Foreman-proxy and DNS (Bind)

Support
1

Hi,

I am fairly new to Puppet & foreman. Have recently got it all setup and
working, but I am having issues getting foreman-proxy to add\update\remove
any DNS entries.
I am also not able to find much documentation around setting this up.

All services are running on the same server (puppet, foreman, and smart
proxy). I have created a key and added it to both the foreman-proxy
settings and named.conf. However i am not even seeing any activity in the
logs to suggest it is even attempting to make an update.

Any help here would be much appreciated.

Thanks
Warren Clarke

2

Thanks for the quick reply Ohad. So i've updated the config now, and am
getting further, but now i'm getting the following error when creating a
new host:

log error:
D, [2012-03-22T12:25:15.282706 #31742] DEBUG – : Searching for free ip -
pinging 192.168.1.12
D, [2012-03-22T12:25:17.368461 #31742] DEBUG – : Found free ip
192.168.1.12 out of a total of 232 free ips
D, [2012-03-22T12:25:40.236708 #31742] DEBUG – : nsupdate connect
D, [2012-03-22T12:25:40.238544 #31742] DEBUG – : server localhost
D, [2012-03-22T12:25:40.238824 #31742] DEBUG – : dns_find
12.1.168.192.in-addr.arpa
E, [2012-03-22T12:25:40.300644 #31742] ERROR – : Address family not
supported by protocol - connect(2)

Any ideas why?

Thanks
W

··· On Thursday, March 22, 2012 8:10:34 AM UTC, wasbo wrote: > > Hi, > > I am fairly new to Puppet & foreman. Have recently got it all setup and > working, but I am having issues getting foreman-proxy to add\update\remove > any DNS entries. > I am also not able to find much documentation around setting this up. > > All services are running on the same server (puppet, foreman, and smart > proxy). I have created a key and added it to both the foreman-proxy > settings and named.conf. However i am not even seeing any activity in the > logs to suggest it is even attempting to make an update. > > Any help here would be much appreciated. > > Thanks > Warren Clarke >
3

So i found another lin that suggested changing the foreman-proxy settings
from local host to the ip v4 ip address. Now i'm getting the following:

Reverse DNS record for server01.local task failed with the following error:
Update errors: Answer:
;; ->>HEADER<<- opcode: UPDATE, status: SERVFAIL, id: 48103
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; ZONE SECTION:
;1.168.192.in-addr.arpa. IN SOA
;; TSIG PSEUDOSECTION:
foreman. 0 ANY TSIG hmac-md5 1332421413 300 16 NOERROR 0

Any ideas?

··· On Thursday, 22 March 2012 08:10:34 UTC, wasbo wrote: > > Hi, > > I am fairly new to Puppet & foreman. Have recently got it all setup and > working, but I am having issues getting foreman-proxy to add\update\remove > any DNS entries. > I am also not able to find much documentation around setting this up. > > All services are running on the same server (puppet, foreman, and smart > proxy). I have created a key and added it to both the foreman-proxy > settings and named.conf. However i am not even seeing any activity in the > logs to suggest it is even attempting to make an update. > > Any help here would be much appreciated. > > Thanks > Warren Clarke >
4

> Hi,
>
> I am fairly new to Puppet & foreman. Have recently got it all setup and
> working, but I am having issues getting foreman-proxy to add\update\remove
> any DNS entries.
> I am also not able to find much documentation around setting this up.
>
> All services are running on the same server (puppet, foreman, and smart
> proxy). I have created a key and added it to both the foreman-proxy settings
> and named.conf. However i am not even seeing any activity in the logs to
> suggest it is even attempting to make an update.
>
> Any help here would be much appreciated.

One option is that you didnt assign the proxy to the domain? (edit
your domain and select your dns proxy).

Ohad

··· On Thu, Mar 22, 2012 at 10:10 AM, wasbo wrote: > > Thanks > Warren Clarke > > -- > You received this message because you are subscribed to the Google Groups > "Foreman users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/foreman-users/-/GAt6lfllIdkJ. > To post to this group, send email to foreman-users@googlegroups.com. > To unsubscribe from this group, send email to > foreman-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/foreman-users?hl=en.
5

TSIG keys are irritating, I've had many problems with them. Before
going too far into diagnosing them, try changing your bind config to
"allow-update { localhost; };" and see if it works. If it does, you
have a key problem, and more troubleshooting can be done :slight_smile:

Greg

··· On 22 March 2012 13:11, wasbo wrote: > So i found another lin that suggested changing the foreman-proxy settings > from local host to the ip v4 ip address. Now i'm getting the following: > > foreman. 0 ANY TSIG hmac-md5 1332421413 300 16 NOERROR 0