Content proxy not listing to port 80 anymore

After updating from katello 3.17.2 to 3.18.1 I have noticed that my separate content smart proxy doesn’t listen to port 80 anymore. It’s only serving port 443. Is there a particular reason for that change? I have used http to get the katello-ca-consumer-latest rpm from the proxy and noticed it’s not working.

That change also seems to affect provisioning, when it tries to download the vmlinuz and initrd files from the proxy into /var/lib/tftpboot/boot/.

It seems the change came in with this pull request

As far as I understand the elsif with ‘foreman_proxy_content::pulp’ set applies to my installation which would add the httpd_pub.erb into the https foreman and sets the separate pub_dir.conf file but doesn’t do anything to enable port 80…

Could you file an issue while I look into a fix for this for you.

I have already created Bug #31662: Foreman content proxy doesn't listen on port 80 anymore - Installer - Foreman.

I spun up a new Katello 3.18, and the pub directory was working for me. I will try out an upgrade. Can you show me what these display:

grep -r 80 /etc/httpd
grep -r pub /etc/httpd

Isn’t a new katello using pulp3?

Here is the output:

[root@foreman-proxy ~]# grep -r 80 /etc/httpd/
/etc/httpd/conf/httpd.conf:#Listen 80
[root@foreman-proxy ~]# grep -r pub /etc/httpd/
/etc/httpd/conf/magic:# copyright, but this file is "published" as witness the following:
/etc/httpd/conf.d/pulp_content.conf:    XSendFilePath /var/lib/pulp/published
/etc/httpd/conf.d/pulp_rpm.conf:  RewriteRule (.+/pulp/repos/)(.*) /pulp2/content/var/www/pub/yum/https/repos/$2 [DPI]
/etc/httpd/conf.d/pulp_rpm.conf:  RewriteRule (.+/pulp/repos/)(.*) /pulp2/content/var/www/pub/yum/http/repos/$2 [DPI]
/etc/httpd/conf.d/pulp_rpm.conf:Alias /pulp/exports /var/www/pub/yum/https/exports
/etc/httpd/conf.d/pulp_rpm.conf:<Directory /var/www/pub/yum/https>
/etc/httpd/conf.d/pulp_rpm.conf:<Directory /var/www/pub/yum/http>
/etc/httpd/conf.d/pulp_rpm.conf:Alias /pulp/gpg /var/www/pub/gpg
/etc/httpd/conf.d/pulp_rpm.conf:<Directory /var/www/pub/gpg/>
/etc/httpd/conf.d/pulp_deb.conf:  RewriteRule (.+/pulp/deb/)(.*) /pulp2/content/var/www/pub/deb/https/repos/$2 [DPI]
/etc/httpd/conf.d/pulp_deb.conf:  RewriteRule (.+/pulp/deb/)(.*) /pulp2/content/var/www/pub/deb/http/repos/$2 [DPI]
/etc/httpd/conf.d/pulp_deb.conf:<Directory /var/www/pub/deb/https>
/etc/httpd/conf.d/pulp_deb.conf:<Directory /var/www/pub/deb/http>
/etc/httpd/conf.d/pulp_docker.conf:Alias /pulp/docker/v2 /var/www/pub/docker/v2/web
/etc/httpd/conf.d/pulp_docker.conf:<Directory /var/www/pub/docker/v2/web>
/etc/httpd/conf.d/pulp_docker.conf:<Directory /var/www/pub/docker/v2/web/*/manifests/2>
/etc/httpd/conf.d/pulp_docker.conf:<Directory /var/www/pub/docker/v2/web/*/manifests/list>
/etc/httpd/conf.d/pulp_docker.conf:Alias /pulp/docker/v1 /var/www/pub/docker/v1/web
/etc/httpd/conf.d/pulp_docker.conf:<Directory /var/www/pub/docker/v1/web>
/etc/httpd/conf.d/pulp-vhosts80/rpm.conf:Alias /pulp/exports /var/www/pub/yum/http/exports
/etc/httpd/conf.d/pulp-vhosts80/iso.conf:Alias /pulp/isos /var/www/pub/http/isos
/etc/httpd/conf.d/pulp-vhosts80/pub_dir.conf:Alias /pub /var/www/html/pub
/etc/httpd/conf.d/pulp-vhosts80/pub_dir.conf:<Location /pub>
/etc/httpd/conf.d/05-pulp-https.conf:Alias /pub /var/www/html/pub
/etc/httpd/conf.d/05-pulp-https.conf:<Location /pub>
/etc/httpd/conf.d/pulp_iso.conf:Alias /pulp/isos /var/www/pub/https/isos
/etc/httpd/conf.d/pulp_iso.conf:<Directory /var/www/pub/https/isos>
/etc/httpd/conf.d/pulp_iso.conf:<Directory /var/www/pub/http/isos >

On my upgrade, I had a vhost for port 80 configured. Looking at the code however, I am wondering, do you have, in /etc/foreman-installer/scenarios.d/foreman-proxy-content-answers.yaml:

  enable_puppet: false

As in, do you have puppet content on your content proxy turned off through that setting?

I don’t have any puppet content. I also don’t run any puppet (except the agent) on the content proxy. So basically, everything puppet related including the setting above is disabled on my content proxy. I want my content proxy to serve content/rpms, only.

Seems our code makes some assumptions in that area unfortunately that breaks the pub directory deploying. For now, enabling puppet content is the work around. I will work on a fix for this for that case.

I have opened a pull request to address it that can be pulled back for a future 3.18 release: