Create new tasks

[Shobin Sathyan]

Hi,

I've created new tasks to install older versions of Redhat (5.8). The tasks are created on the Filesystem and it does appear when razor tasks are issued from the command line.

The policies pick up the new task and install the nodes. The post_install scripts are not picking up the correct URL for installing the broker.

The kick start URL shows the proper server URL.

curl -s -o /root/razor_postinstall.sh http://razor-server.build-labs.com:8080/svc/file/9/post_install

But when I curl this output into a file in /tmp on the node to check it after the installation. It shows as below.

curl -s -o /root/razor_postinstall.sh http://172.17.43.6/svc/file/9/post_install

The Port 8080 seems to be missing from the curl URL after the OS is installed on the node and therefore the broker handoff also fails.

I copied the redhat tasks to create a new task called rhelkvm as below.

[root@razor-server tasks]# more rhelkvm.yaml
---

os: rhelkvm
os_version: 5.8
label: Red Hat Enterprise Linux 5.8
description: Red Hat Generic installer
boot_sequence:
  1: boot_install
  default: boot_local


Created a folder called rhelkvm and copied all the erb files under rhelkvm/5.8/ directory. Changed the kickstart to match the KVM VM disk name etc.

The Policy is working fine but the post_install curl in Kickstart post section is fetching a wrong URL.

Any pointers to what might be missing from this task created  ?

Thanks,

Shobin Sathyan

[Daniel Pittman]

That seems very odd. Just to check: the kickstart fed to anaconda
does contain the correct URL, but the second time you obtain it, it
contains the wrong URL?

You don't have any sort of proxy, etc, in place, do you? Can you show
the command you used to obtain the script the second time around?

> --
> You received this message because you are subscribed to the Google Groups
> "puppet-razor" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-razor...@googlegroups.com.
> To post to this group, send email to puppet...@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-razor.
> For more options, visit https://groups.google.com/d/optout.



--
Daniel Pittman
⎋ Puppet Labs Developer – http://puppetlabs.com
♲ Made with 100 percent post-consumer electrons

[Shobin Sathyan]

No commands used, it's just two lines in my kickstart.erb

curl -s -o /root/razor_postinstall.sh <%= file_url("post_install") %>

echo 'curl -s -o /root/razor_postinstall.sh <%= file_url("post_install") %> ' >> /root/curl.url

When I view the kickstart URL issued for the node from my browser (http://razor-node.build-labs.com:8080/svc/file/7/kickstart) it shows the proper values substituted for post_install. But when the node boots, it does not get the proper URL as I see from the /root/curl.url file. It missing the 8080 port. 

I suspect something wrong with the tasks created. The logs shows that the port is missing as well.

10:28:26,028 INFO  [razor.web.api] (http-/0.0.0.0:8080-1) request from 7 for kickstart

10:28:26,030 INFO  [razor.sequel] (http-/0.0.0.0:8080-1) (0.001000s) SELECT * FROM "nodes" WHERE "id" = '7'

10:28:26,046 INFO  [razor.sequel] (http-/0.0.0.0:8080-1) (0.007000s) SELECT * FROM "policies" WHERE ("id" = 5) ORDER BY "rule_number" LIMIT 1

10:28:26,051 INFO  [razor.sequel] (http-/0.0.0.0:8080-1) (0.000000s) SELECT * FROM "repos" WHERE "id" = 1

10:28:26,053 INFO  [razor] (http-/0.0.0.0:8080-1) node7: {"event"=>"get_file", "template"=>"kickstart", "url"=>"http://172.17.43.6/svc/file/7/kickstart", "severity"=>"info"}

Yes I do have a proxy in my corp network... But in the labs it does not use a proxy.

[Daniel Pittman]

Crazy. I am at a bit of a loss about what could be going wrong here,
so would you do me a favor?

I would love to see the raw HTTP request and response for the correct,
and incorrect, requests. Capturing them on the server via tcpdump,
ngrep, or equivalent would be great.

Feel free to, eg, blank out passwords or whatever, all I really care
about are the HTTP headers in request and response, and the
confirmation of exactly what is supplied in the various URLs.

[Shobin Sathyan]

Here is the attached ngrep output. I've only attached the HTTP calls during the the node booting and when razor feeds the Kickstart. As you see the kickstart provided is giving out the URL without the port 8080 and hence the post_install section does not execute and broker handover does not happen.

Probably I could add a port redirect/reverse proxy via apache on the razor server as a workaround but would be interesting to know where and how it's picking up the <%= file_url("post_install") %> value into the kickstart.

Any ideas ?

Cheers,

-Shobin-

[Daniel Pittman]

Thanks. That makes clear what is going wrong, but I am not certain
what the solution is right now. Step one is getting a bug filed in
jira at https://jira.puppetlabs.com/

To answer your last question first: we use the built-in capabilities
of Sinatra to work out the URL of the server, and that bases it on
what the client tells us it used to communicate. This makes it pretty
robust against, eg, DNS changes, or whatever.

It also causes your problem here, and I don't know what the solution
will be, but obviously we need to solve it. The problem is triggered
by this request:

T 172.17.43.22:38809 -> 172.17.43.6:8080 [AP]
GET /svc/file/11/kickstart HTTP/1.0.
Host: 172.17.43.6.
User-Agent: anaconda/11.1.2.259.
X-RHN-Provisioning-MAC-0: eth0 52:54:00:4E:9D:4E.

As you see, the "Host" header has only the IP address, in a
non-standard format, and no port. We simply mirror that in our
response, and that fails because it doesn't actually reflect the real
connection.

Which is annoying as all get-out, because this is an installer issue,
and we are going to have to work around it. That means a patch on our
side, which we will hopefully shortly have ready.

[Alex Scoble]

What ever happened with this because we are experiencing similar issues.

Thanks,

Alex

[Scott McClellan]

Hi Alex,

In which version of RHEL are you encountering this issue? Is this in a custom task?

Scott

--

You received this message because you are subscribed to the Google Groups "puppet-razor" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-razor...@googlegroups.com.
To post to this group, send email to puppet...@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-razor.
For more options, visit https://groups.google.com/d/optout.

--

Join us at PuppetConf 2015, October 5-9 in Portland, OR - http://2015.puppetconf.com.  

Register early to save 40%!

[Alex Scoble]

RHEL 5.

Yes, custom task.

--Alex

[Scott McClellan]

Hi Alex,

If this is the issue described above, it is an unfortunate bug in RHEL 5, as it violates the RFC.

You may be able to work around the issue (in an ugly way) by coding in the URLs that you need into the kickstart.erb, substituting e.g. <%= node.id %> where necessary. This will also involve substituting for the `url --url=<%= repo_url %>` line.

Hope that helps, feel free to let us know if you get a response from RH.

Scott

[Alex Scoble]

Yeah, we have decided not to support RHEL 5 with Razor as we are running in to too many of these problems and quite frankly, RHEL 5 is pretty horrible in lots of other ways (can only hash passwords using md5, wtf? can only use ext3? whut?).

--Alex