Hi,
I’m trying to install foreman on a Red Hat Enterprise Linux 8.8 and I’m getting the following error message when running the install command:
sudo foreman-installer
2023-09-15 10:31:01 [WARN ] [boot] <Array> ["Unsetting environment variable 'http_proxy' for the duration of the install."]
2023-09-15 10:31:01 [WARN ] [boot] <Array> ["Unsetting environment variable 'https_proxy' for the duration of the install."]
2023-09-15 10:31:01 [NOTICE] [root] Loading installer configuration. This will take some time.
2023-09-15 10:31:03 [NOTICE] [root] Running installer with log based terminal output at level NOTICE.
2023-09-15 10:31:03 [NOTICE] [root] Use -l to set the terminal output log level to ERROR, WARN, NOTICE, INFO, or DEBUG. See --full-help for definitions.
Failed to ensure foreman-selinux is installed
2023-09-15 10:31:08 [ERROR ] [root] Failed to ensure foreman-selinux is installed
Error: Execution of '/bin/dnf -d 0 -e 1 -y install foreman-selinux' returned 1: Error: Failed to download metadata for repo 'foreman': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
Error: /Stage[main]/Main/Package[foreman-selinux]/ensure: change from 'purged' to 'present' failed: Execution of '/bin/dnf -d 0 -e 1 -y install foreman-selinux' returned 1: Error: Failed to download metadata for repo 'foreman': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
2023-09-15 10:31:08 [ERROR ] [root] Error: Execution of '/bin/dnf -d 0 -e 1 -y install foreman-selinux' returned 1: Error: Failed to download metadata for repo 'foreman': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
Error: /Stage[main]/Main/Package[foreman-selinux]/ensure: change from 'purged' to 'present' failed: Execution of '/bin/dnf -d 0 -e 1 -y install foreman-selinux' returned 1: Error: Failed to download metadata for repo 'foreman': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
Does anybody have any idea how to fix this issue or where to get foreman-selinux from?
From the looks of it, you have proxy environment variables set, so I assume your designated Foreman server is behind a proxy and needs to use that proxy to access the Foreman repos.
The installer unsets those variables, so you will need to set them via config, either at the repo level or in /etc/dnf/dnf.conf for the whole system.
See man dnf.conf for how that value should be set in dnf.conf. If you want to configure it on a repo level, you need to add proxy=<your proxy> to every repo entry that requires a proxy.
I added the proxy to the dnf.conf, now I’m one step further.
$ sudo foreman-installer
2023-09-15 12:24:50 [WARN ] [boot] <Array> ["Unsetting environment variable 'http_proxy' for the duration of the install."]
2023-09-15 12:24:50 [WARN ] [boot] <Array> ["Unsetting environment variable 'https_proxy' for the duration of the install."]
2023-09-15 12:24:50 [NOTICE] [root] Loading installer configuration. This will take some time.
2023-09-15 12:24:52 [NOTICE] [root] Running installer with log based terminal output at level NOTICE.
2023-09-15 12:24:52 [NOTICE] [root] Use -l to set the terminal output log level to ERROR, WARN, NOTICE, INFO, or DEBUG. See --full-help for definitions.
2023-09-15 12:24:56 [NOTICE] [configure] Starting system configuration.
2023-09-15 12:25:05 [NOTICE] [configure] 250 configuration steps out of 1235 steps complete.
2023-09-15 12:25:06 [NOTICE] [configure] 500 configuration steps out of 1238 steps complete.
2023-09-15 12:25:06 [NOTICE] [configure] 750 configuration steps out of 1244 steps complete.
2023-09-15 12:25:19 [NOTICE] [configure] 1000 configuration steps out of 1244 steps complete.
2023-09-15 12:25:33 [ERROR ] [configure] Error making POST request to Foreman at https://ansible.mydomain.com/api/v2/smart_proxies: Unable to communicate with the proxy: ERF12-2530 [ProxyAPI::ProxyException]: Unable to detect features ([RestClient::SSLCertificateNotVerified]: SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch)) for proxy https://foreman.ansible.mydomain.com:8443/v2/features Please check the proxy is configured and running on the host.
2023-09-15 12:25:33 [ERROR ] [configure] /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[ansible.mydomain.com]/ensure: change from 'absent' to 'present' failed: Error making POST request to Foreman at https://ansible.mydomain.com/api/v2/smart_proxies: Unable to communicate with the proxy: ERF12-2530 [ProxyAPI::ProxyException]: Unable to detect features ([RestClient::SSLCertificateNotVerified]: SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch)) for proxy https://foreman.ansible.mydomain.com:8443/v2/features Please check the proxy is configured and running on the host.
2023-09-15 12:25:35 [NOTICE] [configure] System configuration has finished.
There were errors detected during install.
Please address the errors and re-run the installer to ensure the system is properly configured.
Failing to do so is likely to result in broken functionality.
The full log is at /var/log/foreman-installer/foreman.log
I added “:foreman_proxy::sslverify: false” to the custom-hiera-yaml but still getting the same message.
Somehow you Foreman Server seems to think it has two different FQDNs (ansible.mydomain.com and foreman.ansible.mydomain.com). And when registring the smart-proxy, it uses one name to connect while the SSL certs are for the other one.
Hard to tell how you got to this point without knowing what you configured beforehand. If you actually need to have two names for that machine, that’s an advanced setup I have no experience with. If that is unintentional, you might want to fix the related settings.
In both cases, I would recommend taking a look at foreman-installer --full-help and see where the differing names might be set. If you need to have a box with several names, you need to figure out what options to use for DNS alt names.
