
- Pull request https://github.com/theforeman/foreman-packaging/pull/3970 added
Updated by The Foreman Bot over 4 years ago
- Pull request https://github.com/theforeman/foreman-packaging/pull/3989 added
Actions