theforeman\foreman module?
311 views
Skip to first unread message
Jason McMahan
Apr 25, 2017, 5:34:42 PM4/25/17
to Puppet Users
Has anyone else used the foreman puppet module to create a new formean host?
We used the module, created the host, and manually added it to our f5 but odd things show up.
If i go to https://foreman.com (load balancer) go to infrastructure > smart proxy > click on puppetca host and look at certificates 1 out of 2 times it is fine.
If i go to https://foreman1.com (our original formean server that is also the certificate authority) ever proxy looks fine, life is happy.
If i go to https://foreman2.com (the new foreman we created with the theforeman module logon is fine, hosts report ok but when i go to smart proxy it shows red and give the error
Error: Unable to communicate with the proxy: Permission denied @ rb_sysopen - /etc/puppetlabs/puppet/ssl/private_keys/foreman2.com.pem and Please check the proxy is configured and running on the host.
The full trace shows the following
Errno::EACCES
Permission denied @ rb_sysopen - /etc/puppetlabs/puppet/ssl/private_keys/foreman2.com.pem
/usr/share/foreman/lib/proxy_api/resource.rb:19:in `read'
/usr/share/foreman/lib/proxy_api/resource.rb:19:in `initialize'
/usr/share/foreman/lib/proxy_api/puppet.rb:5:in `initialize'
/usr/share/foreman/app/services/proxy_status/base.rb:41:in `new'
/usr/share/foreman/app/services/proxy_status/base.rb:41:in `api'
/usr/share/foreman/app/services/proxy_status/puppet.rb:6:in `block in environment_stats'
/usr/share/foreman/app/services/proxy_status/base.rb:49:in `block in fetch_proxy_data'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/dalli-2.7.4/lib/active_support/cache/dalli_store.rb:105:in `block in fetch'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/dalli-2.7.4/lib/active_support/cache/dalli_store.rb:359:in `block in instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/notifications.rb:166:in `instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/dalli-2.7.4/lib/active_support/cache/dalli_store.rb:359:in `instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/dalli-2.7.4/lib/active_support/cache/dalli_store.rb:104:in `fetch'
/usr/share/foreman/app/services/proxy_status/base.rb:48:in `fetch_proxy_data'
/usr/share/foreman/app/services/proxy_status/puppet.rb:4:in `environment_stats'
/usr/share/foreman/app/controllers/smart_proxies_controller.rb:59:in `puppet_environments'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/implicit_render.rb:4:in `send_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/abstract_controller/base.rb:198:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/rendering.rb:10:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/abstract_controller/callbacks.rb:20:in `block in process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:117:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:117:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:555:in `block (2 levels) in compile'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:498:in `block (2 levels) in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `block (2 levels) in halting'
/opt/theforeman/tfm/root/usr/share/gems/gems/rails-observers-0.1.2/lib/rails/observers/action_controller/caching/sweeping.rb:73:in `around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:455:in `public_send'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:455:in `block in make_lambda'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `block in halting'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `block in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:498:in `block (2 levels) in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `block (2 levels) in halting'
/usr/share/foreman/app/controllers/concerns/application_shared.rb:14:in `set_timezone'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:432:in `block in make_lambda'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `block in halting'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `block in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:498:in `block (2 levels) in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `block (2 levels) in halting'
/usr/share/foreman/app/models/concerns/foreman/thread_session.rb:32:in `clear_thread'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:432:in `block in make_lambda'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `block in halting'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `block in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:498:in `block (2 levels) in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `block (2 levels) in halting'
/opt/theforeman/tfm/root/usr/share/gems/gems/rails-observers-0.1.2/lib/rails/observers/action_controller/caching/sweeping.rb:73:in `around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:455:in `public_send'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:455:in `block in make_lambda'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `block in halting'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `block in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:92:in `__run_callbacks__'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:778:in `_run_process_action_callbacks'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/abstract_controller/callbacks.rb:19:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/rescue.rb:29:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/notifications.rb:164:in `block in instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/notifications/instrumenter.rb:20:in `instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/notifications.rb:164:in `instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/instrumentation.rb:30:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activerecord-4.2.5.1/lib/active_record/railties/controller_runtime.rb:18:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/abstract_controller/base.rb:137:in `process'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionview-4.2.5.1/lib/action_view/rendering.rb:30:in `process'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal.rb:196:in `dispatch'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal.rb:237:in `block in action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:74:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:74:in `dispatch'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:43:in `serve'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/journey/router.rb:43:in `block in serve'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/journey/router.rb:30:in `each'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/journey/router.rb:30:in `serve'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:815:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.3.7/lib/apipie/static_dispatcher.rb:65:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.3.7/lib/apipie/extractor/recorder.rb:132:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.3.7/lib/apipie/middleware/checksum_in_headers.rb:27:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/etag.rb:24:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/conditionalget.rb:25:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/head.rb:13:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/params_parser.rb:27:in `call'
/usr/share/foreman/lib/middleware/catch_json_parse_errors.rb:8:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/flash.rb:260:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/session/abstract/id.rb:225:in `context'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/session/abstract/id.rb:220:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/cookies.rb:560:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activerecord-4.2.5.1/lib/active_record/query_cache.rb:36:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activerecord-4.2.5.1/lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:88:in `__run_callbacks__'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:778:in `_run_call_callbacks'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/callbacks.rb:27:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/rack/logger.rb:38:in `call_app'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/rack/logger.rb:22:in `call'
/usr/share/foreman/lib/middleware/tagged_logging.rb:18:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/request_id.rb:21:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/methodoverride.rb:22:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/runtime.rb:18:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/static.rb:116:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/sendfile.rb:113:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/secure_headers-3.4.1/lib/secure_headers/middleware.rb:12:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/engine.rb:518:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/application.rb:165:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/railtie.rb:194:in `public_send'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/railtie.rb:194:in `method_missing'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/urlmap.rb:66:in `block in call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/urlmap.rb:50:in `each'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/urlmap.rb:50:in `call'
/usr/share/passenger/phusion_passenger/rack/thread_handler_extension.rb:74:in `process_request'
/usr/share/passenger/phusion_passenger/request_handler/thread_handler.rb:141:in `accept_and_process_next_request'
/usr/share/passenger/phusion_passenger/request_handler/thread_handler.rb:109:in `main_loop'
/usr/share/passenger/phusion_passenger/request_handler.rb:455:in `block (3 levels) in start_threads'
/opt/theforeman/tfm/root/usr/share/gems/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `block in create_with_logging_context'
Permission denied @ rb_sysopen - /etc/puppetlabs/puppet/ssl/private_keys/foreman2.com.pem
/usr/share/foreman/lib/proxy_api/resource.rb:19:in `read'
/usr/share/foreman/lib/proxy_api/resource.rb:19:in `initialize'
/usr/share/foreman/lib/proxy_api/puppet.rb:5:in `initialize'
/usr/share/foreman/app/services/proxy_status/base.rb:41:in `new'
/usr/share/foreman/app/services/proxy_status/base.rb:41:in `api'
/usr/share/foreman/app/services/proxy_status/puppet.rb:6:in `block in environment_stats'
/usr/share/foreman/app/services/proxy_status/base.rb:49:in `block in fetch_proxy_data'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/dalli-2.7.4/lib/active_support/cache/dalli_store.rb:105:in `block in fetch'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/dalli-2.7.4/lib/active_support/cache/dalli_store.rb:359:in `block in instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/notifications.rb:166:in `instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/dalli-2.7.4/lib/active_support/cache/dalli_store.rb:359:in `instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/dalli-2.7.4/lib/active_support/cache/dalli_store.rb:104:in `fetch'
/usr/share/foreman/app/services/proxy_status/base.rb:48:in `fetch_proxy_data'
/usr/share/foreman/app/services/proxy_status/puppet.rb:4:in `environment_stats'
/usr/share/foreman/app/controllers/smart_proxies_controller.rb:59:in `puppet_environments'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/implicit_render.rb:4:in `send_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/abstract_controller/base.rb:198:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/rendering.rb:10:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/abstract_controller/callbacks.rb:20:in `block in process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:117:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:117:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:555:in `block (2 levels) in compile'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:498:in `block (2 levels) in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `block (2 levels) in halting'
/opt/theforeman/tfm/root/usr/share/gems/gems/rails-observers-0.1.2/lib/rails/observers/action_controller/caching/sweeping.rb:73:in `around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:455:in `public_send'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:455:in `block in make_lambda'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `block in halting'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `block in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:498:in `block (2 levels) in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `block (2 levels) in halting'
/usr/share/foreman/app/controllers/concerns/application_shared.rb:14:in `set_timezone'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:432:in `block in make_lambda'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `block in halting'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `block in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:498:in `block (2 levels) in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `block (2 levels) in halting'
/usr/share/foreman/app/models/concerns/foreman/thread_session.rb:32:in `clear_thread'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:432:in `block in make_lambda'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `block in halting'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `block in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:498:in `block (2 levels) in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:313:in `block (2 levels) in halting'
/opt/theforeman/tfm/root/usr/share/gems/gems/rails-observers-0.1.2/lib/rails/observers/action_controller/caching/sweeping.rb:73:in `around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:455:in `public_send'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:455:in `block in make_lambda'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:312:in `block in halting'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:497:in `block in around'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:505:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:92:in `__run_callbacks__'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:778:in `_run_process_action_callbacks'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/abstract_controller/callbacks.rb:19:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/rescue.rb:29:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/notifications.rb:164:in `block in instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/notifications/instrumenter.rb:20:in `instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/notifications.rb:164:in `instrument'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/instrumentation.rb:30:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activerecord-4.2.5.1/lib/active_record/railties/controller_runtime.rb:18:in `process_action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/abstract_controller/base.rb:137:in `process'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionview-4.2.5.1/lib/action_view/rendering.rb:30:in `process'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal.rb:196:in `dispatch'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_controller/metal.rb:237:in `block in action'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:74:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:74:in `dispatch'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:43:in `serve'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/journey/router.rb:43:in `block in serve'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/journey/router.rb:30:in `each'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/journey/router.rb:30:in `serve'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:815:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.3.7/lib/apipie/static_dispatcher.rb:65:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.3.7/lib/apipie/extractor/recorder.rb:132:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.3.7/lib/apipie/middleware/checksum_in_headers.rb:27:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/etag.rb:24:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/conditionalget.rb:25:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/head.rb:13:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/params_parser.rb:27:in `call'
/usr/share/foreman/lib/middleware/catch_json_parse_errors.rb:8:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/flash.rb:260:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/session/abstract/id.rb:225:in `context'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/session/abstract/id.rb:220:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/cookies.rb:560:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activerecord-4.2.5.1/lib/active_record/query_cache.rb:36:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activerecord-4.2.5.1/lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:88:in `__run_callbacks__'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:778:in `_run_call_callbacks'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/callbacks.rb:27:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/rack/logger.rb:38:in `call_app'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/rack/logger.rb:22:in `call'
/usr/share/foreman/lib/middleware/tagged_logging.rb:18:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/request_id.rb:21:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/methodoverride.rb:22:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/runtime.rb:18:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/activesupport-4.2.5.1/lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/static.rb:116:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/sendfile.rb:113:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/secure_headers-3.4.1/lib/secure_headers/middleware.rb:12:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/engine.rb:518:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/application.rb:165:in `call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/railtie.rb:194:in `public_send'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/railties-4.2.5.1/lib/rails/railtie.rb:194:in `method_missing'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/urlmap.rb:66:in `block in call'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/urlmap.rb:50:in `each'
/opt/rh/sclo-ror42/root/usr/share/gems/gems/rack-1.6.2/lib/rack/urlmap.rb:50:in `call'
/usr/share/passenger/phusion_passenger/rack/thread_handler_extension.rb:74:in `process_request'
/usr/share/passenger/phusion_passenger/request_handler/thread_handler.rb:141:in `accept_and_process_next_request'
/usr/share/passenger/phusion_passenger/request_handler/thread_handler.rb:109:in `main_loop'
/usr/share/passenger/phusion_passenger/request_handler.rb:455:in `block (3 levels) in start_threads'
/opt/theforeman/tfm/root/usr/share/gems/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `call'
/opt/theforeman/tfm/root/usr/share/gems/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `block in create_with_logging_context'
Our module looks like
# Class which defines a Company Foreman server
class profile::foreman {
$admin_pass = hiera('foreman.admin_password')
$foreman_url = hiera('foreman.foreman_url')
$foreman_db = hiera('foreman.db_host')
$foreman_db_password = hiera('user_cred.foreman_user.password')
$memcache_server = hiera('foreman.plugin.memcache.hosts')
$company_chain = hiera('company_chain')
$foreman_public_key_location = hiera('foreman.ssl_cert.location')
$foreman_public_key = hiera('foreman.ssl_cert.content')
$foreman_private_key_location = hiera('foreman.ssl_key.location')
$foreman_private_key = hiera('foreman.ssl_key.content')
file { 'company_chain':
path => '/etc/pki/tls/certs/companychain.crt',
ensure => 'present',
content => $company_chain,
mode => '0664'
}
file { 'public_key':
path => $foreman_public_key_location,
ensure => 'present',
content => $foreman_public_key,
mode => '0664'
}
file { 'private_key':
path => $foreman_private_key_location,
ensure => 'present',
content => $foreman_private_key,
mode => '0600'
}
class { 'foreman':
admin_username => 'admin',
admin_password => $admin_pass,
admin_first_name => 'Company',
admin_last_name => 'Automation',
admin_email => 'em...@company.com',
db_manage => false,
db_type => 'postgresql',
email_delivery_method => 'smtp',
email_smtp_address => 'relay.company.com',
email_smtp_port => 25,
email_smtp_authentication => 'none',
locations_enabled => true,
organizations_enabled => true,
puppetrun => false,
foreman_url => $foreman_url,
unattended => true,
authentication => true,
passenger => true,
use_vhost => true,
serveraliases => [ $foreman_url, 'foreman' ],
ssl => true,
custom_repo => true,
repo => '1.14',
configure_epel_repo => false,
configure_scl_repo => false,
version => 'present',
plugin_version => 'present',
db_adapter => 'postgresql',
db_host => $foreman_db,
db_port => 9999,
db_database => 'foreman',
db_username => 'foreman_dbuser',
db_password => $foreman_db_password,
db_pool => 5,
db_manage_rake => true,
user_groups => [],
server_ssl_chain => '/etc/pki/tls/certs/companychain.crt',
server_ssl_cert => $foreman_public_key_location,
server_ssl_key => $foreman_private_key_location,
oauth_active => true,
oauth_map_users => false,
oauth_consumer_key => 'abababababababababababababab',
oauth_consumer_secret => 'abababababababababababababab'
}
class { 'foreman::plugin::memcache':
compress => true,
expires_in => 86400,
hosts => $memcache_server,
namespace => 'foreman'
}
}
The only thing done outside of our module was to follow the instructions.
Any help is appreciated greatly thank you.
Jason
Dominic Cleal
Apr 26, 2017, 11:00:06 AM4/26/17
to puppet...@googlegroups.com
On 25/04/17 18:34, Jason McMahan wrote:
> Has anyone else used the foreman puppet module to create a new formean host?
> We used the module, created the host, and manually added it to our f5
> but odd things show up.
>
> If i go to https://foreman.com (load balancer) go to infrastructure >
> smart proxy > click on puppetca host and look at certificates 1 out of 2
> times it is fine.
> If i go to https://foreman1.com (our original formean server that is
> also the certificate authority) ever proxy looks fine, life is happy.
>
> If i go to https://foreman2.com (the new foreman we created with the
> theforeman module logon is fine, hosts report ok but when i go to smart
> proxy it shows red and give the error
>
> *Error: *Unable to communicate with the proxy: Permission denied @
> Has anyone else used the foreman puppet module to create a new formean host?
> We used the module, created the host, and manually added it to our f5
> but odd things show up.
>
> If i go to https://foreman.com (load balancer) go to infrastructure >
> smart proxy > click on puppetca host and look at certificates 1 out of 2
> times it is fine.
> If i go to https://foreman1.com (our original formean server that is
> also the certificate authority) ever proxy looks fine, life is happy.
>
> If i go to https://foreman2.com (the new foreman we created with the
> theforeman module logon is fine, hosts report ok but when i go to smart
> proxy it shows red and give the error
>
> rb_sysopen - /etc/puppetlabs/puppet/ssl/private_keys/foreman2.com.pem
> and Please check the proxy is configured and running on the host.
The certificate used by Foreman to communicate with its smart proxies is
> and Please check the proxy is configured and running on the host.
set by the ssl_* settings under Administer > Settings > Auth.
theforeman/puppet configures this via /etc/foreman/settings.yaml, and
it's controlled by the "client_ssl_ca", "client_ssl_cert", and
"client_ssl_key" parameters on the "foreman" class
(http://www.puppetmodule.info/modules/theforeman-foreman/puppet_classes/foreman).
Check what values are appropriate for your smart proxy instance, perhaps
compare against your existing Foreman server, then set these parameters
to the same values.
--
Dominic Cleal
dom...@cleal.org
Jason McMahan
Apr 26, 2017, 6:18:43 PM4/26/17
to Puppet Users, dom...@cleal.org
Thank you for the quick response Dominic,
When i look under settings
foreman1 = (the original working)
| SSL CA file | /etc/puppetlabs/puppet/ssl/certs/ca.pem | SSL CA file that Foreman will use to communicate with its proxies |
| SSL certificate | /etc/puppetlabs/puppet/ssl/certs/foreman1.com.pem | SSL Certificate path that Foreman would use to communicate with its proxies |
| SSL client cert env | SSL_CLIENT_CERT | Environment variable containing a client's SSL certificate |
| SSL client DN env | SSL_CLIENT_S_DN | Environment variable containing the subject DN from a client SSL certificate |
| SSL client verify env | SSL_CLIENT_VERIFY | Environment variable containing the verification status of a client SSL certificate |
| SSL private key | /etc/puppetlabs/puppet/ssl/private_keys/foreman1.com.pem | SSL Private Key file that Foreman will use to communicate with its proxies |
foreman2:
SSL CA file /etc/puppetlabs/puppet/ssl/certs/ca.pem SSL CA file that Foreman will use to communicate with its proxies
SSL certificate /etc/puppetlabs/puppet/ssl/certs/foreman1.com.pem SSL Certificate path that Foreman would use to communicate with its proxies
SSL client cert env SSL_CLIENT_CERT Environment variable containing a client's SSL certificate
SSL client DN env SSL_CLIENT_S_DN Environment variable containing the subject DN from a client SSL certificate
SSL client verify env SSL_CLIENT_VERIFY Environment variable containing the verification status of a client SSL certificate
SSL private key /etc/puppetlabs/puppet/ssl/private_keys/foreman1.com.pem SSL Private Key file that Foreman will use to communicate with its proxies
When i look in the settings.yaml
foreman1:
:ssl_certificate: /etc/puppetlabs/puppet/ssl/certs/foreman1.com.pem
:ssl_ca_file: /etc/puppetlabs/puppet/ssl/certs/ca.pem
:ssl_priv_key: /etc/puppetlabs/puppet/ssl/private_keys/foreman1.com.pem
foreman2:
:ssl_certificate: /etc/puppetlabs/puppet/ssl/certs/foreman2.com.pem
:ssl_ca_file: /etc/puppetlabs/puppet/ssl/certs/ca.pem
:ssl_priv_key: /etc/puppetlabs/puppet/ssl/private_keys/foreman2.com.pem
Dominic Cleal
Apr 27, 2017, 7:28:37 AM4/27/17
to puppet...@googlegroups.com
On 26/04/17 19:18, Jason McMahan wrote:
> foreman2:
> SSL CA file/etc/puppetlabs/puppet/ssl/certs/ca.pem
file, unless the service hadn't been restarted. Restart apache2/httpd.
If this is an error in the e-mail, then going back to the original
error, you have a permissions issue. Ensure the files and parent
directories are all readable by 'foreman'.
--
Dominic Cleal
dom...@cleal.org
> foreman2:
> SSL CA file/etc/puppetlabs/puppet/ssl/certs/ca.pem
> SSL CA file that Foreman will use to communicate with
> its proxies
> SSL certificate/etc/puppetlabs/puppet/ssl/certs/foreman1.com.pem
> SSL Certificate path that Foreman would use to communicate with
> its proxies
> SSL client cert envSSL_CLIENT_CERT
> Environment variable containing a client's SSL
> certificate
> SSL client DN envSSL_CLIENT_S_DN
> Environment variable containing the subject DN
> from a client SSL certificate
> SSL client verify envSSL_CLIENT_VERIFY
> Environment variable containing the verification
> status of a client SSL certificate
> SSL private key/etc/puppetlabs/puppet/ssl/private_keys/foreman1.com.pem
> its proxies
> SSL certificate/etc/puppetlabs/puppet/ssl/certs/foreman1.com.pem
> SSL Certificate path that Foreman would use to communicate with
> its proxies
> SSL client cert envSSL_CLIENT_CERT
> Environment variable containing a client's SSL
> certificate
> SSL client DN envSSL_CLIENT_S_DN
> Environment variable containing the subject DN
> from a client SSL certificate
> SSL client verify envSSL_CLIENT_VERIFY
> Environment variable containing the verification
> status of a client SSL certificate
> SSL private key/etc/puppetlabs/puppet/ssl/private_keys/foreman1.com.pem
> SSL Private Key file that Foreman will use to communicate with its
> proxies
>
>
> When i look in the settings.yaml
[..]
> proxies
>
>
> When i look in the settings.yaml
>
> foreman2:
> :ssl_certificate: /etc/puppetlabs/puppet/ssl/certs/foreman2.com.pem
> :ssl_ca_file: /etc/puppetlabs/puppet/ssl/certs/ca.pem
> :ssl_priv_key: /etc/puppetlabs/puppet/ssl/private_keys/foreman2.com.pem
I don't see why the value in the UI would differ from the configuration
> foreman2:
> :ssl_certificate: /etc/puppetlabs/puppet/ssl/certs/foreman2.com.pem
> :ssl_ca_file: /etc/puppetlabs/puppet/ssl/certs/ca.pem
> :ssl_priv_key: /etc/puppetlabs/puppet/ssl/private_keys/foreman2.com.pem
file, unless the service hadn't been restarted. Restart apache2/httpd.
If this is an error in the e-mail, then going back to the original
error, you have a permissions issue. Ensure the files and parent
directories are all readable by 'foreman'.
--
Dominic Cleal
dom...@cleal.org
James Perry
Apr 28, 2017, 1:51:23 PM4/28/17
to Puppet Users, dom...@cleal.org
This may sound stupid, or even idiotic, but have you tried running the foreman-installer --noop --verbose to see what it shows? I have found that when I patch my Linux servers that HTTP and other configs get completely messed up. Running the foreman-installer pulls the details from the answers file and reconfigures the setups accordingly. It has become my first troubleshooting step when things aren't working.
Seeing that your foreman2 box still shows the SSL certs for foreman1, but your answers file has the foreman2 certs defined, running the installer in noop with verbose will show you what would have changed to see if this would make the modifications you need to get the proxy working.
Jason McMahan
May 1, 2017, 3:30:53 PM5/1/17
to Puppet Users
James thank you for the input.
That is a good option if i had a foreman server only, unfortunately when we built our first server it is foreman & puppetca.
Dominic,
After restarting the service (sorry over sight i thought i had done that.) the ssl file shows appropriately in the foreman gui.
We are still having problems with the error i originally listed and i believe as you said it is permissions.
Currently our foreman2 server has an ls -la as
[root@oilvp064 ~]# ls -la /etc/puppetlabs/puppet/ssl/
total 8
drwxrwx--x. 7 root root 116 Apr 5 13:47 .
drwxr-xr-x. 3 root root 71 Apr 20 14:17 ..
drwxr-xr-x. 2 root root 39 Apr 5 13:47 certificate_requests
drwxr-xr-x. 2 root root 53 Apr 20 13:59 certs
-rw-r--r--. 1 root root 6938 Apr 5 13:47 crl.pem
drwxr-x---. 2 root root 6 Apr 5 13:25 private
drwxr-x---. 2 root root 39 Apr 5 13:25 private_keys
drwxr-xr-x. 2 root root 39 Apr 5 13:25 public_keys
Foreman1 shows the following because it foreman and Puppetca
[root@oilvp044 ~]# ls -la /etc/puppetlabs/puppet/ssl/
total 40
drwxrwx--x. 8 puppet puppet 4096 Apr 19 16:08 .
drwxr-xr-x. 3 root root 4096 Apr 28 11:03 ..
drwxr-xr-x. 5 puppet puppet 4096 Apr 28 10:53 ca
-rw-r--r--. 1 root root 1960 Apr 19 16:08 cert
drwxr-xr-x. 2 puppet puppet 6 Apr 25 17:38 certificate_requests
drwxr-xr-x. 2 puppet puppet 4096 May 1 07:49 certs
-rw-r--r--. 1 puppet puppet 8409 May 1 07:49 crl.pem
drwxr-x---. 2 puppet puppet 6 Nov 18 15:04 private
drwxr-x---. 2 puppet puppet 4096 Apr 25 17:41 private_keys
drwxr-xr-x. 2 puppet puppet 4096 Apr 25 17:41 public_keys
In our code it shows the limited changes we are making.
Thank you
Reply all
Reply to author
Forward
0 new messages