Project

General

Profile

Troubleshooting » History » Version 64

Romain Vrignaud, 05/23/2014 06:51 AM

1 3 Ohad Levy
{{toc}}
2 3 Ohad Levy
3 43 Lukas Zapletal
h1. How to provide enough info to get help?
4 43 Lukas Zapletal
5 43 Lukas Zapletal
Foreman is pretty complex software project with many components and extensive configuration. Always try to describe best your specific case (OS, version, ruby and foreman version, database, specific configuration). From Foreman version 1.2 you can use _foreman-debug_ script which collects all these information and also filters out things like passwords or tokens. For earlier Foreman releases you can use this bash script directly from git: https://github.com/theforeman/foreman/blob/develop/script/foreman-debug
6 43 Lukas Zapletal
7 1 Ohad Levy
h1. rake aborted!
8 1 Ohad Levy
9 1 Ohad Levy
I get the following error while running rake db:migrate
10 1 Ohad Levy
<pre>
11 1 Ohad Levy
rake aborted!
12 1 Ohad Levy
undefined method `reenable' for <Rake::Task db:schema:dump => [environment]>:Rake::Task
13 1 Ohad Levy
</pre>
14 1 Ohad Levy
15 1 Ohad Levy
this means you have an old version of rake (older than 0.87), you can verify it by typing:
16 1 Ohad Levy
<pre>
17 1 Ohad Levy
rake --version
18 1 Ohad Levy
</pre>
19 1 Ohad Levy
20 1 Ohad Levy
Usually this error is "safe" to ignore, however, it is recommended to upgrade to rake >= 0.87
21 2 Ohad Levy
22 10 Corey Osman
23 20 Florian Koch
h1. Unable to save: failed to detect boot server: getaddrinfo: Name or service not known
24 1 Ohad Levy
25 20 Florian Koch
if you have registred your smart-proxys via name, and these name are not resolvable, you get this error, you can add the name to your dns server or set 
26 20 Florian Koch
:tftp_servername: in smart-proxy settings to the ip of the smart-proxy.
27 10 Corey Osman
28 7 Corey Osman
h1. I use puppet enterprise, what now?
29 7 Corey Osman
30 7 Corey Osman
As of PE version 1.0, foreman won't install easily without a few modifications.  Since PE ships with its own version of Ruby you will need to install a few gems.
31 12 Corey Osman
Basically you need to tell foreman to use the PE provided ruby library instead.  Your not required to run the puppet version of ruby either as many distros now ship with ruby 1.8.7.
32 7 Corey Osman
33 8 Ohad Levy
# You first need to install the pe-ruby-devel package that ships with PE.  You can find this in your packages folder wherever you extracted PE.
34 1 Ohad Levy
      a. rpm -ivh pe-ruby-devel-1.8.7.302-1.el5.i386.rpm 
35 8 Ohad Levy
# Update your path variable to use the ruby version PE ships with (export PATH=/opt/puppet/bin:$PATH)
36 8 Ohad Levy
# Check to make sure your PATH was updated ("which gem" should return /opt/puppet/bin/gem)
37 8 Ohad Levy
# gem install json
38 8 Ohad Levy
# gem install rest-client
39 7 Corey Osman
(install the gem database driver you use)
40 8 Ohad Levy
# gem install sqlite3 or gem install mysql  ( you may have additional dependencies that would need to be resolved first)
41 7 Corey Osman
42 7 Corey Osman
Some of the gem dependencies can be resolved by installing the development library for that package (example: mysql-devel)
43 7 Corey Osman
44 7 Corey Osman
I found it difficult to install the sqlite3 gem because of dependency hell so I just setup mysql instead which was far easier to setup.  Additionally mysql is much more scalable than sqlite.
45 7 Corey Osman
46 7 Corey Osman
You can get a list of the currently installed gems by using: gem list.
47 1 Ohad Levy
48 10 Corey Osman
If your running the foreman init script or /etc/sysconfig/foreman configuration file.  You may need to update apache/passenger configurations that point to the PE ruby version.
49 6 Corey Osman
50 6 Corey Osman
51 2 Ohad Levy
h1. error: Entry 'some file' not uptodate. Cannot merge.
52 2 Ohad Levy
53 2 Ohad Levy
If you downloaded Foreman from source (git), it could be that some of the files you have modified (or were modified automatically) conflicts with another file Foreman wants to upgrade.
54 2 Ohad Levy
55 2 Ohad Levy
If you don't think that you edited this file (e.g. db/schema.rb) it is usually safe to do:
56 2 Ohad Levy
<pre>
57 2 Ohad Levy
git checkout 'some file'
58 2 Ohad Levy
</pre> 
59 2 Ohad Levy
60 2 Ohad Levy
This will revert the file to its previous condition (as in the repo at the time of checkout) and now you should be able to get the latest version by:
61 2 Ohad Levy
<pre>
62 2 Ohad Levy
git pull
63 2 Ohad Levy
</pre>
64 3 Ohad Levy
65 3 Ohad Levy
h1. Strange errors with passenger
66 3 Ohad Levy
67 3 Ohad Levy
Passenger executes foreman, based on the owner of the config/environmnets.rb file, make sure that this use can actually access:
68 3 Ohad Levy
* puppet configuration files
69 3 Ohad Levy
* sqlite database (if using sqlite)
70 3 Ohad Levy
* write to log, tmp directories
71 3 Ohad Levy
72 3 Ohad Levy
see source:extras/puppet/foreman for complete puppet based setup for Foreman.
73 4 Bash Shell
74 4 Bash Shell
75 4 Bash Shell
76 4 Bash Shell
h1. error: Could not send facts to Foreman: wrong Content-Length format (RuntimeError)
77 4 Bash Shell
78 4 Bash Shell
You might see this error if you run the HTTP push facts script or the sample external nodes script.
79 4 Bash Shell
This is most likely due to older version of the mongrel gem. Please try and update your gems.
80 4 Bash Shell
81 4 Bash Shell
<pre>
82 4 Bash Shell
gem update mongrel
83 4 Bash Shell
</pre>
84 5 Lukas Zapletal
85 5 Lukas Zapletal
h1. Is my Foreman instance running?
86 5 Lukas Zapletal
87 5 Lukas Zapletal
There is simple status service that returns JSON with "result" message "ok" when the instance is up and running. It also "pings" database and returns lag. Example:
88 5 Lukas Zapletal
89 5 Lukas Zapletal
<pre>
90 5 Lukas Zapletal
$ curl -k -H "Accept: application/json" http://instance:3000/status
91 5 Lukas Zapletal
{"status":200,"result":"ok","db_duration_ms":"5"}
92 5 Lukas Zapletal
</pre>
93 9 Dis Connect
94 9 Dis Connect
h1. How do I enable debugging?
95 9 Dis Connect
96 1 Ohad Levy
Edit config/environments/production.rb and uncomment "config.log_level = :debug"
97 64 Romain Vrignaud
98 64 Romain Vrignaud
To enable debugging of Compute Resources HTTP requests, you should pass some environment variables:
99 64 Romain Vrignaud
<pre>
100 64 Romain Vrignaud
  cd ~foreman
101 64 Romain Vrignaud
  EXCON_DEBUG=true DEBUG=true ./script/rails s
102 64 Romain Vrignaud
</pre>
103 13 Corey Osman
104 13 Corey Osman
h1. [[Unattended Provisioning Troubleshooting]]
105 14 Florian Koch
106 14 Florian Koch
h1. Puppet and Storeconfigs: err: Could not retrieve catalog from remote server: Error 400 on SERVER: stack level too deep
107 14 Florian Koch
108 14 Florian Koch
Your activerecord Version is to new, you need activrecord 3.0.10 see http://projects.puppetlabs.com/issues/9290
109 14 Florian Koch
110 14 Florian Koch
<pre>
111 14 Florian Koch
gem uninstall activerecord
112 14 Florian Koch
gem install activerecord -v 3.0.10
113 14 Florian Koch
</pre>
114 15 Romain Vrignaud
115 15 Romain Vrignaud
116 15 Romain Vrignaud
117 15 Romain Vrignaud
h1. How do I fix this error: "Unable to find directory $confdir/environments/$environment/modules in environment master" ?
118 15 Romain Vrignaud
119 15 Romain Vrignaud
If you've followed http://docs.puppetlabs.com/guides/environment.html#configuring-environments-on-the-puppet-master to 
120 15 Romain Vrignaud
create a multi-environment puppet configuration, you're initial rake may look something like this:
121 15 Romain Vrignaud
<pre>
122 15 Romain Vrignaud
rake puppet:import:puppet_classes RAILS_ENV=production
123 15 Romain Vrignaud
(in /usr/share/foreman)
124 15 Romain Vrignaud
Evaluating possible changes to your installation
125 15 Romain Vrignaud
Problems were detected during the evaluation phase
126 15 Romain Vrignaud
127 15 Romain Vrignaud
Unable to find directory $confdir/environments/$environment/modules in environment master
128 15 Romain Vrignaud
129 15 Romain Vrignaud
Please fix these issues and try again
130 15 Romain Vrignaud
</pre>
131 15 Romain Vrignaud
This is because Foreman does not currently evaluate $confdir.  There is a feature request open on this issue.  In the 
132 15 Romain Vrignaud
meantime, hard code your $confdir in your puppet.conf.
133 15 Romain Vrignaud
134 21 Romain Vrignaud
h1. Smart-proxy do not recognize my puppet environment
135 23 Romain Vrignaud
136 21 Romain Vrignaud
If I query smart-proxy and it return empty puppet environment :
137 22 Romain Vrignaud
<pre>
138 21 Romain Vrignaud
curl -k -H "Content-Type:application/json" -H "Accept:application/json" http://puppet:8443/puppet/environments
139 21 Romain Vrignaud
=> []
140 22 Romain Vrignaud
</pre>
141 21 Romain Vrignaud
142 21 Romain Vrignaud
You may have to add in your puppetmaster's puppet.conf environment definition like :
143 21 Romain Vrignaud
144 22 Romain Vrignaud
<pre>
145 21 Romain Vrignaud
[production]
146 21 Romain Vrignaud
    manifest   = /etc/puppet/manifests/site.pp
147 21 Romain Vrignaud
    modulepath = /etc/puppet/modules
148 21 Romain Vrignaud
    fileserverconfig = /etc/puppet/fileserver.conf
149 21 Romain Vrignaud
    templatedir=/etc/puppet/templates/
150 21 Romain Vrignaud
151 21 Romain Vrignaud
[preprod]
152 21 Romain Vrignaud
    manifest   = /etc/puppet/preprod/manifests/site.pp
153 21 Romain Vrignaud
    modulepath = /etc/puppet/preprod/modules
154 21 Romain Vrignaud
    fileserverconfig = /etc/puppet/preprod/fileserver.conf
155 21 Romain Vrignaud
    templatedir=/etc/puppet/preprod/templates
156 21 Romain Vrignaud
157 21 Romain Vrignaud
[development]
158 21 Romain Vrignaud
    manifest   = /etc/puppet/development/manifests/site.pp
159 21 Romain Vrignaud
    modulepath = /etc/puppet/development/modules
160 21 Romain Vrignaud
    fileserverconfig = /etc/puppet/development/fileserver.conf
161 21 Romain Vrignaud
    templatedir=/etc/puppet/development/templates/
162 21 Romain Vrignaud
163 21 Romain Vrignaud
[test]
164 21 Romain Vrignaud
    manifest   = /etc/puppet/test/manifests/site.pp
165 21 Romain Vrignaud
    modulepath = /etc/puppet/test/modules
166 21 Romain Vrignaud
    fileserverconfig = /etc/puppet/test/fileserver.conf
167 21 Romain Vrignaud
    templatedir=/etc/puppet/test/templates/
168 22 Romain Vrignaud
</pre>
169 21 Romain Vrignaud
170 21 Romain Vrignaud
171 15 Romain Vrignaud
h1. How do I fix the puppet class import problem with multiple puppet environment ?
172 15 Romain Vrignaud
173 15 Romain Vrignaud
If Foreman don't seems to be aware of all your environment and is able to import only your "production" environment (see http://theforeman.org/issues/1159),
174 34 Christoph Witzany
try to add ":puppet_conf: /etc/puppet/puppet.conf" in your settings.yaml.
175 17 Martin Hovmöller
176 17 Martin Hovmöller
h1. Unable to connect to Hypervisor?
177 18 Martin Hovmöller
178 17 Martin Hovmöller
Make sure the user that's actually running foreman can connect to your remote hypervisor (for instance by running sudo -u foreman virsh -c qemu+ssh://root@<host>/session list).
179 19 Martin Hovmöller
180 17 Martin Hovmöller
If you are running foreman through phusion passenger, ps auxwwf | grep "R[a]ils: /usr/share/foreman" | awk '{ print $1 }' will give you the user that's running foreman. If you find that it's not being run by foreman, do the following:
181 17 Martin Hovmöller
cd ~foreman
182 17 Martin Hovmöller
chown foreman config/environment.rb
183 17 Martin Hovmöller
touch ~foreman/tmp/restart.txt
184 24 chris alfonso
185 24 chris alfonso
h1. Routing errors when running rake test?
186 24 chris alfonso
187 24 chris alfonso
Edit the config/settings.yaml and set the :login: setting to true
188 25 Ohad Levy
189 25 Ohad Levy
h1. cannot load such file -- facter / puppet (LoadError)
190 25 Ohad Levy
191 52 Dominic Cleal
If you running foreman under RVM or custom ruby installation, you would need to get facter installed as a gem (as facter packages are not in your ruby search path).
192 25 Ohad Levy
193 1 Ohad Levy
simply add another file to FOREMAN_DIR/bundler.d
194 52 Dominic Cleal
<pre>
195 52 Dominic Cleal
echo "gem 'facter'" > bundler.d/Gemfile.local.rb
196 52 Dominic Cleal
</pre>
197 52 Dominic Cleal
198 52 Dominic Cleal
h2. Pre-Foreman 1.3
199 52 Dominic Cleal
200 52 Dominic Cleal
Prior to 1.3, puppet was also a dependency, so instead use:
201 52 Dominic Cleal
202 25 Ohad Levy
<pre>
203 37 Dominic Cleal
echo "gem 'puppet'" > bundler.d/Gemfile.local.rb
204 1 Ohad Levy
</pre>
205 37 Dominic Cleal
206 37 Dominic Cleal
Edit the config/settings.yaml and add: @:puppetgem: true@
207 28 Bash Shell
208 28 Bash Shell
h1. Causes of "Error 400 Bad Request", and other smart-proxy related errors in the Foreman interface:
209 28 Bash Shell
210 29 Bash Shell
* Check the sudoers file on the proxy, if the user "foreman-proxy" can run "puppetca". The command puppetca is un-available in puppet 3.0. Workaround is to create a wrapper script.
211 29 Bash Shell
* From the cmd line, check if the user can run "puppetca" and "nsupdate" properly.
212 28 Bash Shell
* Check if Bind is listening on 127.0.0.1. The proxy connects to localhost only, so this is required. 
213 28 Bash Shell
* Check if the foreman-proxy user "foreman-proxy" can read the Bind rndc keys.
214 29 Bash Shell
* In Ubuntu, you will have to tell apparmor to allow Bind to write to zone files and journals. If your zone files are in /etc/bind/zones/, add "/etc/bind/zones/** rw," to /etc/apparmor.d/usr.sbin.named.
215 28 Bash Shell
* If using Ubuntu Libvirt, and the "Virtual Machine" tab is empty, then you most likely need to create a default storage pool:
216 28 Bash Shell
<pre>
217 28 Bash Shell
cat /etc/libvirt/storage/default.xml 
218 28 Bash Shell
<pool type='dir'>
219 28 Bash Shell
  <name>default</name>
220 28 Bash Shell
  <uuid>35e0bbce-4019-ca88-6dec-b1a0c1be774b</uuid>
221 28 Bash Shell
  <capacity>0</capacity>
222 28 Bash Shell
  <allocation>0</allocation>
223 28 Bash Shell
  <available>0</available>
224 28 Bash Shell
  <source>
225 28 Bash Shell
  </source>
226 28 Bash Shell
  <target>
227 28 Bash Shell
    <path>/var/lib/libvirt/images</path>
228 28 Bash Shell
    <permissions>
229 28 Bash Shell
      <mode>0700</mode>
230 28 Bash Shell
      <owner>-1</owner>
231 28 Bash Shell
      <group>-1</group>
232 28 Bash Shell
    </permissions>
233 28 Bash Shell
  </target>
234 28 Bash Shell
</pool>
235 28 Bash Shell
</pre>
236 28 Bash Shell
* On Ubuntu Libvirt, you may have to change /etc/libvirt/libvirtd.conf to listen on TCP.
237 31 Benjamin Papillon
238 31 Benjamin Papillon
h1. Using Webrick you get : Error 400 on SERVER: Could not find node '<node fqdn>'; cannot compile
239 31 Benjamin Papillon
240 32 Benjamin Papillon
If you are using Foreman with webrick and you get an error downloading your catalog, maybe you encouter the issue noted in bug #1507
241 31 Benjamin Papillon
Edit the node.rb script and replace the following :
242 31 Benjamin Papillon
243 31 Benjamin Papillon
<pre>
244 31 Benjamin Papillon
<br />SETTINGS = {<br /> :url => "http://<node fqdn>:3000*/*",<br />
245 31 Benjamin Papillon
</pre>
246 31 Benjamin Papillon
247 31 Benjamin Papillon
by this :
248 31 Benjamin Papillon
249 31 Benjamin Papillon
<pre>
250 31 Benjamin Papillon
<br />SETTINGS = {<br /> :url => "http://<node fqdn>:3000",<br />
251 31 Benjamin Papillon
</pre>
252 35 Charles Gomes
253 35 Charles Gomes
h1. DHCP Provisioning Fails with: "dhcpctl_connect: not found"
254 35 Charles Gomes
255 35 Charles Gomes
Depending on the version of ISC DHCP you are using a wrong key will return "dhcpctl_connect: not found" , this misleads to a connection problem.
256 35 Charles Gomes
To solve basically check if your KEY NAME matches your proxy settings.yml and also matches on your dhcpd.conf
257 38 Charles Gomes
258 38 Charles Gomes
h1. Foreman is showing : Error message: Could not find json-1.5.5 in any of the sources
259 38 Charles Gomes
260 38 Charles Gomes
If you have a problem after doing a yum update ruby bundler needs to re-run.
261 38 Charles Gomes
This could happen after an update or chane of ruby packages.
262 39 Charles Gomes
263 39 Charles Gomes
<pre>
264 38 Charles Gomes
rm ~foreman/Gemfile.lock
265 1 Ohad Levy
cd ~foreman 
266 38 Charles Gomes
bundle install --local
267 39 Charles Gomes
</pre>
268 40 Greg Sutcliffe
269 40 Greg Sutcliffe
h1. VNC console in the Foreman UI refuses to connect to my VM: Server Disconnected
270 40 Greg Sutcliffe
271 42 Greg Sutcliffe
Check what version of python you have installed - noVNC requires python2. If you have multiple python versions installed, you can edit `extras/noVNC/websockify.py` and change the shebang on line 1
272 44 Dominic Cleal
273 44 Dominic Cleal
h1. Unable to upgrade to Puppet 3.2 due to rubygem-net-ldap dependency issues
274 44 Dominic Cleal
275 44 Dominic Cleal
There are conflicting version requirements with rubygem-net-ldap between the Foreman and Puppet Labs dependency repos since Puppet 3.2.  Since Foreman 1.1, the rubygem-net-ping package is no longer required for the proxy, so first remove this and you should either be able to upgrade or remove rubygem-net-ldap altogether if there's no dependency any more.
276 45 Dominic Cleal
277 45 Dominic Cleal
h1. How do I change the FQDN of the Foreman host?
278 45 Dominic Cleal
279 45 Dominic Cleal
# Some settings in the Foreman UI use the hostname, update under More, Settings, e.g.
280 45 Dominic Cleal
#* General, foreman_url
281 45 Dominic Cleal
#* Provisioning, ssl_certificate and ssl_priv_key
282 45 Dominic Cleal
# The registered smart proxy URL if you've installed it, this can be edited via More>Configuration>Smart Proxies
283 45 Dominic Cleal
# Puppet SSL certs: generate new ones with @puppet cert generate FQDN@
284 45 Dominic Cleal
# Apache configs: update conf.d/{foreman,puppet}.conf with new SSL cert filenames, ServerName and VirtualHost IP addresses if applicable
285 45 Dominic Cleal
# Smart proxy configuration: update SSL cert filenames
286 46 Dominic Cleal
# URLs in the puppetmaster's ENC script (/etc/puppet/node.rb) and report script (foreman.rb)
287 47 Stephen Hoekstra
288 47 Stephen Hoekstra
h1. My deleted host keeps reappearing in the Hosts tab
289 47 Stephen Hoekstra
290 47 Stephen Hoekstra
After a period of time a deleted host reappears in the Host tab although the host no longer exists.  A potential reason for this could be the --push-facts cron job is pushing the facts to the Foreman and the Foreman expects the host to check in but never does.
291 47 Stephen Hoekstra
292 47 Stephen Hoekstra
To fix:
293 47 Stephen Hoekstra
<pre>
294 47 Stephen Hoekstra
rm /var/lib/puppet/yaml/facts/$hostname.yaml
295 47 Stephen Hoekstra
rm /var/lib/puppet/yaml/node/$hostname.yaml
296 47 Stephen Hoekstra
</pre>
297 48 Samarendra M Hedaoo
298 48 Samarendra M Hedaoo
h1. My node's environment is being reset to 'X' even though the puppet.conf on the host has environment = 'Y'. The Foreman settings have default_puppet_environment set as 'X' and enc_environment as False. I am using Puppet 3 on the node.
299 48 Samarendra M Hedaoo
300 48 Samarendra M Hedaoo
Foreman expects the node to specify it's own environment, if enc_environment is False. If no environment is returned by the node, it will override it with the value of default_puppet_environment. This was good till Puppet 3. But Puppet 3 no longer returns environment as a fact and hence Foreman assumes that the environment is not set.
301 49 Dominic Cleal
302 49 Dominic Cleal
h1. No A and/or PTR records are created in DNS for new hosts
303 49 Dominic Cleal
304 49 Dominic Cleal
First ensure you have a smart proxy registered with the DNS feature, with a DNS server installed and configured for the appropriate forward and reverse DNS zones.
305 49 Dominic Cleal
306 49 Dominic Cleal
In Foreman, under More, Provisioning, Domains, edit your domain, change the DNS proxy setting to the appropriate proxy server.  This will enable A records to be created for hosts built in that domain.
307 49 Dominic Cleal
308 49 Dominic Cleal
Next, under More, Provisioning, Subnets, edit your subnet, change the DNS proxy to the appropriate proxy for the reverse DNS zone.  This will cause PTR records to be added for hosts with NICs in that subnet.
309 49 Dominic Cleal
310 49 Dominic Cleal
Both parts are needed for a complete DNS setup.
311 49 Dominic Cleal
312 49 Dominic Cleal
h1. No TFTP menus or files are created for new hosts
313 49 Dominic Cleal
314 49 Dominic Cleal
This requires a proxy server registered with the TFTP feature, and a TFTP daemon running on it.  Foreman will write directly to the TFTP root directory, as configured in the proxy settings.  Do ensure the "tftp_servername" setting is also correct, this is the IP address that gets passed to the DHCP server for the @next-server@ option.
315 49 Dominic Cleal
316 49 Dominic Cleal
In Foreman, under More, Provisioning, Subnets, edit your subnet, change the TFTP proxy to the appropriate proxy server for the subnet.  This will cause hosts built in this subnet to receive a PXELinux menu for their primary MAC address.
317 50 Dominic Cleal
318 50 Dominic Cleal
h1. After Foreman 1.3 upgrade, reports and ENC fact uploads no longer work
319 50 Dominic Cleal
320 51 Lukas Zapletal
We changed how the fact and report uploads work in the 1.3 release. During 1.3 upgrade, read "release notes":http://theforeman.org/manuals/1.3/index.html#Upgradenotes and update both the report processor (foreman.rb) and ENC script (node.rb), otherwise errors will be logged in the production.log (return code 400):
321 51 Lukas Zapletal
    
322 51 Lukas Zapletal
    DEPRECATION: /reports/create is deprecated, update your report processor to POST to /api/reports
323 51 Lukas Zapletal
    See the Foreman 1.3 release notes for a new example report processor
324 51 Lukas Zapletal
325 51 Lukas Zapletal
In the release candidates, the error was:
326 50 Dominic Cleal
327 50 Dominic Cleal
    ActionController::RoutingError (No route matches [POST] "/fact_values/create")
328 50 Dominic Cleal
    ActionController::RoutingError (No route matches [POST] "/reports/create")
329 53 Lukas Zapletal
330 53 Lukas Zapletal
h1. Unprocessable Entity error during installation
331 53 Lukas Zapletal
332 53 Lukas Zapletal
Foreman installer registers proxy which is being deployed automatically. If it is, for any reason, already present but under different name, Foreman reject to register the proxy with HTTP 422 error. Proxy registration can be either turned off, or name can be changed using @--foreman-proxy-register-in-foreman@ or @--foreman-proxy-registered-name@ installer options.
333 54 Dominic Cleal
334 54 Dominic Cleal
h1. Installation errors on Puppet 3.4.x or 2.7.24
335 54 Dominic Cleal
336 54 Dominic Cleal
When using Puppet 3.4.0 or 3.4.1, installation errors will be seen and running "puppet --version" after install will show the following:
337 54 Dominic Cleal
338 54 Dominic Cleal
    Could not intialize global default settings: undefined method `mode=' for #<Puppet::Settings::AutosignSetting:0x7fa026ad44e0>
339 54 Dominic Cleal
340 58 Dominic Cleal
This is caused by Puppet bug "PUP-1015":https://tickets.puppetlabs.com/browse/PUP-1015.  On 3.4.1 and 2.7.24, additionally the /etc/puppet/manifests/site.pp file will be set to mode 0600 rather than the default 0644.  This is "PUP-1255":https://tickets.puppetlabs.com/browse/PUP-1255.
341 57 Dominic Cleal
342 58 Dominic Cleal
Puppet 3.4.2 and 2.7.25 fix both of these issues, please ensure you use these versions instead of 3.4.0/1 or 2.7.24.
343 59 Dominic Cleal
344 59 Dominic Cleal
h1. Yum fails to install foreman-installer, Requires: rubygem(rest-client)
345 59 Dominic Cleal
346 59 Dominic Cleal
If you get this error, it indicates the EPEL repository is missing:
347 59 Dominic Cleal
348 59 Dominic Cleal
    Error: Package: rubygem-foreman_api-0.1.9-1.el6.noarch (foreman)
349 59 Dominic Cleal
           Requires: rubygem(rest-client) >= 1.6.1
350 59 Dominic Cleal
351 59 Dominic Cleal
This is a requirement for the installer and Foreman.  Download and install the epel-release RPM from here: http://dl.fedoraproject.org/pub/epel/6/x86_64/repoview/epel-release.html
352 60 Lukas Zapletal
353 60 Lukas Zapletal
h1. Foreman proxy fails to start with Are the values correct in settings.yml and do permissions allow reading?: Permission denied
354 60 Lukas Zapletal
355 60 Lukas Zapletal
If you are using puppet CA see here: http://theforeman.org/manuals/latest/index.html#4.3.7SSL
356 61 Stephen Benjamin
357 61 Stephen Benjamin
h1. FreeIPA realm proxy fails with "generic preauthentication failure"
358 61 Stephen Benjamin
359 61 Stephen Benjamin
If you see error messages like this in your proxy logs:
360 61 Stephen Benjamin
 
361 61 Stephen Benjamin
    E, [2014-05-15T19:28:08.211121 #3595] ERROR -- : Failed to initialise credential cache from keytab: krb5_get_init_creds_keytab:  Generic preauthentication failure
362 61 Stephen Benjamin
    E, [2014-05-15T19:28:08.211515 #3595] ERROR -- : Failed to initailize credentials cache from keytab: krb5_get_init_creds_keytab: Generic preauthentication failure
363 61 Stephen Benjamin
    D, [2014-05-15T19:28:08.211614 #3595] DEBUG -- : /usr/share/foreman-proxy/bin/../lib/proxy/kerberos.rb:13:in `init_krb5_ccache'
364 61 Stephen Benjamin
365 61 Stephen Benjamin
You may be running a much newer version of FreeIPA than the client which provides some unknown encryption types.
366 61 Stephen Benjamin
367 61 Stephen Benjamin
Run `klist -etk /etc/foreman-proxy/freeipa.keytab` and you'll see some unnamed enryption types like this:
368 61 Stephen Benjamin
369 61 Stephen Benjamin
    1 05/14/14 21:14:17 realm-proxy@EXAMPLE.COM (etype 25)
370 61 Stephen Benjamin
    1 05/14/14 21:14:17 realm-proxy@EXAMPLE.COM (etype 26)
371 61 Stephen Benjamin
372 61 Stephen Benjamin
To fix it, delete /etc/foreman-poxy/freeipa.keytab and refetch it, specifying only the enctypes your system knows about:
373 61 Stephen Benjamin
374 61 Stephen Benjamin
    ipa-getkeytab -s ipa.example.com -p realm-proxy@EXAMPLE.COM -k /etc/foreman-proxy/freeipa.keytab --enctypes=aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96,des3-cbc-sha1,arcfour-hmac
375 62 Stephen Benjamin
376 62 Stephen Benjamin
377 62 Stephen Benjamin
h1. FreeIPA realm proxy fails with "LoadError: no such file to load -- ffi_c"
378 62 Stephen Benjamin
379 62 Stephen Benjamin
This is due to a broken rubygem-ffi that ships from Puppetlabs: https://jira-web03-dev.puppetlabs.com/browse/CPR-26
380 62 Stephen Benjamin
381 63 Stephen Benjamin
We need the EPEL one (although with the exact same version).
382 62 Stephen Benjamin
383 62 Stephen Benjamin
Ensure you have the latest (rubygem-ffi-1.0.9-11.el6.x86_64):
384 62 Stephen Benjamin
385 62 Stephen Benjamin
    yum upgrade rubygem-ffi
386 62 Stephen Benjamin
387 62 Stephen Benjamin
Now downgrade, but disable the puppetlabs-dependecies repo so we grab the package from EPEL:
388 62 Stephen Benjamin
389 62 Stephen Benjamin
    yum downgrade --disablerepo=puppetlabs-dependencies rubygem-ffi-1.0.9-9.el6
390 62 Stephen Benjamin
391 62 Stephen Benjamin
Restart the proxy.