Hello, this is second part of this patch that was released in 6.2.1: https://bugzilla.redhat.com/show_bug.cgi?id=1292421 I fixed the rendered, but forgot to fix the preview code. Please ack this into the next z-stream, TWO LINES PATCH, LOW RISK.
QA NOTES: Turn of token duration to zero, provision a system, make sure Anaconda downloaded kickstart via Capsule (port 8000).
Why does this BZ exist? What is the bug, what is supposed to be fixed? And why is it named the same as bug 1405502, is also for 6.3, but is a distinct BZ?
Lukáš, this patch fixes provisioning via Capsule when token duration Setting is set to 0 (turned off). In this mode, Foreman looks up hosts via REMOTE IP instead of unique token (UUID). To verify, turn off tokens and do provisioning - make sure all communication is done via Capsule (including templating - kickstart). Case 1: PXE installation of RHEL Case 2: Image-based installation via finish script (cloud or virt)
FailedQA with Sat6.3 snap 32. When running "curl http://<CAPSULE_FQDN>:8000/unattended/finish", 500 ISE is returned. That is probably due to Satellite thinking it should serve finish script for the Capsule based on its IP (and thus returning 405) while it should actually return a finish script for the client. Tested on a Beaker machine (so, not behind a NAT - if I am incorrect, this whole FailsQA is errorneous). Note the "Found" part of the log. # curl http://<CAPSULE_FQDN>:8000/unattended/finish -v * About to connect() to <CAPSULE_FQDN> port 8000 (#0) * Trying <IP6_ADDR>... * No route to host * Trying <IP_ADDR>... * Connected to <CAPSULE_FQDN> (<IP_ADDR>) port 8000 (#0) > GET /unattended/finish HTTP/1.1 > User-Agent: curl/7.29.0 > Host: <CAPSULE_FQDN>:8000 > Accept: */* > < HTTP/1.1 500 Internal Server Error < Content-Type: application/json < Content-Length: 256 < X-Content-Type-Options: nosniff < Server: < Date: Wed, 17 Jan 2018 15:59:55 GMT < Connection: Keep-Alive < * Connection #0 to host <CAPSULE_FQDN> left intact Failed to retrieve finish template for {"splat"=>[], "captures"=>["finish"], "kind"=>"finish"}: Error retrieving finish for {:url=>"http://<CAPSULE_FQDN>:8000"} from <SATELLITE_FQDN>: Net::HTTPMethodNotAllowed production.log: 2018-01-17 10:59:55 7845510a [app] [I] Started GET "/unattended/finish?url=http%3A%2F%2F<CAPSULE_FQDN>%3A8000" for <CAPSULE_FQDN> at 2018-01-17 10:59:55 -0500 2018-01-17 10:59:55 7845510a [app] [I] Processing by UnattendedController#host_template as TEXT 2018-01-17 10:59:55 7845510a [app] [I] Parameters: {"url"=>"http://<CAPSULE_FQDN>:8000", "kind"=>"finish", "unattended"=>{}} 2018-01-17 10:59:55 7845510a [app] [I] Current user: foreman_api_admin (administrator) 2018-01-17 10:59:55 7845510a [app] [D] Setting current user thread-local variable to foreman_api_admin 2018-01-17 10:59:55 7845510a [app] [D] Found <CAPSULE_FQDN> 2018-01-17 10:59:55 7845510a [app] [I] Filter chain halted as :allowed_to_install? rendered or redirected 2018-01-17 10:59:55 7845510a [app] [I] Completed 405 Method Not Allowed in 15ms (ActiveRecord: 2.6ms) On Capsule: # service dnsmasq status Redirecting to /bin/systemctl status dnsmasq.service ● dnsmasq.service - DNS caching server. Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; disabled; vendor preset: disabled) Active: inactive (dead) # iptables -S | grep -i nat # service libvirtd status Redirecting to /bin/systemctl status libvirtd.service ● libvirtd.service - Virtualization daemon Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled) Active: inactive (dead) since Wed 2018-01-17 11:11:41 EST; 2min 41s ago
It works, we just forgot one last step. In Administer - Setting, you must set remote_addr (Remote address) to match IP address of proxy server (in this case Capsule): (127.0.0.1|10.16.66.70) Then it works, I just verified.
See https://github.com/theforeman/theforeman.org/pull/1006
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. > > > > For information on the advisory, and where to find the updated files, follow the link below. > > > > If the solution does not work for you, open a new bug report. > > > > https://access.redhat.com/errata/RHSA-2018:0336