Foreman Proxy reports no supported features

Nathan_Peters · April 7, 2015, 11:17pm

I have a system with Foreman 1.7.4 installed and I'm trying to setup a
foreman proxy on an existing puppetmaster server on our network so it can
report back to foreman.

Here is the error I get when I try to save the proxy in the foreman webui :

Unable to save
No features found on this proxy, please make sure you enable at least one
feature

However, in /etc/foreman-proxy/settings.d on the puppetmaster I have

[root@puppetmaster settings.d]# cat puppet.yml

···

--- :enabled: true ---cut because of long length---

and in my /etc/foreman-proxy/settings.yml I have

[root@puppetmaster foreman-proxy]# cat settings.yml

#replace default location of “settings.d”
:settings_directory: /etc/foreman-proxy/settings.d

So I know that I am including the puppet file and puppet seems to be
enabled in that file.

Also

[root@cass2-msg-cpci1-van foreman-proxy]# service foreman-proxy status
foreman-proxy (pid 5780) is running…

I have tried rebooting the server and restarting the foreman-proxy service.

I have also tried connecting directly through a web browser to
http://10.21.29.83:8000/features and get a “DHCP Web Interface” with the
list of “Suported features” empty.

I’m a little confused now. According to the manual, all I have to do is
make sure that puppet: enabled is set and that foreman-proxy is running as
a service. Am I missing something obvious here ?

stbenjam · April 8, 2015, 2:25pm

> I have a system with Foreman 1.7.4 installed and I'm trying to setup a
> foreman proxy on an existing puppetmaster server on our network so it can
> report back to foreman.
>
> Here is the error I get when I try to save the proxy in the foreman webui :
>
> Unable to save
> No features found on this proxy, please make sure you enable at least one
> feature
>
>
> However, in /etc/foreman-proxy/settings.d on the puppetmaster I have
>
> [root@puppetmaster settings.d]# cat puppet.yml
> —
> :enabled: true
> —cut because of long length—
>
> and in my /etc/foreman-proxy/settings.yml I have
>
> [root@puppetmaster foreman-proxy]# cat settings.yml
> —
> #replace default location of "settings.d"
> :settings_directory: /etc/foreman-proxy/settings.d
>
> So I know that I am including the puppet file and puppet seems to be
> enabled in that file.
>
> Also
>
> [root@cass2-msg-cpci1-van foreman-proxy]# service foreman-proxy status
> foreman-proxy (pid 5780) is running…
>
>
> I have tried rebooting the server and restarting the foreman-proxy service.
>
> I have also tried connecting directly through a web browser to
> http://10.21.29.83:8000/features and get a "DHCP Web Interface" with the
> list of "Suported features" empty.
>
>
>
> I'm a little confused now. According to the manual, all I have to do is
> make sure that puppet: enabled is set and that foreman-proxy is running as
> a service. Am I missing something obvious here ?

This is perhaps a security thing that's not really well documented
"enabled: true" only turns on the default protocol for the feature.

Very few are HTTP or both by default (Templates proxy, for example,
needs to be HTTP). It's probably not a good idea to do this…but:

If you really want to do that, Set "enabled: http" instead and restart
foreman-proxy. I'd highly reccomend using "trusted_hosts" to limit
access to the proxy to only the foreman server as well.

···

On Tue, Apr 07, 2015 at 04:17:03PM -0700, Nathan Peters wrote:

–
You received this message because you are subscribed to the Google Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

–
Best Regards,

Stephen Benjamin
Red Hat Engineering

Nathan_Peters · April 8, 2015, 3:57pm

http was already enabled. That was not the problem.

Actually, it looks like a bug in the foreman proxy or a setting I did
wrong. I had setup a trusted host when I turned on http. When I turned on
the debugging logs, I found out that for some really strange reason, it was
trying to look for my puppet.yml file on the trusted host, not on the
localhost.

Here are the debug logs and the trusted host setting I used

#:trusted_hosts:

10.21.19.70

see how I forgot to uncomment trusted_hosts. This lead to the foreman
proxy for some reason looking for the settings files on that host IP.

W, [2015-04-07T23:21:20.224543 #5881] WARN – : Couldn't find settings
file 10.21.19.70/foreman_proxy.yml. Using default settings.
I, [2015-04-07T23:21:20.224902 #5881] INFO – : 'foreman_proxy' settings
were initialized with default values: :enabled: true
W, [2015-04-07T23:21:20.233648 #5881] WARN – : Couldn't find settings
file 10.21.19.70/facts.yml. Using default settings.
I, [2015-04-07T23:21:20.233897 #5881] INFO – : 'facts' module is disabled.
W, [2015-04-07T23:21:20.234070 #5881] WARN – : Couldn't find settings
file 10.21.19.70/dns.yml. Using default settings.
I, [2015-04-07T23:21:20.234311 #5881] INFO – : 'dns' module is disabled.
W, [2015-04-07T23:21:20.234430 #5881] WARN – : Couldn't find settings
file 10.21.19.70/templates.yml. Using default settings.
I, [2015-04-07T23:21:20.234538 #5881] INFO – : 'templates' module is
disabled.
W, [2015-04-07T23:21:20.234645 #5881] WARN – : Couldn't find settings
file 10.21.19.70/tftp.yml. Using default settings.
I, [2015-04-07T23:21:20.234808 #5881] INFO – : 'tftp' module is disabled.
W, [2015-04-07T23:21:20.234918 #5881] WARN – : Couldn't find settings
file 10.21.19.70/dhcp.yml. Using default settings.
I, [2015-04-07T23:21:20.235151 #5881] INFO – : 'dhcp' module is disabled.
W, [2015-04-07T23:21:20.235351 #5881] WARN – : Couldn't find settings
file 10.21.19.70/puppetca.yml. Using default settings.
I, [2015-04-07T23:21:20.235704 #5881] INFO – : 'puppetca' module is
disabled.
W, [2015-04-07T23:21:20.235916 #5881] WARN – : Couldn't find settings
file 10.21.19.70/puppet.yml. Using default settings.
I, [2015-04-07T23:21:20.236234 #5881] INFO – : 'puppet' module is
disabled.
W, [2015-04-07T23:21:20.236440 #5881] WARN – : Couldn't find settings
file 10.21.19.70/bmc.yml. Using default settings.
I, [2015-04-07T23:21:20.236644 #5881] INFO – : 'bmc' module is disabled.
W, [2015-04-07T23:21:20.236846 #5881] WARN – : Couldn't find settings
file 10.21.19.70/realm.yml. Using default settings.
I, [2015-04-07T23:21:20.237031 #5881] INFO – : 'realm' module is disabled.

But when I comment out my trusted host like this it works fine and grabs
the correct puppet settings and I was able to add the smart proxy.

#:trusted_hosts:
#- 10.21.19.70

or with both lines uncommented it also works properly.

:trusted_hosts:

10.21.19.70

stbenjam · April 8, 2015, 4:03pm

> http was already enabled. That was not the problem.

That's not what I meant.

You literally set the value on :enabled in puppet.yaml to http.

···

On Wed, Apr 08, 2015 at 08:57:57AM -0700, Nathan Peters wrote:

Actually, it looks like a bug in the foreman proxy or a setting I did
wrong. I had setup a trusted host when I turned on http. When I turned on
the debugging logs, I found out that for some really strange reason, it was
trying to look for my puppet.yml file on the trusted host, not on the
localhost.

Here are the debug logs and the trusted host setting I used

#:trusted_hosts:

10.21.19.70

see how I forgot to uncomment trusted_hosts. This lead to the foreman
proxy for some reason looking for the settings files on that host IP.

W, [2015-04-07T23:21:20.224543 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/foreman_proxy.yml. Using default settings.
I, [2015-04-07T23:21:20.224902 #5881] INFO – : ‘foreman_proxy’ settings
were initialized with default values: :enabled: true
W, [2015-04-07T23:21:20.233648 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/facts.yml. Using default settings.
I, [2015-04-07T23:21:20.233897 #5881] INFO – : ‘facts’ module is disabled.
W, [2015-04-07T23:21:20.234070 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/dns.yml. Using default settings.
I, [2015-04-07T23:21:20.234311 #5881] INFO – : ‘dns’ module is disabled.
W, [2015-04-07T23:21:20.234430 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/templates.yml. Using default settings.
I, [2015-04-07T23:21:20.234538 #5881] INFO – : ‘templates’ module is
disabled.
W, [2015-04-07T23:21:20.234645 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/tftp.yml. Using default settings.
I, [2015-04-07T23:21:20.234808 #5881] INFO – : ‘tftp’ module is disabled.
W, [2015-04-07T23:21:20.234918 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/dhcp.yml. Using default settings.
I, [2015-04-07T23:21:20.235151 #5881] INFO – : ‘dhcp’ module is disabled.
W, [2015-04-07T23:21:20.235351 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/puppetca.yml. Using default settings.
I, [2015-04-07T23:21:20.235704 #5881] INFO – : ‘puppetca’ module is
disabled.
W, [2015-04-07T23:21:20.235916 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/puppet.yml. Using default settings.
I, [2015-04-07T23:21:20.236234 #5881] INFO – : ‘puppet’ module is
disabled.
W, [2015-04-07T23:21:20.236440 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/bmc.yml. Using default settings.
I, [2015-04-07T23:21:20.236644 #5881] INFO – : ‘bmc’ module is disabled.
W, [2015-04-07T23:21:20.236846 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/realm.yml. Using default settings.
I, [2015-04-07T23:21:20.237031 #5881] INFO – : ‘realm’ module is disabled.

But when I comment out my trusted host like this it works fine and grabs
the correct puppet settings and I was able to add the smart proxy.

#:trusted_hosts:
#- 10.21.19.70

or with both lines uncommented it also works properly.

:trusted_hosts:

10.21.19.70

–
Best Regards,

Stephen Benjamin
Red Hat Engineering

stbenjam · April 8, 2015, 4:05pm

> > http was already enabled. That was not the problem.
>
> That's not what I meant.
>
> You literally set the value on :enabled in puppet.yaml to http.
>
> >
> > Actually, it looks like a bug in the foreman proxy or a setting I did
> > wrong. I had setup a trusted host when I turned on http. When I turned on
> > the debugging logs, I found out that for some really strange reason, it was
> > trying to look for my puppet.yml file on the trusted host, not on the
> > localhost.

Ah so this is Foreman 1.7 then?

The http setting I mentioned is a 1.8 thing anyway, but you will need to
set the value like I said when you upgrade otherwise the feature is
going to disappear.

···

On Wed, Apr 08, 2015 at 06:03:14PM +0200, Stephen Benjamin wrote: > On Wed, Apr 08, 2015 at 08:57:57AM -0700, Nathan Peters wrote:

Here are the debug logs and the trusted host setting I used

#:trusted_hosts:

10.21.19.70

see how I forgot to uncomment trusted_hosts. This lead to the foreman
proxy for some reason looking for the settings files on that host IP.

W, [2015-04-07T23:21:20.224543 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/foreman_proxy.yml. Using default settings.
I, [2015-04-07T23:21:20.224902 #5881] INFO – : ‘foreman_proxy’ settings
were initialized with default values: :enabled: true
W, [2015-04-07T23:21:20.233648 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/facts.yml. Using default settings.
I, [2015-04-07T23:21:20.233897 #5881] INFO – : ‘facts’ module is disabled.
W, [2015-04-07T23:21:20.234070 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/dns.yml. Using default settings.
I, [2015-04-07T23:21:20.234311 #5881] INFO – : ‘dns’ module is disabled.
W, [2015-04-07T23:21:20.234430 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/templates.yml. Using default settings.
I, [2015-04-07T23:21:20.234538 #5881] INFO – : ‘templates’ module is
disabled.
W, [2015-04-07T23:21:20.234645 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/tftp.yml. Using default settings.
I, [2015-04-07T23:21:20.234808 #5881] INFO – : ‘tftp’ module is disabled.
W, [2015-04-07T23:21:20.234918 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/dhcp.yml. Using default settings.
I, [2015-04-07T23:21:20.235151 #5881] INFO – : ‘dhcp’ module is disabled.
W, [2015-04-07T23:21:20.235351 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/puppetca.yml. Using default settings.
I, [2015-04-07T23:21:20.235704 #5881] INFO – : ‘puppetca’ module is
disabled.
W, [2015-04-07T23:21:20.235916 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/puppet.yml. Using default settings.
I, [2015-04-07T23:21:20.236234 #5881] INFO – : ‘puppet’ module is
disabled.
W, [2015-04-07T23:21:20.236440 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/bmc.yml. Using default settings.
I, [2015-04-07T23:21:20.236644 #5881] INFO – : ‘bmc’ module is disabled.
W, [2015-04-07T23:21:20.236846 #5881] WARN – : Couldn’t find settings
file 10.21.19.70/realm.yml. Using default settings.
I, [2015-04-07T23:21:20.237031 #5881] INFO – : ‘realm’ module is disabled.

But when I comment out my trusted host like this it works fine and grabs
the correct puppet settings and I was able to add the smart proxy.

#:trusted_hosts:
#- 10.21.19.70

or with both lines uncommented it also works properly.

:trusted_hosts:

10.21.19.70

–
Best Regards,

Stephen Benjamin
Red Hat Engineering

–
Best Regards,

Stephen Benjamin
Red Hat Engineering