Bug 1816255
| Summary: | OSP16/OSP13: ansible-based rhsm does not implement http proxies correctly. | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Vincent S. Cojot <vcojot> |
| Component: | ansible-role-redhat-subscription | Assignee: | Emilien Macchi <emacchi> |
| Status: | CLOSED ERRATA | QA Contact: | David Rosenfeld <drosenfe> |
| Severity: | medium | Docs Contact: | |
| Priority: | high | ||
| Version: | 16.0 (Train) | CC: | cjeanner, emacchi, jhajyahy, spower |
| Target Milestone: | ga | Keywords: | Triaged, ZStream |
| Target Release: | 16.1 (Train on RHEL 8.2) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ansible-role-redhat-subscription-1.0.5-0.20200326151139.fbfb090.el8ost | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-07-29 07:51:01 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
excerpt for my updated rhel-registration for osp16:
if [ "x${proxy_url}" != "x" ]; then
# Before everything, we want to make sure the proxy can be reached
# Note: no need to manage retries, already done by retry() function.
echo "Testing proxy connectivity..."
retry bash -c "</dev/tcp/${proxy_host}/${proxy_port}"
echo "Proxy ${proxy_url} is reachable!"
# Config subscription-manager for proxy
subscription-manager config ${config_opts}
# Config yum for proxy..
sed -i -e '/^proxy=/d' /etc/yum.conf /etc/dnf/dnf.conf
echo "proxy=${proxy_url}" >> /etc/yum.conf
echo "proxy=${proxy_url}" >> /etc/dnf/dnf.conf
# Handle optional username/password
if [ -n "${proxy_username}" ]; then
sed -i -e '/^proxy_username=/d' /etc/yum.conf /etc/dnf/dnf.conf
echo "proxy_username=${proxy_username}" >> /etc/yum.conf
echo "proxy_username=${proxy_username}" >> /etc/dnf/dnf.conf
fi
if [ -n "${proxy_password}" ]; then
sed -i -e '/^proxy_password=/d' /etc/yum.conf /etc/dnf/dnf.conf
echo "proxy_password=${proxy_password}" >> /etc/yum.conf
echo "proxy_password=${proxy_password}" >> /etc/dnf/dnf.conf
fi
fi
And:
config_opts="--server.proxy_hostname=${proxy_host} --server.proxy_port=${proxy_port}"
*** Bug 1816249 has been marked as a duplicate of this bug. *** If this bug requires doc text for errata release, please set the 'Doc Type' and provide draft text according to the template in the 'Doc Text' field. The documentation team will review, edit, and approve the text. If this bug does not require doc text, please set the 'requires_doc_text' flag to '-'. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:3148 The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |
Description of problem: Using an http_proxy with the new ansible-based rhsm (osp13 and osp16) does not implement http_proxies correctly. Consequence: random nodes without direct http/https Internet access will randomly fail to download metadata from various repositories even though a satellite server is configured. This kills the deployment before step1. Here's more information. Using this: ============================================================================ $ cat osp16/site_krynn/rhsm.yaml resource_registry: OS::TripleO::Services::Rhsm: /usr/share/openstack-tripleo-heat-templates/deployment/rhsm/rhsm-baremetal-ansible.yaml parameter_defaults: RhsmVars: rhsm_activation_key: "ak_rhosp16" rhsm_method: "satellite" rhsm_org_id: "krynn" rhsm_satellite_url: "https://sat6.lasthome.solace.krynn" rhsm_baseurl: "https://sat6.lasthome.solace.krynn/pulp/repos" rhsm_server_hostname: "sat6.lasthome.solace.krynn" rhsm_insecure: yes rhsm_rhsm_proxy_hostname: "imladris.lasthome.solace.krynn" rhsm_rhsm_proxy_port: "3128" ============================================================================ In the resulting overcloud, http_proxy is missing from: 1) /etc/yum.conf 2) /etc/rhsm/rhsm.conf (should use subscription-manager config to edit it) 3) /etc/dnf/dnf.conf http_proxy should be configured in all 3 places. With the changes in place, deployment proceeds normally.