2054044 – Registering hosts with Setup REX is not copying Satellite's foreman-proxy public keys on the host.

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2054044 - Registering hosts with Setup REX is not copying Satellite's foreman-proxy public keys on the host.

Summary: Registering hosts with Setup REX is not copying Satellite's foreman-proxy pub...

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Registration
Sub Component:
Version:	6.11.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	6.11.0
Assignee:	satellite6-bugs
QA Contact:	Stephen Wadeley
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-02-14 05:36 UTC by Akshay Kapse
Modified:	2022-12-22 16:01 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-04-28 08:20:25 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Akshay Kapse 2022-02-14 05:36:05 UTC

Description of problem:
- Register hosts with Setup REX is not copying foreman-proxy public keys on the host on Satellite 7.

Version-Release number of selected component (if applicable):
- satellite-7.0.0-0.5.beta.el7sat.noarch

How reproducible:
- Easily.

Steps to Reproduce:
1. Register a host to the Satellite using 'Setup REX' value to 'Yes (Override)'.
~~~
[root@host ~]# curl -sS --insecure 'https://<sat-hostname>/register?activation_keys=ak1&force=true&lifecycle_environment_id=1&location_id=2&organization_id=1&setup_remote_execution=true&update_packages=true' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJpYXQiOjE2NDQ4MTA3MzMsImp0aSI6IjgzNmY0OTI4NGY3YzQ4NDJmZDM3NzRlZDc1ODI1Nzk5NDgwZjk3MmQ2ZjgxNjIyOGM5Y2Y2ZjhhZWJjNGFjOWYiLCJleHAiOjE2NDQ4MjUxMzMsInNjb3BlIjoicmVnaXN0cmF0aW9uI2dsb2JhbCByZWdpc3RyYXRpb24jaG9zdCJ9.Jdu3fFpS22qF-4gji9FAFXWbYOBeIXymvRjeSIeCK_0' | bash
#
# Running registration
#
This system is currently not registered.
All local data removed
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

No match for argument: katello-ca-consumer*
No packages marked for removal.
Dependencies resolved.
Nothing to do.
Complete!
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

Error: There are no enabled repositories in "/etc/yum.repos.d", "/etc/yum/repos.d", "/etc/distro.repos.d".
The system has been registered with ID: 52c1f69d-603a-4fb3-8b58-65fbe6e4fbaf
The registered system name is: host.example.com
~~~

2. Run the REX ssh commands job.

Actual results:
- Job fails.
- Copy the ssh keys and then job succeeds.

Expected results:

- Setup REX should copy the foreman-proxy public keys on the host when overridden to yes while registering host.

Comment 1 Leos Stejskal 2022-02-15 08:46:25 UTC

Hi,
can you post full output log from the registration script?

Comment 2 Akshay Kapse 2022-02-15 09:12:07 UTC

Hi,

I re-registered it again:

~~~
[root@host ~]# curl -sS --insecure 'https://<satellite-ip>/register?activation_keys=ak1&force=true&location_id=2&organization_id=1&setup_remote_execution=true&update_packages=false' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJpYXQiOjE2NDQ5MTU4OTYsImp0aSI6IjAxNWVjYTJlYWYyYjFhZGZkNDUzMzdlMjhjMGE1MjRiYmRjYmIzZWIyMDJiNGZjMWVjNDAyOGUyMDM2NTVlMWEiLCJleHAiOjE2NDQ5MzAyOTYsInNjb3BlIjoicmVnaXN0cmF0aW9uI2dsb2JhbCByZWdpc3RyYXRpb24jaG9zdCJ9.xpcm_Xiya33VOU63ejZAL2OPhlTxuvRZYLX5CR1mqM0' | bash
#
# Running registration
#
Unregistering from: satellite.example.com:443/rhsm
System has been unregistered.
All local data removed
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

No match for argument: katello-ca-consumer*
No packages marked for removal.
Dependencies resolved.
Nothing to do.
Complete!
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

Error: There are no enabled repositories in "/etc/yum.repos.d", "/etc/yum/repos.d", "/etc/distro.repos.d".
The system has been registered with ID: 9d3ace17-390b-4f0e-8925-729a158bebb3
The registered system name is: host.example.com
curl: (51) SSL: no alternative certificate subject name matches target host name '<sastellite-ip>'
~~~

Comment 3 Leos Stejskal 2022-02-15 12:15:41 UTC

From the log I can see that registration process failed when it was calling back to the Satellite to get the host_init_config template which contains steps for deploying the SSH keys, see:

```
curl: (51) SSL: no alternative certificate subject name matches target host name '<sastellite-ip>'
```

We don't support calling satellite in registration templates by its IP address, my suggestion is to use domain name of Satellite instead of its IP address.

Comment 5 Leos Stejskal 2022-04-04 11:35:48 UTC

Since the issue is not a bug, can we close the issue?

Comment 7 Leos Stejskal 2022-04-04 12:44:13 UTC

Hi,
if you access Satellite by IP, command will generate the command with IP. Try to access Satellite with domain name and then create the command.

Comment 9 Leos Stejskal 2022-04-19 06:57:14 UTC

As far as I know there isn't anything about it in the documentation [0]
I'm proposing to close the issue as 'NOT A BUG' and raise a new one for the documentation team.

Comment 10 Leos Stejskal 2022-04-28 07:26:47 UTC

Hi Akshay Kapse,
can we close the issue?

Comment 11 Stephen Wadeley 2022-04-28 08:20:25 UTC

(In reply to Leos Stejskal from comment #9)
> As far as I know there isn't anything about it in the documentation [0]
> I'm proposing to close the issue as 'NOT A BUG' and raise a new one for the
> documentation team.

Hi

https://github.com/theforeman/foreman-documentation/pull/1245
 Use FQDN for registration cmd #1245

Comment 12 charbonnier nicolas 2022-07-21 07:42:03 UTC

Hi, 
i confirm process recovery with FQDN.
i've got same issue with IP, then with FQDN (dont Forget /etc/hosts on client), it works, then i got a new issue with puppet config :)

I test using config on hosts (/etc/hosts) onto foreman server and client
"IP_server" "FQDN" "HOSTNAME" 
but no resolution.

You said "it's not a bug", but it's not normal if this don't work with IP too !

Note You need to log in before you can comment on or make changes to this bug.