I followed the instructions at https://access.redhat.com/solutions/2650071 to get setup a non-root user, added NOPASSWD for this user in the sudoers file, and copied the foreman-proxy public key over. I cloned the “Power Action – SSH Default” and the “Package Action –SSH Default” job templates by adding “sudo” in front of the shutdown and yum command respectively. I could reboot both a CentOS 6 and 7 client using Hosts – All Hosts – choose host - “schedule remote job” – Power Action. I could install an errata or update a package(s) on a CentOS 6 client “via remote execution – customize first” thru the GUI by going to Hosts – Content Hosts – choose client – Packages or Errata. I cannot install an errata or update a package on CentOS 7 clients thru the GUI using the same methods.
When I try to update a package on CentOS 7 it fails with:
Failed to initialize: RuntimeError - Failed rendering template: error during rendering: ERF18-8334 [InputTemplateRenderer::RenderError]: Unsupported or no operating system found for this host.
When I try to update an Errata on CentOS 7 it fails with:
Failed to initialize: RuntimeError - Failed rendering template: error during rendering: undefined method ‘#family’ for NilClass::Jail (NilClass)
The operating system column is empty for my CentOS7 client in Hosts – All Hosts and Hosts – Content Hosts. So I’m wondering if this is contributing to my problems.
I was able to update packages and install Errata thru the GUI on both CentOS 6 and 7 using the katello agent. I want to eventually be able to patch a server (or a group of servers) and reboot the server after, and my research shows you need remote execution to do this. The Katello client installation instructions also recommends using foreman remote execution rather than katello-agent.
My questions are:
How do I get the package or Errata update to work with CentOS7 clients thru the GUI using remote execution with sudo?
How do I get the patch with the reboot to work?
If I get this working with remote execution, then I don’t have to install the katello agent, correct?
first of all, you shouldn’t need to edit templates and add sudo in there. You should be able to set some parameters (globally, per-hostgroup or per-host) to make remote execution handle sudo usage for you. Specifically take a look at remote_execution_effective_user and remote_execution_ssh_user.
Yes, it definitely does. The template tries to check which OS is on the host to determine how to install the packages/erratas.
OS should get automagically assigned when puppet agent reports back (if you’re using puppet). If not, it should also get set by ansible’s callback if you run a playbook against the hosts.
Thanks for your response. I had the remote_execution_effective_user and remote_execution_ssh_user both set to rexuser. I changed the remote_execution_effective_user to root and now am able to use the default job template to reboot, and install patches/errata on CentOS 6.
I’m fairly new to foreman, so maybe I’m missing something in my setup. Per the Katello documentation, I installed subscription-manager and the katello-agent, then ran subscription-manager with an activation key to subscribe my clients. I don’t have puppet-agent running or Ansible setup on either the CentOS 6 or 7 client, yet the CentOS 6 client shows the operating system in the Content Hosts page, and I’m able to patch servers on the CentOS 6 client with remote execution. Did I miss a step?
Foreman has multiple fact providers. Puppet is the original one, but nowadays we can also consume them from others. Subscription-manager is one of them and likely the one providing it for you. If you go to the hosts page you search for facts there’s the provider column on the facts page which can tell you.
Are you talking about the “origin” column in Hosts -All Hosts - choose host - Facts? If so, it has the RedHat icon in it for everything, including the “distribution” facts id, version, and name, which is I’m assuming where the OS gets populated from.
[root@foreman foreman]# hammer fact list --search distribution