Foreman 2.2 test week

Foreman 2.2 RC1 has been announced and it’s the time to put our effort into making sure that all most important features are not broken hard. We need your help! It’s easy to get your hands dirty and help us with testing:

  1. Install Foreman RC version (the most up to date one)
  2. Pick a scenario from this post or add your own scenario
  3. If you find an issue, file it in the RedMine and make a comment in this thread linking the issue
  4. Mark the scenario as checked in this OP (this is an editable wiki post), here is syntax of checked and unchecked lines (you can click on checkboxes directly with mouse):
    • Unchecked
    • Checked
    • Checked (alternative syntax with no special semantics - both are equal)

Installation

  • Install Foreman using existing script/forklift/beaker
    • Forklift
    • My own install script
  • Install Foreman manually by following our installation guide
    • RHEL / CentOS stable
    • Debian / Ubuntu stable
  • Install Foreman manually by following our new installation guide
    • RHEL / CentOS
    • Debian / Ubuntu
  • Upgrade existing Foreman deployment (advertise in RedMine it was an upgraded instance if you encounter bug)
    • RHEL / CentOS
    • Debian / Ubuntu
  • Sanity checks
    • Installation on Red Hat distro with SELinux turned on
    • Packages passenger and tfm-rubygem-passenger are from the same repo (foreman) and in the same version
    • Logging in with a user that has limited permissions works properly

Provisioning

  • Bare-metal or virtualized PXE provisioning (host exits build mode and reboots)
    • BIOS host with CentOS 8
    • BIOS host with CentOS 7
    • UEFI host with CentOS
    • BIOS host with Debian or Ubuntu
    • UEFI host with Debian or Ubuntu
    • BIOS host with Atomic OS
  • Compute Resources (VM is successfully created, finish or cloud-init is executed)
    • Create VMware host (Image Based/Network Based)
    • Create OpenStack host (Image Based)
    • Create Ovirt host (Image Based/Network Based)
    • Create Libvirt host (Image Based/Network Based)
    • Creare AWS host (Image Based)
    • Create GCE host
    • Create Azure host
  • Puppet manifest import (classes are imported, parameters recognized)
  • Puppet configuration (class is assigned to a host, agent performs changes, reports and facts appears correctly)
  • Log in using user from LDAP (user account is created from LDAP)
  • Log in using user from FreeIPA (user account is created from FreeIPA)

Foreman Discovery

  • Bare-metal or virtualized provisioning via Provision - Customize Host (host exits build mode and reboots)
    • BIOS with discovery from PXE
    • UEFI with discovery from PXE
    • BIOS with discovery PXE-less
    • UEFI with discovery PXE-less
  • Provision a host via discovery rule
  • Provision a host via Customize UI button
  • Provision a host without hostgroup via Customize UI button
  • Provision a host via hammer via hostgroup
  • Provision a host via hammer via auto provisioning rule

Foreman Bootdisk

  • Bootdisk basic provisioning (host exits build mode and reboots)
    • Full host image BIOS
    • Host image BIOS
    • Generic image BIOS
    • Full host image EFI
    • Host image EFI
    • Generic image EFI

Foreman Ansible

  • Import Roles
    • With/From Smart-Proxy
  • Assign Roles
    • Hostgroup
    • Hosts
  • Play Roles
    • Hostgroup
    • Hosts
  • Run shipped Ansible playbook (job), e.g. to install ansible role from galaxy

Foreman Remote Execution

  • Run some job, e.g. ‘ls /etc’ on a system that was provisioned from Foreman, it should work out of the box
  • Run some job against the Foreman host itself, only key configuration should be needed

Foreman Puppet run

  • Trigger Puppet run on host through SSH

Foreman Openscap

  • Create new content file, define a policy, assign it to a host and deploy the foreman_scap_client using puppet
  • Verify ARF report gets uploaded upon foreman_scap_client run and full version of it can be rendered
  • Create tailoring file, assign it to the policy and rerun client with the tailoring file

Foreman Virt Who Configure

  • Create a configuration definition and run it e.g. through REX on some provisioned host. It should succeed as long as it has access to sat tools repo on RHEL, epel (I think) on centos.
    note: plugin works, the configuration requires new virt-who that is currently in fedora 30, not in epel

Foreman Templates

  • hammer import-templates --lock true # sync newest templates from community-templates repo, see audits
  • mkdir /repo; chown foreman /repo; hammer export-templates --repo /repo # may need setenforce 0

This page is a wiki, feel free to update it and add new scenarios as you test them. Thanks for your help!

1 Like

Waiting for katello to be fixed as it does not allow pulp3 only for Centos 8

Hi @stephenc, Katello 3.16 will not be supported on CentOS 8, as pulp 2 is not available for it. I would suggest that you try running on CentOS 7 for now since it will not be possible to install Katello on CentOS 8 until pulp2 is dropped in Katello 4.0, currently scheduled for release around March 2021 (New Katello release schedule & Pulp 3 Migration Update).

Bug #30168: Repository create fails when only Pulp 3 is installed (EL8) - Katello - Foreman implies that the fix will be released in katello 3.17 next month

I’ve set up a Centos 7 version - with katello 3.17
Ubuntu repos failing to sync with the following error
No such file or directory: u’/var/cache/pulp/reserved_resource_worker-0@bss01.orch.vocus.net/9263dadc-86fd-44b9-b6e2-8724d9a1289c/dists/xenial/universe/binary-amd64/Packages.xz

Hello, updated original thread before I saw this one aimed directly at v2.2 beta.

Fix 30353 would appear to be missing from the rubygem-foreman_openscap-4.0.0-1.fm2_2.el8.noarch rpm in the 2.2 plugin repo.

I ran into the original issue noted of reports failing to upload, applied the fix to the files installed, all works as expected.

I did run into one problem where a client, without being assigned to any group with SCAP policy applied at all, kept on receiving ALL policies down to it. I cannot rule out finger trouble my end, but disappeared after rebuild of foreman server. I did see in the last week an update of puppet client version it may be this is the culprit.

On a CentOS 8.2.2004 server, with the fix applied, and CentOS 7.8.2003 or 8.2.2004 clients, openscap scans work and reports upload correctly. I have done this with both scap toolset installed from distro repos and also updated from https://copr.fedorainfracloud.org/coprs/openscapmaint/openscap-latest/ . Tailoring files work as expected.

FDI 3.6.6 RC ready for testing, please give us feedback. You can use FDI with any Foreman version:

I finally merged a required blocker bug and Discovery nightly will be 16.2 version which I will push out over the weekend.