Hi, I’m Philip and I’m an absolute beginner. I’m trying to come to grips with Foreman/Katello and there’s one thing I would really like to achieve and that’s use of Ansible plugin in Foreman. I have read the documentation at: Foreman :: Plugin Manuals but I haven’t been able to make it work just yet.
I have Katello with Ansible installed and I attached a CentOS 7 node to it. I want to see the results of Ansible commands in my dashboard. I installed Ansible on my centOS host and edited ansible.cfg as per instructions, by adding callback_whitelist = foreman under [defaults] tag and a [callback foreman] section as seen in linked instructions at the end.
I ran a simple hello world ansible playbook and at first I got a warning about python requests module which I solved with yum install python-requests.
Now it says:
[WARNING]: FOREMAN_SSL_CERT /etc/foreman-proxy/ssl_cert.pem not found.
Disabling the Foreman callback plugin.
[WARNING]: FOREMAN_SSL_KEY /etc/foreman-proxy/ssl_key.pem not found. Disabling
the Foreman callback plugin.
Both, I have Katello with foreman_ansible plugin installed which I installed with foreman installer and I have ansible installed on hosts that are subscribed to the Katello host. (ansible-playbook playbook.yml works)
All three machines are CentOS 7. But to keep things simple I’ll differentiate them as “Katello” and “Centos7”. “Katello” is running Katello with an ansible plugin, “Centos7” is subscribed to it and trying to send him the playbook reports by callbacks.
I ran it from cli on the client machine, the “Centos7”. I simply made a HelloWorld.yml, executed the ansible-playbook HelloWorld.yml command.
Little update on the issue: I changed the url in ansible.cfg on “Centos7” to FQDN “katello.example.com” and put the ip address in the /etc/hosts file. I am not getting “/etc/foreman-proxy/ssl_cert.pem not found.” errors but rather “403 Forbidden”. I have authorized the content host by name in the Settings->Authentification tab in the Foreman dashboard web interface.
The docs don’t state it literally, but they guide you how to set things up for running Ansible from Foreman. By doing that, they make several assumptions, such as where certificates are located. Also note the docs are rather dated and the installer should set this up for you.
If you do the described steps on a different machine, then you have to obtain the needed certificates yourself somehow.
Running ansible from the client machines is not how it is intended to be used so you might end up in uncharted waters if you proceed in your current direction.
Without protocol? This way you might be sending the facts over HTTP so certificates are not in play I guess.
/var/log/foreman/production.log on katello machine should have more details.