Bug 1121559

Summary: Export the rest of parameters for smart proxy installer features
Product: Red Hat Satellite Reporter: Ivan Necas <inecas>
Component: InstallationAssignee: Katello Bug Bin <katello-bugs>
Status: CLOSED CURRENTRELEASE QA Contact: Tazim Kolhar <tkolhar>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.0.3CC: bbuckingham, bkearney, cwelton, ehelms, jmontleo, otto, rjerrido, tkolhar
Target Milestone: Unspecified   
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-08-12 13:56:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ivan Necas 2014-07-21 08:36:20 UTC
Description of problem:
The user should be forced to edit the foreman-proxy related settings (such as setting the dhcp_key_name and dhcp_key_secret) when installing the capsule, especially when this options are exposed by the foreman_proxy puppet modules

Steps to Reproduce:
1. try set dhcp_key_name and dhcp_key_secret by the capsule installer

Actual results:
here are no options for that

Expected results:
here are options for that

Comment 3 Raymond Otto 2014-07-21 08:57:43 UTC
In order to proceed I've added the following documentation:
The capsule needs to be already installed with the DHCP feature enabled!

 -> for DHCP we need to add some additional configuration
# yum install bind (if not installed)
# dnssec-keygen -r /dev/urandom -a HMAC-MD5 -b 512 -n HOST omapi_key
# KEY=cat Komapi_key.+*.private |grep ^Key|cut -d ' ' -f2-

 -> append /etc/dhcp/dhcpd.conf

omapi-port 7911;
key omapi_key {
  algorithm HMAC-MD5;
  secret "${KEY}"; #<-The output from the generated key above.
};
omapi-key omapi_key;

#######################################################################
# Enter you'r private subnet here which will be imported by Satellite #
#######################################################################
subnet 172.16.128.10 netmask 255.255.255.0 {
   option subnet-mask 255.255.255.0;
   option routers 172.16.128.10.1;
}

 -> append /etc/forman-proxy/setting.yml
:dhcp_key_name: omapi_key
:dhcp_key_secret: ${KEY}

# service dhcpd restart
# service foreman-proxy restart

 -> Goto the Satellite UI: Infrastructure -> Capsules
 -> Selected the arrow down image next to Certificates which corresponds with you'r capsule
 -> Select "import subnets".
 -> Add additional information to the importes subnet.

Comment 4 Raymond Otto 2014-07-21 08:59:01 UTC
Some typos in Subnet:

#######################################################################
# Enter you'r private subnet here which will be imported by Satellite #
#######################################################################
subnet 172.16.128.0 netmask 255.255.255.0 {
   option subnet-mask 255.255.255.0;
   option routers 172.16.128.1;
}

Comment 5 Ivan Necas 2014-07-21 11:25:05 UTC
*** Bug 1121605 has been marked as a duplicate of this bug. ***

Comment 6 Eric Helms 2015-03-09 17:07:10 UTC
This request is satisfied by the current installer. See https://github.com/Katello/puppet-capsule/blob/master/manifests/init.pp#L191-L192

Comment 10 Ivan Necas 2015-04-21 09:18:49 UTC
Steps to reproduce:

katello-installer --capsule-dhcp           "true"\
                  --capsule-dhcp-interface "virbr1"\
                  --capsule-dhcp-key-name "omapi_key"\
                  --capsule-dhcp-key-secret "secret"

The key values should propagate to config files as described in https://bugzilla.redhat.com/show_bug.cgi?id=1121559#c3

Comment 11 Tazim Kolhar 2015-04-21 09:52:16 UTC
VERIFIED:

# rpm -qa | grep foreman
qe-sat6-rhel71.usersys.redhat.com-foreman-client-1.0-1.noarch
qe-sat6-rhel71.usersys.redhat.com-foreman-proxy-1.0-1.noarch
ruby193-rubygem-foreman_docker-1.2.0.7-1.el7sat.noarch
rubygem-hammer_cli_foreman_discovery-0.0.1.4-1.el7sat.noarch
ruby193-rubygem-foreman-redhat_access-0.1.0-1.el7sat.noarch
foreman-compute-1.7.2.15-1.el7sat.noarch
foreman-vmware-1.7.2.15-1.el7sat.noarch
ruby193-rubygem-foreman_discovery-2.0.0.9-1.el7sat.noarch
rubygem-hammer_cli_foreman_bootdisk-0.1.2.5-1.el7sat.noarch
ruby193-rubygem-foreman_gutterball-0.0.1.9-1.el7sat.noarch
foreman-1.7.2.15-1.el7sat.noarch
foreman-ovirt-1.7.2.15-1.el7sat.noarch
rubygem-hammer_cli_foreman-0.1.4.7-1.el7sat.noarch
foreman-proxy-1.7.2.4-1.el7sat.noarch
qe-sat6-rhel71.usersys.redhat.com-foreman-proxy-client-1.0-1.noarch
foreman-postgresql-1.7.2.15-1.el7sat.noarch
ruby193-rubygem-foreman_hooks-0.3.7-2.el7sat.noarch
foreman-selinux-1.7.2.13-1.el7sat.noarch
foreman-gce-1.7.2.15-1.el7sat.noarch
ruby193-rubygem-foreman-tasks-0.6.12.3-1.el7sat.noarch
rubygem-hammer_cli_foreman_tasks-0.0.3.3-1.el7sat.noarch
foreman-debug-1.7.2.15-1.el7sat.noarch
foreman-libvirt-1.7.2.15-1.el7sat.noarch
ruby193-rubygem-foreman_bootdisk-4.0.2.10-1.el7sat.noarch


Steps:

# cat /etc/dhcp/dhcpd.conf
# dhcpd.conf
omapi-port 7911;
key omapi_key {
  algorithm HMAC-MD5;
  secret "Komapi_key.+157+26732"; #<-The output from the generated key above.
};
omapi-key omapi_key;

/etc/forman-proxy/setting.yml
:dhcp_key_name: omapi_key
:dhcp_key_secret: Komapi_key.+157+26732

# service dhcpd restart
# service foreman-proxy restart 
  
# katello-installer --capsule-dhcp "true" --capsule-dhcp-interface "virbr1" --capsule-dhcp-key-name "omapi_key" --capsule-dhcp-key-secret "secret"
Installing             Info: START 632                                    [0%] [Installing             Debug: /Stage[main]/Dhcp/File[/etc/sysconfig/dhcpd [0%] [Installing             Debug: /Stage[main]/Apache::Default_mods/Apache::M [0%] [Installing             Debug: /Stage[main]/Candlepin::Database::Postgresq [0%] [Installing             Debug: /Stage[main]/Certs::Foreman/File[/etc/forem [0%] [Installing             Debug: /Stage[main]/Apache::Default_mods/Apache::M [0%] [Installing             Info: Applying configuration version '1429609539'  [0%] [Installing             Info: RESOURCE File[/var/lib/puppet/concat]        [0%] [Installing             Info: RESOURCE File[/var/lib/puppet/concat/bin/con [0%] [Installing             Info: RESOURCE Package[mongodb_client]             [0%] [Installing             Info: RESOURCE Kafo_configure::Yaml_to_class[forem [1%] [Installing             Info: RESOURCE Package[katello-debug]              [5%] [Installing             Info: RESOURCE File[/etc/pki/katello/private/katel [8%] [Installing             Info: RESOURCE Ca[katello-server-ca]               [9%] [Installing             Info: RESOURCE File[/root/ssl-build/KATELLO-TRUSTE [9%] [Installing             Info: RESOURCE Exec[Create Puppet Reports dir]     [10%] Installing             Info: RESOURCE Concat_fragment[qdrouter+footer.con [14%] Installing             Info: RESOURCE Cert[qe-sat6-rhel71.usersys.redhat. [17%] Installing             Info: RESOURCE Apache::Mod[negotiation]            [18%] Installing             Info: RESOURCE Apache::Mod[alias]                  [21%] Installing             Info: RESOURCE File[actions.load]                  [26%] Installing             Info: RESOURCE File[negotiation.conf]              [26%] Installing             Info: RESOURCE Apache::Mod[authz_owner]            [33%] Installing             Info: RESOURCE Apache::Mod[substitute]             [35%] Installing             Info: RESOURCE Concat[/var/lib/pgsql/data/pg_ident [39%] Installing             Info: RESOURCE File[/etc/elasticsearch/elasticsear [41%] Installing             Info: RESOURCE File[authn_anon.load]               [45%] Installing             Info: RESOURCE File[/var/lib/puppet/concat/_etc_ca [48%] Installing             Info: RESOURCE File[/var/lib/puppet/concat/_etc_ht [50%] Installing             Info: RESOURCE File[/etc/gutterball/gutterball.con [53%] Installing             Info: RESOURCE Pubkey[/etc/pki/katello/certs/katel [58%] Installing             Info: RESOURCE File[/var/lib/puppet/concat/_var_li [59%] Installing             Info: RESOURCE Anchor[postgresql::server::service: [63%] Installing             Debug: /Stage[main]/Gutterball::Database/Postgresq [64%] Installing             Debug: /Stage[main]/Foreman::Database::Postgresql/ [65%] Installing             Debug: /Stage[main]/Candlepin::Database::Postgresq [66%] Installing             Debug: /Stage[main]/Candlepin::Database::Postgresq [67%] Installing             Debug: /Stage[main]/Candlepin::Database::Postgresq [68%] Installing             Debug: /Stage[main]/Candlepin::Database::Postgresq [69%] Installing             Debug: /Stage[main]/Candlepin::Database::Postgresq [69%] Installing             Info: RESOURCE Apache::Mod[mime_magic]             [70%] Installing             Debug: /Stage[main]/Gutterball::Database/Postgresq [71%] Installing             Info: RESOURCE Package[qpid-cpp-server]            [74%] Installing             Info: RESOURCE File[/etc/gutterball/certs]         [75%] Installing             Info: RESOURCE Cert[qe-sat6-rhel71.usersys.redhat. [75%] Installing             Info: /Stage[main]/Dhcp/File[/etc/dhcp/dhcpd.conf] [77%] Installing             Debug: Executing '/usr/bin/systemctl is-enabled dh [77%] Installing             Debug: /Stage[main]/Foreman::Database::Postgresql/ [78%] Installing             Debug: /Stage[main]/Foreman::Database::Postgresql/ [78%] Installing             Info: RESOURCE Privkey[/etc/pki/katello/gutterball [79%] Installing             Debug: /File[/etc/httpd/conf.d/15-default.conf]/se [83%] Installing             Debug: /File[/etc/httpd/conf.d/expires.load]/selty [83%] Installing             Debug: /File[/etc/httpd/conf.d/setenvif.conf]/selt [83%] Installing             Debug: /File[/etc/httpd/conf.d/speling.load]/selty [83%] Installing             Debug: /Stage[main]/Apache/Apache::Vhost[default-s [84%] Installing             Info: RESOURCE Cert[qe-sat6-rhel71.usersys.redhat. [85%] Installing             Info: RESOURCE Apache::Vhost[puppet]               [88%] Installing             Info: RESOURCE File[/etc/puppet/environments]      [90%] Installing             Info: RESOURCE File[/usr/share/foreman/config/envi [93%] Installing             Debug: Prefetching cli resources for foreman_confi [94%] Installing             Info: RESOURCE Foreman_config_entry[db_pending_mig [94%] Installing             Info: RESOURCE File[/etc/sudoers.d]                [97%] Installing             Info: RESOURCE File[/etc/foreman-proxy/settings.d/ [99%] Installing             Notice: /Stage[main]/Foreman_proxy::Service/Servic [99%] Installing             Info: RESOURCE Cert[qe-sat6-rhel71.usersys.redhat. [99%] Installing             Info: RESOURCE File[/etc/pki/katello/nssdb/cert8.d [99%] Installing             Debug: /Stage[main]/Certs::Gutterball/Certs::Sslto [99%] Installing             Info: RESOURCE Cert[java-client]                   [99%] Installing             Debug: /Stage[main]/Certs::Candlepin/Exec[create c [99%] Installing             Debug: /Stage[main]/Certs::Candlepin/Exec[import c [99%] Installing             Notice: /Stage[main]/Certs::Candlepin/Exec[import  [99%] Installing             Info: RESOURCE Cert[qe-sat6-rhel71.usersys.redhat. [99%] Installing             Info: RESOURCE Package[pulp-rpm-plugins]           [99%] Installing             Debug: Executing '/usr/bin/systemctl is-active pul [99%] Installing             Info: RESOURCE Service[httpd]                      [99%] Installing             Info: RESOURCE Qpid::Router::Link_route_pattern[br [99%] Installing             Info: RESOURCE Service[qdrouterd]                  [99%] Installing             Debug: /Stage[main]/Katello::Qpid/Exec[create kate [99%] Installing             Debug: /Stage[main]/Katello::Qpid/Exec[bind katell [99%] Installing             Notice: /Stage[main]/Katello::Qpid/Exec[bind katel [99%] Installing             Info: RESOURCE Exec[foreman-rake-db:seed]          [99%] Installing             Debug: Executing '/usr/bin/systemctl is-enabled fo [99%] Installing             Debug: /Stage[main]/Certs::Foreman/Exec[foreman_ce [99%] Installing             Info: RESOURCE Foreman_smartproxy[qe-sat6-rhel71.u [99%] Installing             Notice: /Stage[main]/Foreman_proxy::Register/Forem [99%] Installing             Debug: Stored state in 0.12 seconds                [99%] Installing             Debug: Processing report from qe-sat6-rhel71.users [99%] Installing             Done                                               [100%]Installing             Done                                               [100%] []
  Success!
  * Katello is running at https://qe-sat6-rhel71.usersys.redhat.com
      Initial credentials are admin / tpXo46VJY8ZzD6FK
  * Capsule is running at https://qe-sat6-rhel71.usersys.redhat.com:9090
  * To install additional capsule on separate machine continue by running:"

      capsule-certs-generate --capsule-fqdn "$CAPSULE" --certs-tar "~/$CAPSULE-certs.tar"

  The full log is at /var/log/katello-installer/katello-installer.log

Comment 12 Bryan Kearney 2015-08-11 13:19:46 UTC
This bug is slated to be released with Satellite 6.1.

Comment 13 Bryan Kearney 2015-08-12 13:56:01 UTC
This bug was fixed in version 6.1.1 of Satellite which was released on 12 August, 2015.