Red Hat Bugzilla – Bug 1425606
Bootstrap fails to register systems with invalid hostnames or only have short names
Last modified: 2017-05-31 15:40:34 EDT
Description of problem: When running bootstrap, it fails to register a system that has an invalid hostname, (such as one with an underscore), or hostname that are short (hostname -f) doesn't return an FQDN, Version-Release number of selected component (if applicable): katello-client-bootstrap-1.2.2 How reproducible: 100% Steps to Reproduce: 1. Create a system with a short name (where hostname -f or "ython -c "import socket;print socket.getfqdn()"" returns a shortname or an invalid name. (Such as a name with an underscore), such as foo_bar.example.com 2. Register with bootstrap. 3. Actual results: bootstrap fails with an error similar to the following: [RUNNING], [2017-02-21 14:13:01], [Calling Foreman API to create a host entry associated with the group, domain, org & location] url: https://<capsule-fqdn>:8443/api/v2/hosts/ method: POST data: { "host": { "managed": "true", "name": "<hostname>", "hostgroup_id": 22, "organization_id": 1, "mac": "00:50:56:90:11:D2", "architecture_id": 1, "location_id": 3, "domain_id": 6 } } Error: The following error occured while talking to the API: url: https://<capsule-fqdn>:8443/api/v2/hosts/ code: 422 data: { "host": { "managed": "true", "name": "<hostname>", "hostgroup_id": 22, "organization_id": 1, "mac": "00:50:56:90:11:D2", "architecture_id": 1, "location_id": 3, "domain_id": 6 } } error: { "error": { "errors": { "interfaces.name": [ "is invalid" ], "name": [ "is invalid" ] }, "id": null, "full_messages": [ "Name is invalid", "Name is invalid" ] } } Expected results: bootstrap successfully registers the system. Additional info:
Also RFC 952 or 1123 covers hostname validation and Foreman appears to respect this (see lib/net/validations.rb). As we generally cannot ask the customer to change their hostnames (many have short names for 3rd party apps), it might be advisable to allow the customer to set an arbitrary hostname in bootstrap.py (for puppet and subscription-manager) that differs from what the system reports.
Fixed in commit https://github.com/Katello/katello-client-bootstrap/commit/49ec1ae44a7463f5f615ad6d59fccd21d9da6bda
Please add verifications steps for this bug to help QE verify
Verification Steps for QE: Overview ======== As per the request in the description, bootstrap fails to register systems with an invalid hostname, (such as one with an underscore), or hostname that are short (hostname -f) doesn't return an FQDN. Bootstrap now includes the --fqdn switch, allowing the user to override the hostname that is detected (via python's socket.getfqdn() function) and provide any value they desire. Setup ===== * You must have an activation key to register the client * You need a hostgroup setup. * You must have a Satellite Server (or you can register via a Capsule) * you must have a client with a hostname that fails Foreman's hostname validation. The user needs to set to False the 'create_new_host_when_facts_are_uploaded' and 'create_new_host_when_reports_are_uploaded' options. If these options are not set, a host entry will be created based upon the facts provided by facter. As we are allowing the user to define an arbitrary hostname, we need to disable these options so that the host doesn't report its configured hostname). This can be done in the UI under Administer->Settings->Puppet or with hammer. hammer settings set \ --name create_new_host_when_facts_are_uploaded \ --value false hammer settings set \ --name create_new_host_when_reports_are_uploaded \ --value fals Verification Steps ================== * on a client that isn't registered, confirm that the hostname is either short or invalid. # hostname shorthostname # python -c "import socket; print socket.getfqdn()" shorthostname * on a client that isn't registered, download the bootstrap.py script from the Satellite or Capsule and make executable wget http://satellite.example.com/pub/bootstrap.py chmod +x bootstrap.py * run bootstrap.py on a client with a standard set of options adding the --fqdn switch. Example ./bootstrap.py -s satellite.example.com -o Example -a ak_Reg_To_Dev_EL7 -g 'RHEL7/Development' -L Philadelphia --enablerepos=rhel-7-server-satellite-tools-6.2-rpms --fqdn realhostname.example.com Expected behavior ================= * When run with a shortname and --fqdn is not explicitly provided OR * When run without --fqdn set to a shortname (Example: --fqdn foobar), bootstrap.py should halt and inform the user that they've passed a shortname as such: We could not determine the domain of this machine, most probably `hostname -f` does not return the FQDN. This can lead to Puppet missbehaviour and thus the script will terminate now. You can override this by passing one of the following --force - to disable all checking --skip-puppet - to omit installing the puppet agent * When run with --fqdn set to a proper FQDN whose domain is not defined in Foreman, (Example: if example.com is defined in Foreman, but the user passed --fqdn foobar.example.org), bootstrap.py should halt and inform the user that the domain doesn't exist. Example: This script is designed to register new systems or to migrate an existing system to a Foreman server with Katello [NOTIFICATION], [2017-02-27 04:44:12], [This system is not registered to RHN. Attempting to register via subscription-manager] [NOTIFICATION], [2017-02-27 04:44:12], [Retrieving Client CA Certificate RPMs] [RUNNING], [2017-02-27 04:44:12], [rpm -Uvh http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm] Retrieving http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm Preparing... ######################################## Updating / installing... katello-ca-consumer-satellite.auroracl######################################## [SUCCESS], [2017-02-27 04:44:14], [rpm -Uvh http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm], completed successfully. [NOTIFICATION], [2017-02-27 04:44:14], [Writing FQDN katello-fact] [NOTIFICATION], [2017-02-27 04:44:15], [Domain example.org doesn't exist in Foreman, consider using the --add-domain option.] * When run with --fqdn set to a proper FQDN whose domain does exist in Foreman, bootstrap.py should register the system and configure puppet using the user defined hostname. Confirm this by verifying: - /etc/rhsm/facts/katello.facts contains the user-defined hostname cat /etc/rhsm/facts/katello.facts {"network.hostname-override":"realhostname.example.com"} - /etc/puppet/puppet.conf contains the user-defined hostname in its 'certname' value grep certname /etc/puppet/puppet.conf certname = realhostname.example.com - The node can successfully complete a puppet run (puppet agent -tv) - The node exists in the UI/CLI via its user-defined hostname (check via Hosts->All Hosts or hammer host list) - The node DOES NOT exist in the UI/CLI via its short name (check via Hosts-> All Hosts or hammer host list)
We may want to rebase to katello-client-bootstrap-1.3.0 (https://github.com/Katello/katello-client-bootstrap/releases/tag/1.3.0) to address this.
The script now catches the short hostname, and a short name fqdn. Further testing on the way. -bash-4.1# docker run -it -h shawty ch-d:bootstrap /bin/bash [root@shawty ~]# ./bootstrap.py -s mgmt5.rhq.lab.eng.bos.redhat.com -o 'Default Organization' -g basic -a basickey -L 'Default Location' --add-domain Foreman Bootstrap Script This script is designed to register new systems or to migrate an existing system to a Foreman server with Katello We could not determine the domain of this machine, most probably `hostname -f` does not return the FQDN. This can lead to Puppet missbehaviour and thus the script will terminate now. You can override this by passing one of the following --force - to disable all checking --skip-puppet - to omit installing the puppet agent [root@shawty ~]# hostname shawty [root@shawty ~]# ./bootstrap.py -s mgmt5.rhq.lab.eng.bos.redhat.com -o 'Default Organization' -g basic -a basickey -L 'Default Location' --add-domain --fqdn $(hostname) Foreman Bootstrap Script This script is designed to register new systems or to migrate an existing system to a Foreman server with Katello We could not determine the domain of this machine, most probably `hostname -f` does not return the FQDN. This can lead to Puppet missbehaviour and thus the script will terminate now. You can override this by passing one of the following --force - to disable all checking --skip-puppet - to omit installing the puppet agent
Verified in Satellite 6.2.9 Snap 2 Specifying a fqdn with the --fqdn flag as well as adding the --add-domain flag allowed bootstrap to register the host successfully (see attached). [root@shawty ~]# ./bootstrap.py -s mgmt5.rhq.lab.eng.bos.redhat.com -o 'Default Organization' -g basic -a basickey -L 'Default Location' --add-domain --fqdn shawty.full.fqdn.com Foreman Bootstrap Script This script is designed to register new systems or to migrate an existing system to a Foreman server with Katello admin's password: [NOTIFICATION], [2017-04-07 16:40:08], [This system is not registered to RHN. Attempting to register via subscription-manager] [NOTIFICATION], [2017-04-07 16:40:08], [Retrieving Client CA Certificate RPMs] [RUNNING], [2017-04-07 16:40:08], [rpm -Uvh http://mgmt5.rhq.lab.eng.bos.redhat.com/pub/katello-ca-consumer-latest.noarch.rpm] Retrieving http://mgmt5.rhq.lab.eng.bos.redhat.com/pub/katello-ca-consumer-latest.noarch.rpm Preparing... ######################################## Updating / installing... katello-ca-consumer-mgmt5.rhq.lab.eng.######################################## [SUCCESS], [2017-04-07 16:40:13], [rpm -Uvh http://mgmt5.rhq.lab.eng.bos.redhat.com/pub/katello-ca-consumer-latest.noarch.rpm], completed successfully. [NOTIFICATION], [2017-04-07 16:40:13], [Writing FQDN katello-fact] [RUNNING], [2017-04-07 16:40:14], [Calling Foreman API to create a host entry associated with the group & org] [SUCCESS], [2017-04-07 16:40:15], [Successfully created host shawty.full.fqdn.com], completed successfully. [NOTIFICATION], [2017-04-07 16:40:15], [Calling subscription-manager] [RUNNING], [2017-04-07 16:40:15], [/usr/sbin/subscription-manager register --org 'Default_Organization' --name 'shawty.full.fqdn.com' --activationkey 'basickey' --serverurl=https://mgmt5.rhq.lab.eng.bos.redhat.com:443/rhsm --baseurl=https://mgmt5.rhq.lab.eng.bos.redhat.com/pulp/repos] The system has been registered with ID: b3d15ac6-69e4-401d-92f9-08cd900d7233 Installed Product Current Status: Product Name: Red Hat Enterprise Linux Server Status: Subscribed [SUCCESS], [2017-04-07 16:40:29], [/usr/sbin/subscription-manager register --org 'Default_Organization' --name 'shawty.full.fqdn.com' --activationkey 'basickey' --serverurl=https://mgmt5.rhq.lab.eng.bos.redhat.com:443/rhsm --baseurl=https://mgmt5.rhq.lab.eng.bos.redhat.com/pulp/repos], completed successfully. [RUNNING], [2017-04-07 16:40:29], [/sbin/chkconfig rhsmcertd on] Note: Forwarding request to 'systemctl enable rhsmcertd.service'. Created symlink from /etc/systemd/system/multi-user.target.wants/rhsmcertd.service to /usr/lib/systemd/system/rhsmcertd.service. [SUCCESS], [2017-04-07 16:40:30], [/sbin/chkconfig rhsmcertd on], completed successfully. [RUNNING], [2017-04-07 16:40:30], [/sbin/service rhsmcertd restart] [ERROR], [2017-04-07 16:40:30], EXITING: [/sbin/service rhsmcertd restart] failed to execute properly. sh: /sbin/service: No such file or directory
Created attachment 1269936 [details] verification screenshot
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:1191
*** Bug 1417992 has been marked as a duplicate of this bug. ***