1102071 – No option to configure REALM via katello-installer and capsule-installer

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1102071 - No option to configure REALM via katello-installer and capsule-installer

Summary: No option to configure REALM via katello-installer and capsule-installer

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Installation
Sub Component:
Version:	6.0.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	Unspecified
Assignee:	Ivan Necas
QA Contact:	Kedar Bidarkar
Docs Contact:
URL:	http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-05-28 12:46 UTC by Kedar Bidarkar
Modified:	2019-09-26 14:32 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-07-02 14:06:53 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Foreman Issue Tracker	6088	0	None	None	None	2016-04-22 15:40:45 UTC

Description Kedar Bidarkar 2014-05-28 12:46:48 UTC

Description of problem:

Katello-installer needs to support configuring REALM Integration for Capsules.
Currently katello-installer --help show no options for REALM.

[root@XXXX ~]# katello-installer --help | grep -i realm | wc -l 
0

[root@dhcp201-199 ~]# capsule-installer --help | grep -i realm | wc -l 
0


Version-Release number of selected component (if applicable):
Sat6-beta-snap6

How reproducible:


Steps to Reproduce:
1. katello-installer --help on sat6box
2. capsule-installer --help on sat6box
3.

Actual results:
No way to configure REALM via katello-installer and capsule-installer

Expected results:

Katello-installer and capsule-installer needs to support configuring REALM.
Additional info:

Comment 2 Ivan Necas 2014-06-06 10:36:15 UTC

Created redmine issue http://projects.theforeman.org/issues/6088 from this bug

Comment 3 Ivan Necas 2014-06-06 10:45:40 UTC

Fix proposed in https://github.com/Katello/puppet-capsule/pull/8

Comment 4 Ivan Necas 2014-06-10 13:23:15 UTC

Opened a PR against katello-installer, updating the capsule submodule https://github.com/Katello/katello-installer/pull/70

Comment 6 Kedar Bidarkar 2014-06-13 09:10:34 UTC

verified with sat6-snap9-c2

we now able to configure realm with katello-installer.

[root@xxxx foreman-proxy]# katello-installer --capsule-realm true --capsule-realm-keytab "/etc/foreman-proxy/freeipa.keytab" --capsule-realm-principal realm-proxy --capsule-realm-provider freeipa
Installing             Done                                               [100%] [..........................................................................................................]
Success!

-------------------------------------------------------


[root@xxxx foreman-proxy]# cat settings.yml | grep -ie realm_provider -ie realm_keytab -ie realm_principal -ie realm
# Manage joining realms e.g. FreeIPA
:realm: true
:realm_provider: freeipa
# Authentication for Kerberos-based Realms
:realm_keytab: /etc/foreman-proxy/freeipa.keytab
:realm_principal: realm-proxy

-------------------------------------------------------


Installed Packages

    candlepin-0.9.19-1.el6_5.noarch
    candlepin-scl-1-5.el6_4.noarch
    candlepin-scl-quartz-2.1.5-5.el6_4.noarch
    candlepin-scl-rhino-1.7R3-1.el6_4.noarch
    candlepin-scl-runtime-1-5.el6_4.noarch
    candlepin-selinux-0.9.19-1.el6_5.noarch
    candlepin-tomcat6-0.9.19-1.el6_5.noarch
    createrepo-0.9.9-21.2.pulp.el6sat.noarch
    dhcp201-170.englab.pnq.redhat.com-qpid-broker-1.0-1.noarch
    dhcp201-170.englab.pnq.redhat.com-qpid-client-cert-1.0-1.noarch
    elasticsearch-0.90.10-4.el6sat.noarch
    katello-1.5.0-26.el6sat.noarch
    katello-ca-1.0-1.noarch
    katello-certs-tools-1.5.5-1.el6sat.noarch
    katello-installer-0.0.48-1.el6sat.noarch
    m2crypto-0.21.1.pulp-10.el6sat.x86_64
    mod_wsgi-3.4-1.pulp.el6sat.x86_64
    pulp-katello-0.3-3.el6sat.noarch
    pulp-nodes-common-2.4.0-0.20.beta.el6sat.noarch
    pulp-nodes-parent-2.4.0-0.20.beta.el6sat.noarch
    pulp-puppet-plugins-2.4.0-0.20.beta.el6sat.noarch
    pulp-puppet-tools-2.4.0-0.20.beta.el6sat.noarch
    pulp-rpm-plugins-2.4.0-0.20.beta.el6sat.noarch
    pulp-selinux-2.4.0-0.20.beta.el6sat.noarch
    pulp-server-2.4.0-0.20.beta.el6sat.noarch
    python-gofer-qpid-1.2.1-1.el6sat.noarch
    python-isodate-0.5.0-1.pulp.el6sat.noarch
    python-kombu-3.0.15-10.pulp.el6sat.noarch
    python-pulp-bindings-2.4.0-0.20.beta.el6sat.noarch
    python-pulp-common-2.4.0-0.20.beta.el6sat.noarch
    python-pulp-puppet-common-2.4.0-0.20.beta.el6sat.noarch
    python-pulp-rpm-common-2.4.0-0.20.beta.el6sat.noarch
    python-qpid-0.22-14.el6sat.noarch
    python-qpid-qmf-0.22-33.el6.x86_64
    qpid-cpp-client-0.22-42.el6.x86_64
    qpid-cpp-server-0.22-42.el6.x86_64
    qpid-cpp-server-linearstore-0.22-42.el6.x86_64
    qpid-java-client-0.22-6.el6.noarch
    qpid-java-common-0.22-6.el6.noarch
    qpid-proton-c-0.7-1.el6.x86_64
    qpid-qmf-0.22-33.el6.x86_64
    qpid-tools-0.22-12.el6.noarch
    ruby193-rubygem-katello-1.5.0-58.el6sat.noarch
    rubygem-hammer_cli_katello-0.0.4-6.el6sat.noarch

Need to test the same with capsule-installer.

Comment 7 Kedar Bidarkar 2014-06-17 11:54:26 UTC

[root@xxxx ~]# capsule-installer --realm true --realm-keytab "/etc/foreman-proxy/freeipa.keytab" --realm-principal "realm-proxy.ORG" --realm-provider freeipa
Installing             Done                                               [100%] [..........................................................................................................]
  Success!
  * Capsule is running at https://xxxx.redhat.com:9090
  The full log is at /var/log/katello-installer/capsule-installer.log


--------------------


[root@xxxx ~]# cd /etc/foreman-proxy/ ; cat settings.yml | grep -ie realm_provider -ie realm_keytab -ie realm_principal -ie realm
# Manage joining realms e.g. FreeIPA
:realm: true
:realm_provider: freeipa
# Authentication for Kerberos-based Realms
:realm_keytab: /etc/foreman-proxy/freeipa.keytab
:realm_principal: realm-proxy.ORG

Comment 8 Bryan Kearney 2014-07-02 14:06:53 UTC

This was delivered with 6.0.3, which is the Satellite 6 Beta.

Note You need to log in before you can comment on or make changes to this bug.