Problem:
I’m having an issue integrating salt with Foreman. Both salt-master and foreman are on the same host.
Smart proxy is deployed and configured too. I can discover salt states on foreman, but no remote execution (state.highstate). Also, I can sign keys for minions.
---
:proto: https
:host: foreman.fqdn
:port: 443
# if using http with ssl certificates
:ssl_ca: "/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem"
:ssl_cert: "/etc/puppetlabs/puppet/ssl/private_keys/foreman.fqdn.pem"
:ssl_key: "/etc/puppetlabs/puppet/ssl/certs/foreman.fqdn.pem"
:timeout: 10
:salt: /usr/bin/salt
:upload_grains: true
/etc/foreman-proxy/settings.d/salt.yml
---
:enabled: true
:autosign_file: /etc/salt/autosign.conf
:salt_command_user: foreman-proxy
# Some features require using the Salt API - such as listing environments and retrieving state info
:use_api: true
:api_url: https://foreman.fqdn:9191
:api_auth: pam
:api_username: saltuser
:api_password: saltpassword
Unfortunately, I didn’t solve it and been planing to redo it from scratch.
I’ve gone through the guide given by Bernhard, but that’s pretty much the same guide I used to deploy it (from the official page).
Finally solved it, the second exception happened because of missing :foreman_url: setting in /etc/foreman-proxy/settings.yml. I am now able to trigger salt state runs using the Foreman UI (BTW, i am using a foreman-proxy installed on my salt master).
it was both. The configuration issue occured because of the missing :foreman_url: in settings.yml, the dynflow callback then failed with an unintuitive error message <NoMethodError> undefined method '+' for nil:NilClass, found an old bug report mentioning the error message.
The other one seems to be a real bug (RuntimeError Settings for SmartProxySaltCore not initalized), i have configured everything according to the guides / manual but the error kept occuring. For the moment i have hardcoded the path in the code because i was not able to figure out how the settings loading for the foreman proxy works, need to dig deeper there. And yes, if it’s a real code error and i can solve it i can create a pull request.
Fine. Thank you. My colleague (@bastian-src) will be really interested in this issue and how to fix it. Maybe he can help after he’s back from vacation.