1425606 – Bootstrap fails to register systems with invalid hostnames or only have short names

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1425606 - Bootstrap fails to register systems with invalid hostnames or only have short names

Summary: Bootstrap fails to register systems with invalid hostnames or only have short...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Bootstrap
Sub Component:
Version:	6.2.8
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	Unspecified
Assignee:	Rich Jerrido
QA Contact:	jcallaha
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1417992 (view as bug list)
Depends On:
Blocks:	1426424
TreeView+	depends on / blocked

Reported:	2017-02-21 21:15 UTC by Rich Jerrido
Modified:	2020-04-15 15:20 UTC (History)
CC List:	7 users (show)
Fixed In Version:	katello-client-bootstrap-1.3.0-1
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	1426424 (view as bug list)
Environment:
Last Closed:	2017-05-01 14:00:33 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
verification screenshot (25.07 KB, image/png) 2017-04-07 20:44 UTC, jcallaha	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2017:1191	0	normal	SHIPPED_LIVE	Satellite 6.2.9 Async Bug Release	2017-05-01 17:49:42 UTC

Description Rich Jerrido 2017-02-21 21:15:48 UTC

Description of problem:

When running bootstrap, it fails to register a system that has an invalid hostname, (such as one with an underscore), or hostname that are short (hostname -f) doesn't return an FQDN, 


Version-Release number of selected component (if applicable):
katello-client-bootstrap-1.2.2

How reproducible:
100%

Steps to Reproduce:
1. Create a system with a 

short name (where hostname -f or "ython -c "import socket;print socket.getfqdn()"" returns a shortname

or an invalid name. (Such as a name with an underscore), such as foo_bar.example.com


2. Register with bootstrap. 
3.

Actual results:
bootstrap fails with an error similar to the following:

    [RUNNING], [2017-02-21 14:13:01], [Calling Foreman API to create a host entry associated with the group, domain, org & location]
    url: https://<capsule-fqdn>:8443/api/v2/hosts/
    method: POST
    data: {
      "host": {
        "managed": "true",
        "name": "<hostname>",
        "hostgroup_id": 22,
        "organization_id": 1,
        "mac": "00:50:56:90:11:D2",
        "architecture_id": 1,
        "location_id": 3,
        "domain_id": 6
      }
    }
    Error: The following error occured while talking to the API:
    url: https://<capsule-fqdn>:8443/api/v2/hosts/
    code: 422
    data: {
      "host": {
        "managed": "true",
        "name": "<hostname>",
        "hostgroup_id": 22,
        "organization_id": 1,
        "mac": "00:50:56:90:11:D2",
        "architecture_id": 1,
        "location_id": 3,
        "domain_id": 6
      }
    }
    error: {
      "error": {
        "errors": {
          "interfaces.name": [
            "is invalid"
          ],
          "name": [
            "is invalid"
          ]
        },
        "id": null,
        "full_messages": [
          "Name is invalid",
          "Name is invalid"
        ]
      }
    }

Expected results:

bootstrap successfully registers the system. 

Additional info:

Comment 1 Rich Jerrido 2017-02-21 22:23:22 UTC

Also RFC 952 or 1123 covers hostname validation and Foreman appears to respect this (see lib/net/validations.rb). 

As we generally cannot ask the customer to change their hostnames (many have short names for 3rd party apps), it might be advisable to allow the customer to set an arbitrary hostname in bootstrap.py (for puppet and subscription-manager) that differs from what the system reports.

Comment 2 Rich Jerrido 2017-02-23 19:29:43 UTC

Fixed in commit https://github.com/Katello/katello-client-bootstrap/commit/49ec1ae44a7463f5f615ad6d59fccd21d9da6bda

Comment 3 Satellite Program 2017-02-23 21:12:03 UTC

Please add verifications steps for this bug to help QE verify

Comment 4 Rich Jerrido 2017-02-27 10:05:27 UTC

Verification Steps for QE:


Overview
========

As per the request in the description, bootstrap fails to register systems with an invalid hostname, (such as one with an underscore), or hostname that are short (hostname -f) doesn't return an FQDN. Bootstrap now includes the --fqdn switch, allowing the user to override the hostname that is detected (via python's socket.getfqdn() function) and provide any value they desire. 

Setup
=====

* You must have an activation key to register the client
* You need a hostgroup setup.
* You must have a Satellite Server (or you can register via a Capsule)
* you must have a client with a hostname that fails Foreman's hostname validation. 


The user needs to set to False the 'create_new_host_when_facts_are_uploaded' and 'create_new_host_when_reports_are_uploaded' options. If these options are not set, a host entry will be created based upon the facts provided by facter. As we are allowing the user to define an arbitrary hostname, we need to disable these options so that the host doesn't report its configured hostname). This can be done in the UI under Administer->Settings->Puppet or with hammer.

hammer settings set \
  --name  create_new_host_when_facts_are_uploaded \
  --value false
hammer settings set \
  --name  create_new_host_when_reports_are_uploaded \
  --value fals



Verification Steps
==================

* on a client that isn't registered, confirm that the hostname is either short or invalid. 

# hostname
shorthostname
# python -c "import socket; print socket.getfqdn()" 
shorthostname

* on a client that isn't registered, download the bootstrap.py script from the Satellite or Capsule and make executable

  wget http://satellite.example.com/pub/bootstrap.py
  chmod +x bootstrap.py

* run bootstrap.py on a client with a standard set of options adding the --fqdn switch. Example

./bootstrap.py -s satellite.example.com -o Example -a ak_Reg_To_Dev_EL7 -g 'RHEL7/Development' -L Philadelphia --enablerepos=rhel-7-server-satellite-tools-6.2-rpms --fqdn realhostname.example.com


Expected behavior
=================

* When run with a shortname and --fqdn is not explicitly provided OR 
* When run without --fqdn set to a shortname (Example: --fqdn foobar), bootstrap.py should halt and inform the user that they've passed a shortname as such: 

We could not determine the domain of this machine, most probably `hostname -f` does not return the FQDN.
This can lead to Puppet missbehaviour and thus the script will terminate now.
You can override this by passing one of the following
	--force - to disable all checking
	--skip-puppet - to omit installing the puppet agent


* When run with --fqdn set to a proper FQDN whose domain is not defined in Foreman, (Example: if example.com is defined in Foreman, but the user passed --fqdn foobar.example.org), bootstrap.py should halt and inform the user that the domain doesn't exist. Example:


This script is designed to register new systems or to migrate an existing system to a Foreman server with Katello
[NOTIFICATION], [2017-02-27 04:44:12], [This system is not registered to RHN. Attempting to register via subscription-manager] 
[NOTIFICATION], [2017-02-27 04:44:12], [Retrieving Client CA Certificate RPMs] 
[RUNNING], [2017-02-27 04:44:12], [rpm -Uvh http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm] 
Retrieving http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm
Preparing...                          ########################################
Updating / installing...
katello-ca-consumer-satellite.auroracl########################################
[SUCCESS], [2017-02-27 04:44:14], [rpm -Uvh http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm], completed successfully.

[NOTIFICATION], [2017-02-27 04:44:14], [Writing FQDN katello-fact] 
[NOTIFICATION], [2017-02-27 04:44:15], [Domain example.org doesn't exist in Foreman, consider using the --add-domain option.] 


* When run with --fqdn set to a proper FQDN whose domain does exist in Foreman, bootstrap.py should register the system and configure puppet using the user defined hostname. Confirm this by verifying:

- /etc/rhsm/facts/katello.facts contains the user-defined hostname
cat /etc/rhsm/facts/katello.facts 
{"network.hostname-override":"realhostname.example.com"}

 - /etc/puppet/puppet.conf contains the user-defined hostname in its 'certname' value

grep certname /etc/puppet/puppet.conf
certname        = realhostname.example.com

- The node can successfully complete a puppet run (puppet agent -tv)

- The node exists in the UI/CLI via its user-defined hostname (check via Hosts->All Hosts or hammer host list) 
- The node DOES NOT exist in the UI/CLI via its short name (check via Hosts-> All Hosts or hammer host list)

Comment 5 Rich Jerrido 2017-03-13 21:07:35 UTC

We may want to rebase to katello-client-bootstrap-1.3.0 (https://github.com/Katello/katello-client-bootstrap/releases/tag/1.3.0) to address this.

Comment 6 jcallaha 2017-04-07 20:39:37 UTC

The script now catches the short hostname, and a short name fqdn. Further testing on the way.

-bash-4.1# docker run -it -h shawty ch-d:bootstrap /bin/bash

[root@shawty ~]# ./bootstrap.py -s mgmt5.rhq.lab.eng.bos.redhat.com -o 'Default Organization' -g basic -a basickey -L 'Default Location' --add-domain
Foreman Bootstrap Script
This script is designed to register new systems or to migrate an existing system to a Foreman server with Katello
We could not determine the domain of this machine, most probably `hostname -f` does not return the FQDN.
This can lead to Puppet missbehaviour and thus the script will terminate now.
You can override this by passing one of the following
	--force - to disable all checking
	--skip-puppet - to omit installing the puppet agent

[root@shawty ~]# hostname
shawty

[root@shawty ~]# ./bootstrap.py -s mgmt5.rhq.lab.eng.bos.redhat.com -o 'Default Organization' -g basic -a basickey -L 'Default Location' --add-domain --fqdn $(hostname)
Foreman Bootstrap Script
This script is designed to register new systems or to migrate an existing system to a Foreman server with Katello
We could not determine the domain of this machine, most probably `hostname -f` does not return the FQDN.
This can lead to Puppet missbehaviour and thus the script will terminate now.
You can override this by passing one of the following
	--force - to disable all checking
	--skip-puppet - to omit installing the puppet agent

Comment 7 jcallaha 2017-04-07 20:43:53 UTC

Verified in Satellite 6.2.9 Snap 2

Specifying a fqdn with the --fqdn flag as well as adding the --add-domain flag allowed bootstrap to register the host successfully (see attached).

[root@shawty ~]# ./bootstrap.py -s mgmt5.rhq.lab.eng.bos.redhat.com -o 'Default Organization' -g basic -a basickey -L 'Default Location' --add-domain --fqdn shawty.full.fqdn.com
Foreman Bootstrap Script
This script is designed to register new systems or to migrate an existing system to a Foreman server with Katello
admin's password:
[NOTIFICATION], [2017-04-07 16:40:08], [This system is not registered to RHN. Attempting to register via subscription-manager] 
[NOTIFICATION], [2017-04-07 16:40:08], [Retrieving Client CA Certificate RPMs] 
[RUNNING], [2017-04-07 16:40:08], [rpm -Uvh http://mgmt5.rhq.lab.eng.bos.redhat.com/pub/katello-ca-consumer-latest.noarch.rpm] 
Retrieving http://mgmt5.rhq.lab.eng.bos.redhat.com/pub/katello-ca-consumer-latest.noarch.rpm
Preparing...                          ########################################
Updating / installing...
katello-ca-consumer-mgmt5.rhq.lab.eng.########################################
[SUCCESS], [2017-04-07 16:40:13], [rpm -Uvh http://mgmt5.rhq.lab.eng.bos.redhat.com/pub/katello-ca-consumer-latest.noarch.rpm], completed successfully.

[NOTIFICATION], [2017-04-07 16:40:13], [Writing FQDN katello-fact] 
[RUNNING], [2017-04-07 16:40:14], [Calling Foreman API to create a host entry associated with the group & org] 
[SUCCESS], [2017-04-07 16:40:15], [Successfully created host shawty.full.fqdn.com], completed successfully.
[NOTIFICATION], [2017-04-07 16:40:15], [Calling subscription-manager] 
[RUNNING], [2017-04-07 16:40:15], [/usr/sbin/subscription-manager register --org 'Default_Organization' --name 'shawty.full.fqdn.com' --activationkey 'basickey'  --serverurl=https://mgmt5.rhq.lab.eng.bos.redhat.com:443/rhsm --baseurl=https://mgmt5.rhq.lab.eng.bos.redhat.com/pulp/repos] 
The system has been registered with ID: b3d15ac6-69e4-401d-92f9-08cd900d7233 

Installed Product Current Status:
Product Name: Red Hat Enterprise Linux Server
Status:       Subscribed

[SUCCESS], [2017-04-07 16:40:29], [/usr/sbin/subscription-manager register --org 'Default_Organization' --name 'shawty.full.fqdn.com' --activationkey 'basickey'  --serverurl=https://mgmt5.rhq.lab.eng.bos.redhat.com:443/rhsm --baseurl=https://mgmt5.rhq.lab.eng.bos.redhat.com/pulp/repos], completed successfully.

[RUNNING], [2017-04-07 16:40:29], [/sbin/chkconfig rhsmcertd on] 
Note: Forwarding request to 'systemctl enable rhsmcertd.service'.
Created symlink from /etc/systemd/system/multi-user.target.wants/rhsmcertd.service to /usr/lib/systemd/system/rhsmcertd.service.
[SUCCESS], [2017-04-07 16:40:30], [/sbin/chkconfig rhsmcertd on], completed successfully.

[RUNNING], [2017-04-07 16:40:30], [/sbin/service rhsmcertd restart] 
[ERROR], [2017-04-07 16:40:30], EXITING: [/sbin/service rhsmcertd restart] failed to execute properly.
sh: /sbin/service: No such file or directory

Comment 8 jcallaha 2017-04-07 20:44:34 UTC

Created attachment 1269936 [details]
verification screenshot

Comment 10 errata-xmlrpc 2017-05-01 14:00:33 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1191

Comment 11 Bryan Kearney 2017-05-31 19:40:34 UTC

*** Bug 1417992 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.