Description of problem: When trying to setup libvirt virsh providers, the foreman supported options are removed from settings.yaml when katello-installer is run. For example the following get wiped out: :dns_provider: virsh :dhcp_vendor: virsh Expect these options not to get removed after running katello-installer
Since this issue was entered in Red Hat Bugzilla, the release flag has been set to ? to ensure that it is properly evaluated for this release.
Created redmine issue http://projects.theforeman.org/issues/7159 from this bug
Does this cover all the options you'd want? https://github.com/Katello/puppet-capsule/pull/18
yes, looks like that covered the libvirt additions and more. http://projects.theforeman.org/projects/foreman/wiki/LibvirtProvider
Moving to POST since upstream bug http://projects.theforeman.org/issues/7159 has been closed ------------- Eric Helms Applied in changeset commit:katello-installer|967c481f893f5e81d976a22991ca00d9cdfa712b.
Was not able to verify this bug. Follow the verification steps. After installing Satellite 6.1 then was tried: [root@amd-dinar-01 ~]# vim /etc/foreman/settings.yaml [root@amd-dinar-01 ~]# cat /etc/foreman/settings.yaml --- ### File managed with puppet ### ## Module: 'foreman' #your default puppet server - can be overridden in the host level #if none specified, plain "puppet" will be used. #:puppet_server: puppet :unattended: true :puppetconfdir: /etc/puppet/puppet.conf :login: true :require_ssl: true :locations_enabled: true :organizations_enabled: true # The following values are used for providing default settings during db migrate :oauth_active: true :oauth_map_users: false :oauth_consumer_key: aezZTV2w6WX2u8GvhyC8v8meVcmho7Bp :oauth_consumer_secret: 9mhPWXjiRfJAgpTV8L4mhVAFWNKLdLmq # Websockets :websockets_encrypt: true :websockets_ssl_key: /etc/pki/katello/private/katello-apache.key :websockets_ssl_cert: /etc/pki/katello/certs/katello-apache.crt :dns_provider: virsh :dhcp_vendor: virsh [root@amd-dinar-01 ~]# katello-installer --foreman-admin-password="changeme" Installing Done [100%] [.................................] Success! * Katello is running at https://amd-dinar-01.example.com Initial credentials are admin / changeme * Capsule is running at https://amd-dinar-01.example.com:9090 * To install additional capsule on separate machine continue by running:" capsule-certs-generate --capsule-fqdn "$CAPSULE" --certs-tar "~/$CAPSULE-certs.tar" The full log is at /var/log/katello-installer/katello-installer.log [root@amd-dinar-01 ~]# cat /etc/foreman/settings.yaml --- ### File managed with puppet ### ## Module: 'foreman' #your default puppet server - can be overridden in the host level #if none specified, plain "puppet" will be used. #:puppet_server: puppet :unattended: true :puppetconfdir: /etc/puppet/puppet.conf :login: true :require_ssl: true :locations_enabled: true :organizations_enabled: true # The following values are used for providing default settings during db migrate :oauth_active: true :oauth_map_users: false :oauth_consumer_key: aezZTV2w6WX2u8GvhyC8v8meVcmho7Bp :oauth_consumer_secret: 9mhPWXjiRfJAgpTV8L4mhVAFWNKLdLmq # Websockets :websockets_encrypt: true :websockets_ssl_key: /etc/pki/katello/private/katello-apache.key :websockets_ssl_cert: /etc/pki/katello/certs/katello-apache.crt It is very likely that I have not went through the right verification steps, because this I need additional information on how to verify this bug. Thank you in advance.
I have also tried the following: [root@amd-dinar-01 ~]# vim /etc/foreman-proxy/settings.yml [root@amd-dinar-01 ~]# cat /etc/foreman-proxy/settings.yml --- ### File managed with puppet ### ## Module: 'foreman_proxy' :settings_directory: /etc/foreman-proxy/settings.d # SSL Setup # if enabled, all communication would be verfied via SSL # NOTE that both certificates need to be signed by the same CA in order for this to work # see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information :ssl_ca_file: /etc/foreman-proxy/ssl_ca.pem :ssl_certificate: /etc/foreman-proxy/ssl_cert.pem :ssl_private_key: /etc/foreman-proxy/ssl_key.pem # the hosts which the proxy accepts connections from # commenting the following lines would mean every verified SSL connection allowed :trusted_hosts: - amd-dinar-01.example.com - amd-dinar-01.example.com # Endpoint for reverse communication :foreman_url: https://amd-dinar-01.example.com # SSL settings for client authentication against Foreman. If undefined, the values # from general SSL options are used instead. Mainly useful when Foreman uses # different certificates for its web UI and for smart-proxy requests. :foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem :foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem :foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem # by default smart_proxy runs in the foreground. To enable running as a daemon, uncomment 'daemon' setting :daemon: true # Only used when 'daemon' is set to true. # Uncomment and modify if you want to change the default pid file '/var/run/foreman-proxy/foreman-proxy.pid' #:daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid # HTTP ports configuration # http is disabled by default. To enable, uncomment 'http_port' setting # https is enabled if certificate, CA certificate, and private key are present in locations specifed by # ssl_certificate, ssl_ca_file, and ssl_private_key correspondingly # default values for https_port is 8443 :https_port: 9090 :http_port: 8000 # shared options for virsh DNS/DHCP provider :virsh_network: default # Where our proxy log files are stored # filename or STDOUT :log_file: /var/log/foreman-proxy/proxy.log # valid options are # WARN, DEBUG, Error, Fatal, INFO, UNKNOWN :log_level: ERROR :dns_provider: virsh :dhcp_vendor: virsh [root@amd-dinar-01 ~]# katello-installer --foreman-admin-password="changeme" Installing Done [100%] [.................................] Success! * Katello is running at https://amd-dinar-01.example.com Initial credentials are admin / changeme * Capsule is running at https://amd-dinar-01.example.com:9090 * To install additional capsule on separate machine continue by running:" capsule-certs-generate --capsule-fqdn "$CAPSULE" --certs-tar "~/$CAPSULE-certs.tar" The full log is at /var/log/katello-installer/katello-installer.log [root@amd-dinar-01 ~]# cat /etc/foreman-proxy/settings.yml --- ### File managed with puppet ### ## Module: 'foreman_proxy' :settings_directory: /etc/foreman-proxy/settings.d # SSL Setup # if enabled, all communication would be verfied via SSL # NOTE that both certificates need to be signed by the same CA in order for this to work # see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information :ssl_ca_file: /etc/foreman-proxy/ssl_ca.pem :ssl_certificate: /etc/foreman-proxy/ssl_cert.pem :ssl_private_key: /etc/foreman-proxy/ssl_key.pem # the hosts which the proxy accepts connections from # commenting the following lines would mean every verified SSL connection allowed :trusted_hosts: - amd-dinar-01.example.com - amd-dinar-01.example.com # Endpoint for reverse communication :foreman_url: https://amd-dinar-01.example.com # SSL settings for client authentication against Foreman. If undefined, the values # from general SSL options are used instead. Mainly useful when Foreman uses # different certificates for its web UI and for smart-proxy requests. :foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem :foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem :foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem # by default smart_proxy runs in the foreground. To enable running as a daemon, uncomment 'daemon' setting :daemon: true # Only used when 'daemon' is set to true. # Uncomment and modify if you want to change the default pid file '/var/run/foreman-proxy/foreman-proxy.pid' #:daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid # HTTP ports configuration # http is disabled by default. To enable, uncomment 'http_port' setting # https is enabled if certificate, CA certificate, and private key are present in locations specifed by # ssl_certificate, ssl_ca_file, and ssl_private_key correspondingly # default values for https_port is 8443 :https_port: 9090 :http_port: 8000 # shared options for virsh DNS/DHCP provider :virsh_network: default # Where our proxy log files are stored # filename or STDOUT :log_file: /var/log/foreman-proxy/proxy.log # valid options are # WARN, DEBUG, Error, Fatal, INFO, UNKNOWN :log_level: ERROR
Can you provide the list of attributes that you are seeing being overriden? The way the capsule piece is built into the installer we have to add each parameter that we want to allow a user to customize.
I had two tries, one on each following files: * /etc/foreman/settings.yaml * /etc/foreman-proxy/settings.yml I added the following options manually: :dns_provider: virsh :dhcp_vendor: virsh And they have been wiped out, showing that the installer was removing the manually added options and this failed the bug. I asked for more information on verifying this bug because I was not completely sure about the steps I took. Those options should be added manually or be set as katello-installer arguments?
No file managed by the installer/puppet should ever be manually edited it will get over written. The user should instead be setting options via the installer. The two options presented by Elyezer are available for configuration via the installer. I propose this be closed and if specific options are not available and need to be, that individual bugs be opened.
Per Eric's comment, I am closing this out. Shannon, if you want to raise new RFE's for these options please do. Thanks! -- bk
I tried to get the information if manually editing the file was supported but does not get that. I agree on leaving the options management to katello-installer.