I'm not quite sure I understand how to get foreman discovery working using
the katello installer.
There's options to specify the discovery kernel and the initrd image, but
the 2.0 and 2.1 downloads directory appears to contain tarfiles. The image
download fails by simply storing the HTTP404 response in the file names
specified. Is there a hidden option I don't know about which will take a
tarfile?
Skipping ahead, I've manually downloaded/untarred the latest images and
performed the edits to the PXELinux Global Default template specified here: https://github.com/theforeman/foreman_discovery. Now the target machine
PXEboots correctly, but cannot contact the capsule/smart proxy.
If I specify https://<myserver>:9090/, I get "ERROR --: No client SSL
certificate supplied." This causes an entry in the proxy log.
If I specify http://<myserver>:9090/, I get "connection reset". And
something about not being able to upload facts to foreman. This does not
cause an entry in the proxy log.
What is the correct way to configure the foreman discovery plugin in a
katello capsule server?
If installer can't download packages, it seems as a bug in installer to me. On
the other hand default values seems to work for me. You can always change the
url from which to download using --foreman-plugin-discovery-source-url.
If discovery image boots fine, it may be just wrong <myserver> url specified
in the PXELinux Global Default template. Make sure you have proxy.url kernel
parameter set correctly. If this is correct, some discovery gurus may help
more.
Hope this helps
···
--
Marek
On Thursday 05 of February 2015 19:11:21 Bryce L Nordgren wrote:
I’m not quite sure I understand how to get foreman discovery working using
the katello installer.
There’s options to specify the discovery kernel and the initrd image, but
the 2.0 and 2.1 downloads directory appears to contain tarfiles. The image
download fails by simply storing the HTTP404 response in the file names
specified. Is there a hidden option I don’t know about which will take a
tarfile?
Skipping ahead, I’ve manually downloaded/untarred the latest images and
performed the edits to the PXELinux Global Default template specified here: https://github.com/theforeman/foreman_discovery. Now the target machine
PXEboots correctly, but cannot contact the capsule/smart proxy.
If I specify https://:9090/, I get “ERROR --: No client SSL
certificate supplied.” This causes an entry in the proxy log.
If I specify http://:9090/, I get “connection reset”. And
something about not being able to upload facts to foreman. This does not
cause an entry in the proxy log.
What is the correct way to configure the foreman discovery plugin in a
katello capsule server?
From the looks of it, the images hosted on the foreman discovery site are
individually accessible for release 0.6 and previous, starting with release
2.0 and on the images are encapsulated within a tarball. The fundamental
problem appears to be that the installer options assume the images are
individually accessible, and not within a tarball. See http://downloads.theforeman.org/discovery/releases/
The https://<myserver> URL connects to my proxy/capsule, and produces the
SSL error message in the logs on the proxy. http://<myproxy> fails to
upload to foreman (connection reset, not "timed out"). This indicates to me
that the proxy/capsule is intended to exclusively interact with clients via
SSL and the root filesystem of the prebuilt foreman discovery image does
not possess a valid client SSL certificate. However, I'm new to this
constellation of software and I'm not sure how the pieces are intended to
fit together.
Let me know if there's another way. It certainly isn't configured correctly
out of the box.
I'd file an issue or two, but honestly it's not at all clear to me what
project/tracker to use.
···
On Fri, Feb 6, 2015 at 2:23 AM, Marek Hulan wrote:
Hello
If installer can’t download packages, it seems as a bug in installer to
me. On
the other hand default values seems to work for me. You can always change
the
url from which to download using --foreman-plugin-discovery-source-url.
If discovery image boots fine, it may be just wrong url
specified
in the PXELinux Global Default template. Make sure you have proxy.url
kernel
parameter set correctly. If this is correct, some discovery gurus may help
more.
Hope this helps
Marek
On Thursday 05 of February 2015 19:11:21 Bryce L Nordgren wrote:
I’m not quite sure I understand how to get foreman discovery working
using
the katello installer.
There’s options to specify the discovery kernel and the initrd image, but
the 2.0 and 2.1 downloads directory appears to contain tarfiles. The
image
download fails by simply storing the HTTP404 response in the file names
specified. Is there a hidden option I don’t know about which will take a
tarfile?
Skipping ahead, I’ve manually downloaded/untarred the latest images and
performed the edits to the PXELinux Global Default template specified
here: https://github.com/theforeman/foreman_discovery. Now the target machine
PXEboots correctly, but cannot contact the capsule/smart proxy.
If I specify https://:9090/, I get “ERROR --: No client SSL
certificate supplied.” This causes an entry in the proxy log.
If I specify http://:9090/, I get “connection reset”. And
something about not being able to upload facts to foreman. This does not
cause an entry in the proxy log.
What is the correct way to configure the foreman discovery plugin in a
katello capsule server?
To fix 1, I assume the installer would be required to issue a certificate
to the foreman discovery image, then install it in the image, then build
the image from scratch. Changes to the discovery-register code would also
be required.
At the very least, pointing at the foreman instance instead of the proxy
should be integrated into the process documented here: https://github.com/theforeman/foreman_discovery. Once the
discovery-register code has been fixed, a manual process for installing a
recognized certificate in the foreman discovery image could be added.
But again, I have no idea where to file any kind of bug, as this touches
four projects, at least two of which use this mailing list. Any advice?
···
On Fri, Feb 6, 2015 at 10:35 AM, Bryce L Nordgren wrote:
From the looks of it, the images hosted on the foreman discovery site are
individually accessible for release 0.6 and previous, starting with release
2.0 and on the images are encapsulated within a tarball. The fundamental
problem appears to be that the installer options assume the images are
individually accessible, and not within a tarball. See http://downloads.theforeman.org/discovery/releases/
The https:// URL connects to my proxy/capsule, and produces the
SSL error message in the logs on the proxy. http:// fails to
upload to foreman (connection reset, not “timed out”). This indicates to me
that the proxy/capsule is intended to exclusively interact with clients via
SSL and the root filesystem of the prebuilt foreman discovery image does
not possess a valid client SSL certificate. However, I’m new to this
constellation of software and I’m not sure how the pieces are intended to
fit together.
Let me know if there’s another way. It certainly isn’t configured
correctly out of the box.
I’d file an issue or two, but honestly it’s not at all clear to me what
project/tracker to use.
On Fri, Feb 6, 2015 at 2:23 AM, Marek Hulan mhulan@redhat.com wrote:
Hello
If installer can’t download packages, it seems as a bug in installer to
me. On
the other hand default values seems to work for me. You can always change
the
url from which to download using --foreman-plugin-discovery-source-url.
If discovery image boots fine, it may be just wrong url
specified
in the PXELinux Global Default template. Make sure you have proxy.url
kernel
parameter set correctly. If this is correct, some discovery gurus may help
more.
Hope this helps
Marek
On Thursday 05 of February 2015 19:11:21 Bryce L Nordgren wrote:
I’m not quite sure I understand how to get foreman discovery working
using
the katello installer.
There’s options to specify the discovery kernel and the initrd image,
but
the 2.0 and 2.1 downloads directory appears to contain tarfiles. The
image
download fails by simply storing the HTTP404 response in the file names
specified. Is there a hidden option I don’t know about which will take a
tarfile?
Skipping ahead, I’ve manually downloaded/untarred the latest images and
performed the edits to the PXELinux Global Default template specified
here: https://github.com/theforeman/foreman_discovery. Now the target machine
PXEboots correctly, but cannot contact the capsule/smart proxy.
If I specify https://:9090/, I get “ERROR --: No client SSL
certificate supplied.” This causes an entry in the proxy log.
If I specify http://:9090/, I get “connection reset”. And
something about not being able to upload facts to foreman. This does not
cause an entry in the proxy log.
What is the correct way to configure the foreman discovery plugin in a
katello capsule server?
> But again, I have no idea where to file any kind of bug, as this touches
> four projects, at least two of which use this mailing list. Any advice?
Hey,
you managed to hit the time window when Discovery 2.0 was not yet
released and documentation on the github page (README) was already
incorrect for the 2.0 RC2 version. We moved it, there was a pending
update for the README.
If you check the release notes, you will find that Discovery Image 2.0
is only compatible with Foreman 1.6 and 1.7 and there were changes in
the way discovery is configured via the kernel command line. By default
it talks via proxy, but this is shipped as "Technology Preview". You
need to configure it in "legacy" mode (proxy.type=foreman).
Read the whole document please, it explains it all, including the fact
why your installer won't download the image (it will only work for the
1.8 version of Foreman which is not yet released). The most important
part is the Upgrade section, but I recommend to read it all.
I hope it helps. Send me your comments on that, I can make some things
more clear in the document if necessary.