Bug 1706743 - Candlepin service FAIL to start after satellite-change-hostname
Summary: Candlepin service FAIL to start after satellite-change-hostname
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: satellite-change-hostname
Version: 6.6.0
Hardware: Unspecified
OS: Unspecified
unspecified
urgent vote
Target Milestone: 6.6.0
Assignee: Evgeni Golov
QA Contact: Vladimír Sedmík
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-05-06 08:35 UTC by Nikhil Kathole
Modified: 2019-10-22 12:47 UTC (History)
4 users (show)

Fixed In Version: katello-3.12.0-0.5
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-10-22 12:47:30 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Foreman Issue Tracker 26751 Normal Closed Candlepin service FAIL to start after satellite-change-hostname 2020-01-03 17:10:59 UTC
Red Hat Product Errata RHSA-2019:3172 None None None 2019-10-22 12:47:40 UTC

Description Nikhil Kathole 2019-05-06 08:35:26 UTC
Description of problem:

After satellite-change-hostname, candlepin service not starting.

# hammer ping
candlepin:      
    Status:          FAIL
    Server Response:
candlepin_auth: 
    Status:          FAIL
    Server Response:
pulp:           
    Status:          ok
    Server Response: Duration: 174ms
pulp_auth:      
    Status:          ok
    Server Response: Duration: 101ms
foreman_tasks:  
    Status:          ok
    Server Response: Duration: 5ms


# katello-service status -b
Redirecting to 'foreman-maintain service'
Running Status Services
================================================================================
Get status of applicable services: 
Displaying the following service(s):

rh-mongodb34-mongod, postgresql, qdrouterd, qpidd, squid, pulp_celerybeat, pulp_resource_manager, pulp_streamer, pulp_workers, smart_proxy_dynflow_core, tomcat, dynflowd, httpd, puppetserver, foreman-proxy
| displaying rh-mongodb34-mongod                   [OK]                         
| displaying postgresql                            [OK]                         
| displaying qdrouterd                             [OK]                         
| displaying qpidd                                 [OK]                         
| displaying squid                                 [OK]                         
| displaying pulp_celerybeat                       [OK]                         
/ displaying pulp_resource_manager                 [OK]                         
/ displaying pulp_streamer                         [OK]                         
/ displaying pulp_workers                          [OK]                         
/ displaying smart_proxy_dynflow_core              [OK]                         
/ displaying tomcat                                [OK]                         
/ displaying dynflowd                              [OK]                         
/ displaying httpd                                 [OK]                         
/ displaying puppetserver                          [OK]                         
- displaying foreman-proxy                         [OK]                         
- All services are running                                            [OK]      
--------------------------------------------------------------------------------


Version-Release number of selected component (if applicable):

Satellite 6.6 snap 1

How reproducible: always


Steps to Reproduce:
1. Install satellite 6.6
2. satellite-change-hostname qe-testing-rhel7.example.com -y -u admin -p changeme

Actual results:
After hostname change is successful, candlepin is down.

Expected results:
Candlepin should not fail.

Additional info:

Comment 4 Evgeni Golov 2019-05-06 15:07:11 UTC
I can reproduce this. The problem seems to be that the installer does not refresh the Candlepin/Tomcat keystore.

Comment 5 Evgeni Golov 2019-05-06 15:26:47 UTC
workaround:
rm /etc/candlepin/certs/candlepin-ca.* /etc/candlepin/certs/keystore
satellite-installer

Comment 6 Eric Helms 2019-05-06 16:26:38 UTC
I think this may need an update in the code that does the change hostname itself. That code attempts to delete certificates to have the installer regenerate them. This is fragile if the installation moves certificates around which we have done in 6.6 in some cases.

https://github.com/theforeman/foreman-packaging/blob/rpm/develop/packages/katello/katello/hostname-change.rb#L327

https://github.com/theforeman/puppet-certs/commit/1f3ca4fb3a0702f0cf78ca2ebc8f630cde3140e2

https://github.com/theforeman/puppet-candlepin/commit/59590d9207541dcc7bdea1e7c38752e50bc6d284

Comment 7 Evgeni Golov 2019-05-07 08:23:57 UTC
Created redmine issue https://projects.theforeman.org/issues/26751 from this bug

Comment 8 Bryan Kearney 2019-05-07 10:06:41 UTC
Upstream bug assigned to egolov@redhat.com

Comment 9 Bryan Kearney 2019-05-07 10:06:43 UTC
Upstream bug assigned to egolov@redhat.com

Comment 10 Bryan Kearney 2019-05-07 14:06:45 UTC
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/26751 has been resolved.

Comment 13 errata-xmlrpc 2019-10-22 12:47:30 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:3172


Note You need to log in before you can comment on or make changes to this bug.