Bug 1303103 - [RFE] Allow ISO repositories to be added to a content view and published/distributed [NEEDINFO]
[RFE] Allow ISO repositories to be added to a content view and published/dist...
Status: ON_QA
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Content Views (Show other bugs)
Unspecified Unspecified
medium Severity medium (vote)
: GA
: --
Assigned To: Eric Helms
Sachin Ghai
: FutureFeature, Triaged
Depends On:
Blocks: 1321771
  Show dependency treegraph
Reported: 2016-01-29 09:56 EST by Brad Buckingham
Modified: 2017-12-08 09:17 EST (History)
13 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
sghai: needinfo? (ehelms)

Attachments (Terms of Use)
UI shows 49 files in CV (22.77 KB, image/png)
2017-12-08 07:06 EST, Sachin Ghai
no flags Details
updated CV with RHEL 7Server iso and it includes 49 files. (36.29 KB, image/png)
2017-12-08 07:07 EST, Sachin Ghai
no flags Details

External Trackers
Tracker ID Priority Status Summary Last Updated
Foreman Issue Tracker 13661 None None None 2016-04-26 12:58 EDT

  None (edit)
Description Brad Buckingham 2016-01-29 09:56:01 EST
Description of problem:

Today, when an ISO repository is synced to a Satellite 6 server, the content of the repository is not distributed to Capsules that have requested updates for Library.

The lack of this capability causes issues for users with systems that only have access to the capsule, but also need access to ISOs.

Version-Release number of selected component (if applicable):

Satellite 6.1.6

How reproducible:


Steps to Reproduce:
1. Install Satellite and 1 Capsule
2. Configure the Capsule to get content from Library
3. Enable a Red Hat ISO repository (e.g Red Hat Enterprise Linux 7 Server (ISOs))
4. Sync the repository
5. Create a content view
6. Attempt to add an ISO repository to the content view

Actual results:

ISO repositories are not listed for adding/removing to content views.

Expected results:

ISO repositories should be listed for adding/removing to content views.

Additional info:

As part of this, we need to ensure that those repositories are also published and promoted as part of the content view.  In addition, if there is a capsule associated with the target lifecycle environment, the content should be synced to that capsule.
Comment 2 Michael Hrivnak 2016-01-31 13:29:44 EST
Nope, I think everything you need is already available. But an early review from someone on katello would be a good idea to make sure they agree.
Comment 6 Bryan Kearney 2016-03-30 12:05:51 EDT
Upstream bug component is Content Views
Comment 10 Bryan Kearney 2016-08-07 22:11:37 EDT
Moving to POST since upstream bug http://projects.theforeman.org/issues/13661 has been closed
Comment 13 Sachin Ghai 2017-12-08 07:06:21 EST
Tested with satellite6.3 snap27.

I can add synced RHEL ISOs to CV and publish as well as promote them to next environment. Please see the attached screenshots
Comment 14 Sachin Ghai 2017-12-08 07:06 EST
Created attachment 1364812 [details]
UI shows 49 files in CV
Comment 15 Sachin Ghai 2017-12-08 07:07 EST
Created attachment 1364813 [details]
updated CV with RHEL 7Server iso and it includes 49 files.
Comment 16 Sachin Ghai 2017-12-08 08:55:01 EST
ISO files are not being synced to capsule. Earlier, I selected the on_demand download policy for capsule and later I changed to "Immediate" but still no luck.

There are 49 ISO files that I synced and published. However, none of them was synced to capsule. 

@Eric: Is there anything specific I need to do to sync ISO files to capsule ?
Comment 17 Evgeni Golov 2017-12-08 09:17:28 EST
As Eric is out today, I had a quick look at the setup.

First observation was that Satellite thinks the Capsule never synced, which in a way is true, as each Sync Job has failed.

example of a failed job: https://cloud-qe-14.idmqe.lab.eng.bos.redhat.com/foreman_tasks/tasks/0b399f7c-5395-4288-9665-579f73c14c32
PLP0000: Importer indicated a failed response

looking into dynflow: https://cloud-qe-14.idmqe.lab.eng.bos.redhat.com/foreman_tasks/dynflow/f6a45e70-ac19-44f8-b65e-09bcca24bb7e
"Actions::Pulp::Consumer::SyncCapsule" is skipped as it contains a traceback:

capsule_id: 2
repo_pulp_id: 1-cv_rhel73-Dev-f0a46c4b-9b33-4d2b-a126-eda4a8bb5fd2
  remove_missing: false
remote_user: admin
remote_cp_user: admin

- exception: 
  task_type: pulp.server.managers.repo.sync.sync
  _href: "/pulp/api/v2/tasks/0cbc8638-54d9-435c-a32f-fa8e30ebdfae/"
  task_id: 0cbc8638-54d9-435c-a32f-fa8e30ebdfae
  - pulp:repository:1-cv_rhel73-Dev-f0a46c4b-9b33-4d2b-a126-eda4a8bb5fd2
  - pulp:action:sync
  finish_time: '2017-12-08T12:10:16Z'
  _ns: task_status
  start_time: '2017-12-08T12:10:15Z'
  traceback: |
    Traceback (most recent call last):
      File "/usr/lib/python2.7/site-packages/celery/app/trace.py", line 240, in trace_task
        R = retval = fun(*args, **kwargs)
      File "/usr/lib/python2.7/site-packages/pulp/server/async/tasks.py", line 527, in __call__
        return super(Task, self).__call__(*args, **kwargs)
      File "/usr/lib/python2.7/site-packages/pulp/server/async/tasks.py", line 107, in __call__
        return super(PulpTask, self).__call__(*args, **kwargs)
      File "/usr/lib/python2.7/site-packages/celery/app/trace.py", line 438, in __protected_call__
        return self.run(*args, **kwargs)
      File "/usr/lib/python2.7/site-packages/pulp/server/controllers/repository.py", line 827, in sync
        raise pulp_exceptions.PulpExecutionException(_('Importer indicated a failed response'))
    PulpExecutionException: Importer indicated a failed response
  spawned_tasks: []
        response_code: 403
        response_msg: Forbidden
      finished_bytes: 0
      state: manifest_failed
        not_started: '2017-12-08T12:10:15'
        manifest_in_progress: '2017-12-08T12:10:15'
        manifest_failed: '2017-12-08T12:10:15'
      num_isos_finished: 0
      iso_error_messages: []
  queue: reserved_resource_worker-0@cloud-qe-06.idmqe.lab.eng.bos.redhat.com.dq
  state: error
  worker_name: reserved_resource_worker-0@cloud-qe-06.idmqe.lab.eng.bos.redhat.com
    code: PLP0000
    data: {}
    description: Importer indicated a failed response
    sub_errors: []
    "$oid": 5a2a8127266e6d3221798d1c
  id: 5a2a8127266e6d3221798d1c
  total: 1
  failed: 1

the interesting part of that is:
        response_code: 403
        response_msg: Forbidden
      state: manifest_failed

the systemd journal on the capsule contains (as expected):
Dec 08 05:57:39 cloud-qe-06.idmqe.lab.eng.bos.redhat.com pulp[1834]: nectar.downloaders.threaded:INFO: Download failed: Download of https://cloud-qe-14.idmqe.lab.eng.bos.redhat.com/pulp/isos/1-cv_rhel73-Dev-f0a46c4b-9b33-4d2b-a126-eda4a8bb5fd2/PULP_MANIFEST failed with code 403: Forbidden
Dec 08 05:57:39 cloud-qe-06.idmqe.lab.eng.bos.redhat.com pulp[1834]: pulp_rpm.plugins.importers.iso.sync:ERROR: Failed to download https://cloud-qe-14.idmqe.lab.eng.bos.redhat.com/pulp/isos/1-cv_rhel73-Dev-f0a46c4b-9b33-4d2b-a126-eda4a8bb5fd2/PULP_MANIFEST: Forbidden.

and on the satellite the httpd log contains:
[Fri Dec 08 05:57:39.876851 2017] [:error] [pid 29888] [client] Request denied to destination [/pulp/isos/1-cv_rhel73-Dev-f0a46c4b-9b33-4d2b-a126-eda4a8bb5fd2/PULP_MANIFEST]Client certificate failed extension check for destination: /pulp/isos/1-cv_rhel73-Dev-f0a46c4b-9b33-4d2b-a126-eda4a8bb5fd2/PULP_MANIFEST
[Fri Dec 08 05:57:39.876874 2017] [:error] [pid 29888] [client] mod_wsgi (pid=29888): Client denied by server configuration: '/var/www/pub/https/isos/1-cv_rhel73-Dev-f0a46c4b-9b33-4d2b-a126-eda4a8bb5fd2/PULP_MANIFEST'.
[Fri Dec 08 06:27:22.452082 2017] [:error] [pid 10376] [client] Request denied to destination [/pulp/isos/1-cv_rhel73-Dev-f0a46c4b-9b33-4d2b-a126-eda4a8bb5fd2/PULP_MANIFEST]Client certificate failed extension check for destination: /pulp/isos/1-cv_rhel73-Dev-f0a46c4b-9b33-4d2b-a126-eda4a8bb5fd2/PULP_MANIFEST

I am not sure what is happening here, so leaving the NI on Eric. Hope my debugging helps :)

Note You need to log in before you can comment on or make changes to this bug.