Missing data on host's "Last Report" column - Foreman 3.0

pyper · December 11, 2021, 2:26am

Hi Support,

I have an issue on host list in foreman where the last report is empty, is this normal on the new puppet plugin?
I don’t have any issue when I run puppet agent -t on the host but it is not showing to be reporting to foreman.

Problem: Missing Data in Host’s Last Report column

Expected outcome: Show Last report for the hosts/clients

Foreman and Proxy versions: foreman-3.0.1-1.el8.noarch

Foreman and Proxy plugin versions: rubygem-foreman_puppet-1.0.5-1.fm3_0.el8.noarch foreman-proxy-3.0.1-1.el8.noarch

Distribution and version: Rocky 8 (4.18.0-348.2.1.el8_5.x86_64)

Other relevant data:

VendettaMike · December 30, 2021, 10:22pm

Did you ever find out what was causing this? I’m not sure what’s going on with my system but looking at the puppetserver logs, I seem to be getting some SSL errors:

2021-12-30T14:19:08.353-08:00 WARN  [qtp1587726425-49] [c.p.p.ShellUtils] Executed an external process which logged to STDERR: During fact upload occured an exception: SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)
Serving cached ENC: Could not send facts to Foreman: SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)
...
2021-12-30T14:19:09.690-08:00 ERROR [qtp1587726425-51] [puppetserver] Puppet Report processor failed: Could not send report to Foreman at https://foreman.xxxx.com/api/config_reports: Received fatal alert: unknown_ca

I’m at a bit of a loss why this is happening as this is a fresh install. Maybe missed a config parameter during the install? I was originally getting failures on the puppet agent and re-ran the installer with a few different options which fixed that error but then this one above started. I may just do another fresh install.

lzap · January 4, 2022, 12:48pm

Might be something with puppet plugin: @ezr-ondrej

pyper · February 9, 2022, 4:58am

I re-intalled from scratch but I have the same result

pyper · February 22, 2022, 11:57pm

Hey @VendettaMike , did you find a solution?

VendettaMike · February 23, 2022, 7:08am

On my system, I was trying to install a 3.x version of Foreman/Katello/Puppet/PuppetCA/Proxy on one host. While this worked fine during the 2.x installs, it failed with the 3.x install as mentioned above. I tried numerous things some of which helped but never solved the issue entirely.

I had to add the last three install switches shown below to set the Foreman certs and keys in order for the agents to report in without an error being generated. I’ve been testing for a number of weeks now and running one DB host on the production side with no issues so far.

I don’t know what changed in the install process that these would be needed. Seems like it may have occurred when Puppet was removed from being installed by default.

foreman-installer \
--scenario katello \
--enable-foreman-plugin-puppet \
--enable-foreman-cli-puppet \
--enable-puppet \
--puppet-server true \
--puppet-server-ca true \
--enable-foreman-proxy \
--foreman-proxy-puppet true \
--foreman-proxy-content-puppet true \
--foreman-proxy-puppetca true \
--foreman-proxy-templates true \
--foreman-proxy-registration true \
--enable-foreman-plugin-remote-execution \
--enable-foreman-proxy-plugin-remote-execution-ssh \
--enable-foreman-proxy-plugin-reports \
--enable-foreman-plugin-host-reports \
--enable-foreman-plugin-setup \ 
--enable-foreman-plugin-puppetdb \
--foreman-initial-organization "My Org" \
--foreman-initial-location "My DC" \
--foreman-initial-admin-username admin \
--foreman-initial-admin-password admin \
--puppet-server-foreman-ssl-ca "/etc/pki/katello/puppet/puppet_client_ca.crt" \
--puppet-server-foreman-ssl-cert "/etc/pki/katello/puppet/puppet_client.crt" \
--puppet-server-foreman-ssl-key "/etc/pki/katello/puppet/puppet_client.key"

pyper · February 25, 2022, 3:07pm

Thanks @VendettaMike it’s working for me too!

VendettaMike · February 25, 2022, 10:51pm

Awesome @pyper. Glad it helped someone else out.

@lzap @ezr-ondrej - is this a setup issue or a Puppet plugin issue? Seems that before Puppet was a plugin, these were set correctly for the scenario described above (single server Foreman/Katello/Puppet/PuppetCA/Proxy) but are not correct for this scenario anymore.

Thanks!

scoggins · March 28, 2022, 12:44am

Thank you for this. I’ve been going around in circles for a week trying to work out why my Katello instance and Proxies wouldn’t allow me to enable the Puppet on the proxies. It looks like –enable-foreman-plugin-puppet was the key. I can’t find it documented at all in the --full-help output of foreman-installer but adding it seems to have fixed my issues.