Bug 1270343 - [RFE] installer pre installation check should investigate if iptables or firewalld are enabled and if so ensure required ports are opened
[RFE] installer pre installation check should investigate if iptables or fire...
Status: NEW
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Installer (Show other bugs)
6.1.2
Unspecified Unspecified
medium Severity medium (vote)
: Unspecified
: --
Assigned To: satellite6-bugs
Katello QA List
: FutureFeature, Triaged
Depends On:
Blocks: 1316897
  Show dependency treegraph
 
Reported: 2015-10-09 13:23 EDT by Dave Sullivan
Modified: 2016-10-14 12:29 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Foreman Issue Tracker 16958 None None None 2016-10-14 12:29 EDT

  None (edit)
Description Dave Sullivan 2015-10-09 13:23:49 EDT
Description of problem:

katello-installer pre installation check should investigate if iptables or firewalld are enabled that proper ports are opened

katello-installer does not check firewall for needed ports prior to install

What problem/issue/behavior are you having trouble with?  What do you expect to see?

See also:

http://projects.theforeman.org/issues/7419
https://access.redhat.com/solutions/1378233

RHEL 7.1 fully updated installing fully updated sat 6.1.2
Firewall is running by default with this line from KS:
firewall --service=ssh --service=http --service=https

katello-installer runs fine to 99% and then throws error:

[root@satellite6 ~]# katello-installer --capsule-dhcp=true --capsule-dns=true --capsule-tftp=true  --katello-proxy-url=http://10.37.223.97 --katello-proxy-port=80
 /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[satellite6.nomura.com]: Could not evaluate: Could not load data from https://satellite6.nomura.com
 /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[satellite6.nomura.com]: Failed to call refresh: Could not load data from https://satellite6.nomura.com
 /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[satellite6.nomura.com]: Could not load data from https://satellite6.nomura.com
Installing             Done                                               [100%] [...........................................................................................................................................................................................]
  Something went wrong! Check the log for ERROR-level output
  The full log is at /var/log/katello-installer/katello-installer.log
[root@satellite6 ~]#

running with --reset or simply re-running katello-installer does not help.

When I added:
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --permanent --add-service=tftp
firewall-cmd --permanent --add-service=dhcp
firewall-cmd --permanent --add-service=dns

firewall-cmd --add-service=http
firewall-cmd --add-service=https
firewall-cmd --add-service=tftp
firewall-cmd --add-service=dhcp
firewall-cmd --add-service=dns

then run:
katello-installer --reset
Install works fine.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

We probably should have some sort of rudimentary pre installation check in place for anything that is documented in the pre-quisite check.

https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.1/html/Installation_Guide/sect-Red_Hat_Satellite-Installation_Guide-Prerequisites.html

I see a few of issues covered already

https://bugzilla.redhat.com/show_bug.cgi?id=1103884
https://bugzilla.redhat.com/show_bug.cgi?id=1119910

It might be a good idea to dump the checks out to log file that way customers know what we are coding in as sometimes docs can get out of date with code.
Comment 4 Bryan Kearney 2016-07-08 16:36:54 EDT
Per 6.3 planning, moving out non acked bugs to the backlog
Comment 6 Stephen Benjamin 2016-10-14 12:29:17 EDT
Created redmine issue http://projects.theforeman.org/issues/16958 from this bug

Note You need to log in before you can comment on or make changes to this bug.