Bug 1695609

Summary: Update DNS/DHCP Infoblox installation commands
Product: Red Hat Satellite Reporter: Kenny Tordeurs <ktordeur>
Component: DocumentationAssignee: satellite-doc-list
Status: CLOSED CURRENTRELEASE QA Contact: satellite-doc-list
Severity: medium Docs Contact:
Priority: medium    
Version: 6.5.0CC: aruzicka, ekohlvan, lzap, mcorr, mshira, pgagne
Target Milestone: Unspecified   
Target Release: Unused   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-04-15 07:22:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Kenny Tordeurs 2019-04-03 12:34:43 UTC 
Description of problem:
When adding the dns infoblox module, no dns feature is enabled after successful run.

Version-Release number of selected component (if applicable):
Satellite 6.5 beta

How reproducible:
100%

Steps to Reproduce:
1) Setup infoblox with DNS service running

# satellite-installer --enable-foreman-proxy-plugin-dns-infoblox \
--foreman-proxy-dns-provider infoblox \
--foreman-proxy-plugin-dns-infoblox-dns-server ktordeur-infoblox.test.lan \
--foreman-proxy-plugin-dns-infoblox-username admin \
--foreman-proxy-plugin-dns-infoblox-password password

Actual results:
hammer> capsule list
---|------------------------|-------------------------------------|--------------------------
ID | NAME                   | URL                                 | FEATURES                 
---|------------------------|-------------------------------------|--------------------------
1  | ktordeur-sat6.test.lan | https://ktordeur-sat6.test.lan:9090 | Templates, Pulp, TFTP,...
---|------------------------|-------------------------------------|--------------------------

hammer> capsule refresh-features --id 1
~~~
Smart proxy features were refreshed.
~~~

hammer> capsule info --id 1
~~~
Id:            1
Name:          ktordeur-sat6.test.lan
URL:           https://ktordeur-sat6.test.lan:9090
Features:      
    Templates
    Pulp
    TFTP
    Puppet
    Puppet CA
    Logs
    Dynflow
    SSH
    Discovery
    Ansible
    Openscap
Locations:     
    office
Organizations: 
    kenny
Created at:    2019/04/03 08:34:06
Updated at:    2019/04/03 08:34:07
~~~


Expected results:
DNS feature to be listed or some error from installer

Additional info:
[root@ktordeur-sat6 ~]# foreman-maintain service restart
Running Restart Services
================================================================================
Check if command is run as root user:                                 [OK]
--------------------------------------------------------------------------------
Restart applicable services: 
Stopping the following service(s):

rh-mongodb34-mongod, postgresql, qdrouterd, qpidd, squid, pulp_celerybeat, pulp_resource_manager, pulp_streamer, pulp_workers, smart_proxy_dynflow_core, tomcat, dynflowd, httpd, puppetserver, foreman-proxy
\ All services stopped                                                          
Starting the following service(s):

rh-mongodb34-mongod, postgresql, qdrouterd, qpidd, squid, pulp_celerybeat, pulp_resource_manager, pulp_streamer, pulp_workers, smart_proxy_dynflow_core, tomcat, dynflowd, httpd, puppetserver, foreman-proxy
\ All services started                                                [OK]      
--------------------------------------------------------------------------------

[root@ktordeur-sat6 ~]# hammer capsule refresh-features --id 1
Smart proxy features were refreshed.

[root@ktordeur-sat6 ~]# hammer capsule info --id 1
Id:            1
Name:          ktordeur-sat6.test.lan
URL:           https://ktordeur-sat6.test.lan:9090
Features:      
    Templates
    Pulp
    TFTP
    Puppet
    Puppet CA
    Logs
    Dynflow
    SSH
    Discovery
    Ansible
    Openscap
Locations:     
    office
Organizations: 
    kenny
Created at:    2019/04/03 08:34:06
Updated at:    2019/04/03 08:34:07


# cat /etc/foreman-proxy/settings.d/dns_infoblox.yml 
---
:dns_server: "ktordeur-infoblox.test.lan"
:username: "admin"
:password: "password"
Comment 5 Kenny Tordeurs 2019-04-03 12:54:36 UTC 
Same for DHCP:

# satellite-installer --enable-foreman-proxy-plugin-dhcp-infoblox \
 --foreman-proxy-dhcp-provider infoblox \
 --foreman-proxy-plugin-dhcp-infoblox-record-type host \
 --foreman-proxy-dhcp-server ktordeur-infoblox.test.lan \
 --foreman-proxy-plugin-dhcp-infoblox-username admin \
 --foreman-proxy-plugin-dhcp-infoblox-password password \
 --foreman-proxy-plugin-dhcp-infoblox-network-view default \
 --foreman-proxy-plugin-dhcp-infoblox-dns-view default --verbose


  Success!
  * Satellite is running at https://ktordeur-sat6.test.lan

  * To install an additional Capsule on separate machine continue by running:

      capsule-certs-generate --foreman-proxy-fqdn "$CAPSULE" --certs-tar "/root/$CAPSULE-certs.tar"

  * To upgrade an existing 6.4 Capsule to 6.5:
      Please see official documentation for steps and parameters to use when upgrading a 6.4 Capsule to 6.5.

  The full log is at /var/log/foreman-installer/satellite.log
[ INFO 2019-04-03T13:47:23 verbose] All hooks in group post finished
[ INFO 2019-04-03T13:47:23 verbose] Installer finished in 87.696125865 seconds


[root@ktordeur-sat6 ~]# hammer capsule info --id 1
Id:            1
Name:          ktordeur-sat6.test.lan
URL:           https://ktordeur-sat6.test.lan:9090
Features:      
    Templates
    Pulp
    TFTP
    Puppet
    Puppet CA
    Logs
    Dynflow
    SSH
    Discovery
    Ansible
    Openscap
Locations:     
    office
Organizations: 
    kenny
Created at:    2019/04/03 08:34:06
Updated at:    2019/04/03 08:34:07
Comment 6 Kenny Tordeurs 2019-04-03 13:06:23 UTC 
I think we need to enable the features:
# satellite-installer --foreman-proxy-dns true --foreman-proxy-dhcp true
Comment 7 Ewoud Kohl van Wijngaarden 2019-04-03 13:49:10 UTC 
Kenny is correct, but I'd add to that. For DNS you want:

# satellite-installer \
  --foreman-proxy-dns true \
  --foreman-proxy-dns-managed false \
  --foreman-proxy-dns-provider infoblox \
  --enable-foreman-proxy-plugin-dns-infoblox

Similar for DHCP (and can be combined into a single command):

# satellite-installer \
  --foreman-proxy-dhcp true \
  --foreman-proxy-dhcp-managed false \
  --foreman-proxy-dhcp-provider infoblox \
  --enable-foreman-proxy-plugin-dhcp-infoblox

The first enables the feature. The second disabled managing the ISC daemon. The third selects the correct provider. The fourth configures that provider.

If you pass a specific option for the plugin (such as --foreman-proxy-plugin-dhcp-infoblox-record-type) it implies enabling that plugin class and the --enable- is parameter redundant.

Note that if you've installed the ISC daemon from a prior installation, we do not remove it. That is the user's responsibility.

We should derive the -managed value from -provider and also automatically enable configuration if you select the provider, but I haven't had time to implement this.
Comment 8 Kenny Tordeurs 2019-04-03 13:58:28 UTC 
@Ewoud

Thanks yeah I figured as much as those make puppet manage the files so I disabled those.

So the steps to make this work correctly are:

# satellite-installer --enable-foreman-proxy-plugin-dhcp-infoblox \
--foreman-proxy-dhcp true \
--foreman-proxy-dhcp-managed false \
--foreman-proxy-dhcp-provider infoblox \
--foreman-proxy-plugin-dhcp-infoblox-record-type host \
--foreman-proxy-dhcp-server ktordeur-infoblox.test.lan \
--foreman-proxy-plugin-dhcp-infoblox-username admin \
--foreman-proxy-plugin-dhcp-infoblox-password password \
--foreman-proxy-plugin-dhcp-infoblox-network-view default \
--foreman-proxy-plugin-dhcp-infoblox-dns-view default


# satellite-installer --enable-foreman-proxy-plugin-dns-infoblox \
--foreman-proxy-dns true \
--foreman-proxy-dns-managed false \
--foreman-proxy-dns-provider infoblox \
--foreman-proxy-plugin-dns-infoblox-dns-server ktordeur-infoblox.test.lan \
--foreman-proxy-plugin-dns-infoblox-username admin \
--foreman-proxy-plugin-dns-infoblox-password password

Can you confirm to be sure I made no typo?
Comment 9 Ewoud Kohl van Wijngaarden 2019-04-03 15:36:38 UTC 
Looks correct.

Note it's also valid to make it one long command if a single server (either a satellite or a capsule) connects to both DHCP and DNS but it's good to have separate examples as well.
Comment 10 Perry Gagne 2019-04-12 19:01:04 UTC 
Hey Lzap, do the steps in comment 8 look good to you? I tested it myself and it seems OK. Let's make sure the docs get updated.
Comment 12 Kenny Tordeurs 2019-04-15 07:22:49 UTC 
@Lukas

We're all good, the documentation has been updated => https://bugzilla.redhat.com/show_bug.cgi?id=1695659