Change Pulpcore URL through katello-answers.yaml

rivermigue · March 10, 2023, 4:39pm

Problem:
How can I set the pulp core url so that foreman proxy can use that url instead of the server’s FQDN?
A little background:
Our infrastructure uses certain Active directory domains as FQDN depending on the location and server’s purpose e.g: ad.location.domain.loc → this resolves to the server’s IP, however we setup all of our web applications through a different domain which is company.com, the problem here is that *.company.com is signed by a trusted CA whereas ad.location.domain.loc is self signed, after installing katello using our company.com SSL certificate and setting up the server alias it works, however the foreman proxy cant connect with the Pulpcore service and complains that the hostname can’t be verified because the url is ad.location.domain.loc instead of katello.company.com, after looking into the foreman-proxy module, it looks like I can pass the following params to the class: puppet-foreman_proxy/pulp.pp at master · theforeman/puppet-foreman_proxy · GitHub

foreman_proxy::plugin::pulp:
  pulpcore_api_url: "https://katello.company.com"
  pulpcore_content_url: "https://katello.company.com/pulp/content"
  rhsm_url: "https://katello.company.com/rhsm"

I tried appending these params to the katello-answers.yaml but when foreman-installer is ran the following error message appears:

foreman-installer --scenario katello
**Traceback** (most recent call last):
19: from /sbin/foreman-installer:8:in `<main>'
18: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/kafo_configure.rb:50:in `run'
17: from /usr/share/gems/gems/clamp-1.1.2/lib/clamp/command.rb:132:in `run'
16: from /usr/share/gems/gems/clamp-1.1.2/lib/clamp/command.rb:132:in `new'
15: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/kafo_configure.rb:140:in `initialize'
14: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/hooking.rb:65:in `execute'
13: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/hooking.rb:65:in `each'
12: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/hooking.rb:67:in `block in execute'
11: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/hook_context.rb:19:in `execute'
10: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/hook_context.rb:19:in `instance_eval'
9: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/hooking.rb:36:in `block (4 levels) in load'
8: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/hooking.rb:36:in `instance_eval'
7: from /usr/share/foreman-installer/hooks/boot/20-certs_update.rb:2:in `block (4 levels) in load'
6: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/hook_context.rb:113:in `module_present?'
5: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/kafo_configure.rb:257:in `module'
4: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/kafo_configure.rb:253:in `modules'
3: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/configuration.rb:133:in `modules'
2: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/configuration.rb:133:in `map'
1: from /usr/share/gems/gems/kafo-6.5.0/lib/kafo/configuration.rb:133:in `block in modules'
/usr/share/gems/gems/kafo-6.5.0/lib/kafo/puppet_module.rb:70:in `parse': **No Puppet module parser is installed and no cache of the file /usr/share/foreman-installer/modules/foreman_proxy/manifests/plugin/pulp.pp is available. Please check debug logs and install optional dependencies for the parser. (****Kafo::ParserError****)**

What are the dependencies I should install to be able to use these other params?
Expected outcome:
Be able to use pulpcore url in katello.company.com instead of the server’s fqdn.
Foreman and Proxy versions:
3.5
Foreman and Proxy plugin versions:
katello 4.7
Distribution and version:
Alma Linux 8.7
Other relevant data:

jeremylenz · March 10, 2023, 4:43pm

I’m not sure of the answer to your question, but I do know that editing katello-answers.yaml is not generally recommended. Instead the correct way to do it is to find the appropriate installer options in foreman-installer --help, then run the installer with those options.

iballou · March 10, 2023, 5:12pm

It looks like we have no installer support for changing the Pulp URL or Pulp content app URL. Looks like the answers file is the only way. I’m guessing the syntax or layout is wrong somehow… @ekohl or @wbclark do you see what might be wrong with their answers file addition?

rivermigue · March 20, 2023, 7:55pm

Hi, does anyone know if that can be accomplished?

wbclark · March 21, 2023, 2:54pm

Hi @rivermigue , sorry for the delayed response.

I think you would need to set these parameters using the custom-hiera.yml file instead of katello-answers.yml, since to my knowledge the foreman_proxy::plugin::pulp class is not declared directly by the installer as a top level class, but is rather declared within another module entirely (foreman_proxy_content) which does not expose these parameters directly in its interface (at least not in a modular, standalone way, see: puppet-foreman_proxy_content/init.pp at 12bbe7a90132c79fba7d7fe775a40b70da3e0e5a · theforeman/puppet-foreman_proxy_content · GitHub )

Using custom-hiera.yml instead of the answers file should at least get the installer to the point where it runs puppet, giving you a better idea of what kind of additional tweaks might be required to get this working.

rivermigue · April 27, 2023, 3:48pm

I tried using the custom-hiera.yml however, it looks like the modulo will not accept the overwrites through there either since it doesnt change anything in the configuration at all after running foreman-install