Foreman/Katello 3.2/4.4 update to 3.3/4.5 on AlmaLinux 8.6

tedevil · July 9, 2022, 3:56pm

Took the plunge and upgraded Foreman/Katello 3.2/4.4 to 3.3/4.5 on AlmaLinux 8.6 today and all went well. Just a few things I noticed and did compared to the documentation.
I ran this on both Foreman and Proxies:

dnf -y module enable foreman katello pulpcore

On Foreman server I just went:

dnf -y install https://yum.theforeman.org/releases/3.3/el8/x86_64/foreman-release.rpm
dnf -y install https://yum.theforeman.org/katello/4.5/katello/el8/x86_64/katello-repos-latest.rpm
dnf clean all
dnf -y update
foreman-maintain service stop
foreman-installer
reboot

Since my Proxies run offline using repos from Foreman, I started by adding new RPM-GPG-KEY keys for Foreman 3.3/Katello 4.5 and Pulpcore to Foreman and then create new repos for:

https://yum.theforeman.org/releases/3.3/el8/x86_64/
https://yum.theforeman.org/client/3.3/el8/x86_64/
https://yum.theforeman.org/plugins/3.3/el8/x86_64/
https://yum.theforeman.org/katello/4.5/katello/el8/x86_64/
https://yum.theforeman.org/pulpcore/3.18/el8/x86_64/
https://yum.theforeman.org/katello/4.5/candlepin/el8/x86_64/

and subscribe the proxies to them.
Run this on offline proxies and zero out any new .repo file in /etc/yum.repos.d/ (expect redhat.repo):

dnf -y update katello-repos foreman-release

After that I just went:

dnf clean all
dnf -y update
foreman-installer
reboot

I did not regenerate any certificates for the proxies.

gvde · July 9, 2022, 6:11pm

I do the update on my proxies usually the same way as the main server, i.e. update, stop services, run foreman-installer. Then everything is up again…

tedevil · July 9, 2022, 9:21pm

Since “foreman-maintain service stop” is not available on my proxies, how do you stop the services on the proxy?

[root@proxy ~]# foreman-maintain service stop
-bash: foreman-maintain: command not found

gvde · July 10, 2022, 4:28am

How did you install those proxies?

It should be in rubygem-foreman_maintain…

tedevil · July 10, 2022, 11:46am

They are installed as Katello content proxies with:

foreman-installer \
--scenario foreman-proxy-content \
--certs-tar-file                              "/root/smart-proxy_certs_proxy.tar" \
--foreman-proxy-register-in-foreman           "true" \
--foreman-proxy-foreman-base-url              "https://foreman.internal" \
--foreman-proxy-trusted-hosts                 "foreman.internal" \
--foreman-proxy-trusted-hosts                 "proxy.internal" \
--foreman-proxy-oauth-consumer-key            "XXXXXXXXXXXXXXXXXXX" \
--foreman-proxy-oauth-consumer-secret         "XXXXXXXXXXXXXXXXXXX" \
--foreman-proxy-plugin-ansible-manage-runner-repo "false" \
--enable-foreman-proxy-plugin-ansible \
--enable-foreman-proxy-plugin-openscap \
--enable-foreman-proxy-plugin-remote-execution-ssh \
--foreman-proxy-plugin-remote-execution-ssh-remote-working-dir /opt/fmrex

heyitsgary · July 11, 2022, 1:35pm

What is the foreman-installer option for updating the Foreman servers?

tedevil · July 11, 2022, 1:47pm

For updates you run foreman-installer without any options after updating the rpms, just like I wrote in the first post and also stated in the documentation.

heyitsgary · July 11, 2022, 1:53pm

Ok thanks. But that is just for the install correct?

I was thinking of ongoing updates, which is outlined in this doc but this is for Red Hat Satellite but it is listed in the Foreman docs.

https://docs.theforeman.org/2.4/Upgrading_and_Updating/index-katello.html#updating_satellite_server_to_next_minor_version

gvde · July 11, 2022, 4:11pm

I would recommend to always follow the “full update” instructions, even for minor version updates. There have been some minor updates which required database updates. Easiest way to do those is to run foreman-installer.

# dnf -y update
# foreman-maintain service stop
# foreman-installer

After that, everything should be up-to-date and running again.