I apologize for this post seeming like a rant. I’m trying to implement a managed update service for a hybrid environment that includes both Ubuntu (18.04.6 LTS and 20.04 LTS) and RHEL distros such as RHEL 8.5 and Rocky Linux 8.5. I’ve been reading through documentation and spinning my wheels on this issue for a few days now, and I just simply need an answer as to whether or not I’m wasting my time or if I’m simply looking in the wrong place for the solution. Thank you kindly.
Problem:
There seems to be a bias in favor of RedHat distros over Debian distros in terms of documentation. What I mean by that is the documentation for Ubuntu (be it 18.04 or 20.04) seems to be sparse when it comes to registering existing hosts or implementing content management. I’ve tried using both the Stable 3.2 build/documentation as well as the Nightly 3.3.0 build/documentation and run into the same issues outlined below and in this thread.
I’m unable to get content added to Product > Repositories I create using documentation provided; however, I was able to get the Product > Repositories working just fine for the RedHat distro I’m using (Rocky Linux 8.5). Registering existing hosts? I was able to set up a new Rocky Linux 8.5 server, update the certificates per the documentation, and issue the curl command without any issue. Had it registered and displaying installed packages, available CVEs, TCP/IP information in minutes.
I’ve tried this same endeavor with both Ubuntu 18.04.6 LTS and 20.04.4 LTS to no avail. After having to change the .pem file to a .crt file (something that isn’t detailed in the documentation as needing to be done), I was able to update the certificates according to documentation provided by official Ubuntu documentation regarding .pem and .crt files and the update-ca-certificates command. Issue the curl command, and I’m met with a success outcome. However, even though the system shows up under Hosts, absolutely no other information is parsed or displayed like it is for the Rocky Linux 8.5 server I registered prior. What am I missing? Is there documentation I’m unaware of that fixes this issue? Is this a bug that is currently being addressed?
Expected outcome:
I expect the documentation to provide mitigation/work arounds or explanations as to why and how to handle Ubuntu registration and content management since The Foreman is supposed to be able to work with both RHEL and Debian distros. If there is documentation I’m unaware of, please, point me in that direction and I will humbly go about my way to read and digest it accordingly.
Foreman and Proxy versions:
3.2 Stable and 3.3.0 Nightly. Both result in same outcomes.
Distribution and version:
Foreman+Katello is hosted on Rocky Linux 8.5
I must agree with the Ubuntu issues in general. It seems Ubuntu has drifted from what Foreman expects in a few areas. I am not sure what the correct solution is here.
I completely understand what you’re saying. However, I am working hard on making Ubuntu (as well as Debian and SLES) as visible and well documented as (RH)EL. Can you point me to specific areas where you’re missing information? May I also refer you to Deploying an Internal Application Guide in the orcharhino documentation? All procedures are also part of the upstream documentation; they are, however, spread accross guides and somewhat “lost” in the bulk of the EL procedures etc.
Adding deb and yum content from upstream (like Canonical or Rocky Linux) to Foreman is very similar. See Adding DEB Repositories in the Foreman documentation. Did you try this and run into issues?
This is a bit more tricky. I am unsure about the current status of the “Host Register” feature for non-EL hosts. cc @MSinghal
Absolutely. My colleagues and everyone from the Foreman community are working hard to make that happen. Please share your feedback on Foreman and specific issues with the Foreman documentation or maybe even open on issue on Github.
For Ubuntu 22.04, there is the new autoinstall mechanism to provision hosts. This is something different than Debian. The community and my colleagues are currently working on this. cc @bastian-src
See my previous thread here with detailed explanation and references of what I’m running into. Gist of the issue is it seems to be needing a global environmental variable applied to Pulp, specifically the variable FORCE_IGNORE_MISSING_PACKAGE_INDICES=True, which isn’t mentioned anywhere in the Foreman+Katello documentation, nightly or stable. I’m unsure of how/where to place this variable for it to apply to Pulp. I opened an inquiry on GitHub for pulp/pulp_deb in hopes of having this question addressed. Would be great if this were made into a simple checkbox to enable this feature on the web UI when dealing with deb repositories or at the very least mentioned in documentation with a detailed explanation of what to expect and how/where to apply it.
I don’t mind tricky. I just need to know if this feature is present and possible. If it is, I’ll do what is necessary to make it happen. I just need to know how it’s done. The reporting features Foreman+Katello provide for EL are crucial to have for our Ubuntu systems as they provide my team that window into our in-place content. If this feature is not present or possible at this time, then I need to move onto different pastures so as to stop wasting valuable company time on a fruitless endeavor.
Which one is more monitored and active as far as engaging with its users - here or the GitHub page? I want to ensure I’m posting inquiries, bugs, and suggestions to the proper location.
To elaborate, I have no issue getting the .pem file converted to a .crt file and updating the certificates with update-ca-certificates command. The curl command generated by Foreman works and gets the Ubuntu host registered. The specific issue I’m having with registration is that it doesn’t pull any information from that host once it’s registered, not even its interface, let alone what packages are installed, possible CVE’s, etc.
So, when you say “Stay tuned,” are you saying this is something being worked on down the pipeline or that you’ll have a more detailed explanation of how to implement this in the coming hours, days, or weeks? I’m needing to know so I can figure out if I need to be focusing my efforts elsewhere or not.
@quba42
Bringing this inquiry to your attention. Gist of my question at this point so you don’t have to read everything above this post:
Is it possible to have the same reporting for Ubuntu systems that exists for (RH)EL systems in terms of content/package management, CVEs, Interfaces, etc? And if it is, how do we go about implementing it? I can successfully register Ubuntu hosts using the generated curl commands; however they do not show any information once registered and showing up in the Foreman web UI.
If this feature is not available with Foreman, then I will have to abandon this endeavor altogether as this is crucial for our environment.
I am going to give a high level overview of what to expect with respect to the level of Debian/Ubuntu support in Foreman and in particular in Katello (because that is how I understand the question).
On the plain Foreman side (server deployment), the Debian and Ubuntu support is pretty reliably and generally maintained to a similar level as for other (RPM based) OSes. On the Katello side (content management) it is currently not realistic to expect the same level of support in current Katello releases as for RPM. This is mainly because there are far fewer developers in the community working on the Ubuntu and Katello support, and also, because the switch to Pulp 3 has stretched those resources even thinner. So what does and what does not work? Hosting APT repositories on Katello should generally work. There is some support for attaching hosts to that content using the subscription-manager builds provided here: http://apt.atix.de/. The new host registration approach for Katello (which I believe you are talking about in this thread) is being worked on, but is generally not ready for Debian and Ubuntu (to the best of my knowledge). Errata support for Debian and Ubuntu is planned but keeps getting delayed (it probably would have been merged by now if it weren’t for Pulp 3). Package actions and applicability for Debian and Ubuntu have already worked but appear to have some regression in current releases.
On the whole, the state of Debian and Ubuntu support in official Katello releases has been better and will probably improve again once ATIX fully transitions its downstream product to Pulp 3. If you want Katello with Debian and Ubuntu support right now (beyond the basic repo hosting), then you are probably need the help of professional services/downstream products (or a lot of time). Especially since the documentation is as you observe still patchy. That is my honest assessment as of right now. In half a year, things might look different. You could also try using a Katello 3.18 installation using Pulp 2. Ubuntu/Debian support was probably further along then, than it is in the most current releases (although then you will need to eventually migrate to Pulp 3, so I can’t exactly recommend that route either).
Edit: I have been told that Ubuntu/Debian host registration should in principle work. This is the aspect of Debian/Ubuntu support I know least about, so if you have a specific question regarding Debian/Ubuntu host registration it is best to open a new thread and let others answer.