Problem:
When we’re provisioning a new system, everything works great. But if we need to re-baseline a system, or re-install its OS, then the OTP never gets re-generated by FreeIPA as it does when the system is new.
Expected outcome:
Anytime we trigger the “Build” action, the IPA SmartProxy should create a new OTP among its other “get-ready” tasks.
Foreman and Proxy versions:
Foreman 3.0.0.rc1
Proxy 2.6.0
then you should see a HTTP request coming to your Realm smart-proxy with /realm/hostname URL and arguments. The “rebuild” argument should be passed as “true” which causes the host to call “host_disable” first and then “host_mod” FreeIPA API calls. In the proxy.log with debug on you should see “Making IPA call xyz”.
When I hit the “Build” button to re-build the system, I get no lines in production.log referencing “realm”, but when I delete and re-create the host, I do get this:
Delete realm entry for zsdiscoverytest.our.net
:
:
Add realm entry for new host zsdiscoverytest.our.net
I don’t see where any message is getting to the proxy through the HTTP call you mentioned in /var/log/foreman-proxy/proxy.log or /var/log/httpd/access_log or error_log.
If I read the core correctly, this means we update the realm entry in case Host’s realm has changed or its host group changed (which could also cause the actual realm change).
@wortmanb the log you’re looking at is the smart proxy one. The orchestration and logging (Delete and Add entries) are expected in the Foreman’s production.log. If you don’t see them, can you upload the full log of a request from Foreman, when you actually modify the realm? That may reveal something more.