Foreman 2.5.1 / Salt integration - SmartProxySaltCore not initalized

Support
,
1

Problem:
I’m having an issue integrating salt with Foreman. Both salt-master and foreman are on the same host.
Smart proxy is deployed and configured too. I can discover salt states on foreman, but no remote execution (state.highstate). Also, I can sign keys for minions.

Remote execution is failing with RuntimeError Settings for SmartProxySaltCore not initalized
proxy.log → 2021-07-06T13:06:57 e6cc7cdd [I] Started GET /dynflow/tasks/count state=running - Pastebin.com

/etc/salt/foreman.yml

---
:proto: https
:host: foreman.fqdn
:port: 443
# if using http with ssl certificates
:ssl_ca: "/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem"
:ssl_cert: "/etc/puppetlabs/puppet/ssl/private_keys/foreman.fqdn.pem"
:ssl_key: "/etc/puppetlabs/puppet/ssl/certs/foreman.fqdn.pem"
:timeout:  10
:salt:  /usr/bin/salt
:upload_grains:  true

/etc/foreman-proxy/settings.d/salt.yml

---
:enabled: true
:autosign_file: /etc/salt/autosign.conf
:salt_command_user: foreman-proxy
# Some features require using the Salt API - such as listing environments and retrieving state info
:use_api: true
:api_url: https://foreman.fqdn:9191
:api_auth: pam
:api_username: saltuser
:api_password: saltpassword

/etc/salt/master

....
autosign_file: /etc/salt/autosign.conf
publisher_acl:
  foreman-proxy:
    - .*
external_auth:
  pam:
    saltuser:
      - '@runner'

rest_cherrypy:
  port: 9191
  host: ds-foreman.example.com
  ssl_key: /etc/puppetlabs/puppet/ssl/private_keys/foreman.fqdn.pem
  ssl_crt: /etc/puppetlabs/puppet/ssl/certs/foreman.fqdn.pem
  debug: true

master_tops:
   ext_nodes: /usr/bin/foreman-node

ext_pillar:
   - puppet: /usr/bin/foreman-node
....

Foreman Version: 2.5.1-1
Foreman Proxy: 2.5.1-1
Salt-master: 3003.1+ds-1
Salt-api: 3003.1+ds-1

All setup on Ubuntu 20.04

I have followed the official guide → Foreman :: Plugin Manuals
Also, have enabled the remote-execution plugins.

I’m also stuck at this point as not sure what else I can try.

2

Hi,

is smart_proxy_salt_core installed?

You may have also a look at our salt guide: Salt Guide - orcharhino documentation

Best regards,
Bernhard

3

Hi Bernhard,
I believe it’s installed.
~# apt-cache policy ruby-smart-proxy-salt-core
ruby-smart-proxy-salt-core:
Installed: 0.0.3-1
Candidate: 0.0.3-1

I will check on the link you sent me too. Thanks.

Hristo

4

hmihov - did you solve your issue? I found this post searching the web because I have the same issue.

5

Unfortunately, I didn’t solve it and been planing to redo it from scratch.
I’ve gone through the guide given by Bernhard, but that’s pretty much the same guide I used to deploy it (from the official page).

Thanks,
Hristo

6

Do you run foreman on a debian machine?

7

Hi Bernhard,

Foreman is deployed on Debian based OS, yes. All setup was done on Ubuntu 20.04.

Thanks,
Hristo

8

I’ve got it on a Rocky Linux 8 machine getting the same errors

9

I have workarounded it by changing the line 42 in /usr/lib/ruby/vendor_ruby/smart_proxy_salt_core/salt_runner.rb to use a hardcoded value, e.g.

#saltfile_path = SmartProxySaltCore.settings[:saltfile]
# hardcoded, lookup of settings always fails
saltfile_path = '/etc/foreman-proxy/settings.d/salt.saltfile'

That helped for the first exception, but now i get the next errors… :rage:

2021-08-23T07:33:03 9692c718 [I] Finished POST /dynflow/tasks/launch with 200 (133.08 ms)
2021-08-23T07:33:11 9692c718 [E] <NoMethodError> undefined method `+' for nil:NilClass
        /usr/lib/ruby/vendor_ruby/smart_proxy_dynflow_core/callback.rb:60:in `callback_resource'
        /usr/lib/ruby/vendor_ruby/smart_proxy_dynflow_core/callback.rb:50:in `callback'
        /usr/lib/ruby/vendor_ruby/smart_proxy_dynflow_core/callback.rb:15:in `send_to_foreman_tasks'
        /usr/lib/ruby/vendor_ruby/smart_proxy_dynflow_core/callback.rb:71:in `run'
        /usr/lib/ruby/vendor_ruby/dynflow/action.rb:571:in `block (3 levels) in execute_run'
        /usr/lib/ruby/vendor_ruby/dynflow/middleware/stack.rb:27:in `pass'
        /usr/lib/ruby/vendor_ruby/dynflow/middleware.rb:19:in `pass'
        /usr/lib/ruby/vendor_ruby/dynflow/action/progress.rb:31:in `with_progress_calculation'
        /usr/lib/ruby/vendor_ruby/dynflow/action/progress.rb:17:in `run'
        /usr/lib/ruby/vendor_ruby/dynflow/middleware/stack.rb:23:in `call'
        /usr/lib/ruby/vendor_ruby/dynflow/middleware/stack.rb:27:in `pass'
        /usr/lib/ruby/vendor_ruby/dynflow/middleware.rb:19:in `pass'
...
10

Finally solved it, the second exception happened because of missing :foreman_url: setting in /etc/foreman-proxy/settings.yml. I am now able to trigger salt state runs using the Foreman UI (BTW, i am using a foreman-proxy installed on my salt master).

11

Was it a configuration issue or software failure? If second, can you create a PR to solve this?

12

it was both. The configuration issue occured because of the missing :foreman_url: in settings.yml, the dynflow callback then failed with an unintuitive error message <NoMethodError> undefined method '+' for nil:NilClass, found an old bug report mentioning the error message.

The other one seems to be a real bug (RuntimeError Settings for SmartProxySaltCore not initalized), i have configured everything according to the guides / manual but the error kept occuring. For the moment i have hardcoded the path in the code because i was not able to figure out how the settings loading for the foreman proxy works, need to dig deeper there. And yes, if it’s a real code error and i can solve it i can create a pull request.

13

Fine. Thank you. My colleague (@bastian-src) will be really interested in this issue and how to fix it. Maybe he can help after he’s back from vacation.