No reports from Proxy

Hi

I have recently updated both our Foreman master and a seperate foreman
proxy to version 1.14. I have noticed though that the proxy no longer sends
reports to the master and gives the following error in messages:

May 5 09:51:43 foremanproxy puppet-master[3950]: Report processor failed:
Could not send report to Foreman at
https://foremanproxy.test.dmz/api/config_reports: Connection refused -
connect(2)
May 5 09:51:43 foremanproxy puppet-master[3950]:
["/usr/share/ruby/net/http.rb:878:in initialize'", "/usr/share/ruby/net/http.rb:878:inopen'",
"/usr/share/ruby/net/http.rb:878:in block in connect'", "/usr/share/ruby/timeout.rb:52:intimeout'",
"/usr/share/ruby/net/http.rb:877:in connect'", "/usr/share/ruby/net/http.rb:862:indo_start'",
"/usr/share/ruby/net/http.rb:851:in start'", "/usr/share/ruby/net/http.rb:1373:inrequest'",
"/usr/share/ruby/vendor_ruby/puppet/reports/foreman.rb:65:in process'", "/usr/share/ruby/vendor_ruby/puppet/indirector/report/processor.rb:37:inblock in process'",
"/usr/share/ruby/vendor_ruby/puppet/indirector/report/processor.rb:53:in
block in processors'", "/usr/share/ruby/vendor_ruby/puppet/indirector/report/processor.rb:51:ineach'",
"/usr/share/ruby/vendor_ruby/puppet/indirector/report/processor.rb:51:in
processors'", "/usr/share/ruby/vendor_ruby/puppet/indirector/report/processor.rb:30:inprocess'",
"/usr/share/ruby/vendor_ruby/puppet/indirector/report/processor.rb:14:in
save'", "/usr/share/ruby/vendor_ruby/puppet/indirector/indirection.rb:283:insave'", "/usr/share/ruby/vendor_ruby/puppet/network/http/api/v1.rb:160:in
do_save'", "/usr/share/ruby/vendor_ruby/puppet/network/http/api/v1.rb:50:inblock in
call'", "/usr/share/ruby/vendor_ruby/puppet/context.rb:64:in override'", "/usr/share/ruby/vendor_ruby/puppet.rb:246:inoverride'",
"/usr/share/ruby/vendor_ruby/puppet/network/http/api/v1.rb:49:in call'", "/usr/share/ruby/vendor_ruby/puppet/network/http/route.rb:82:inblock in
process'", "/usr/share/ruby/vendor_ruby/puppet/network/http/route.rb:81:in
each'", "/usr/share/ruby/vendor_ruby/puppet/network/http/route.rb:81:inprocess'",
"/usr/share/ruby/vendor_ruby/puppet/network/http/handler.rb:63:in block in process'", "/usr/share/ruby/vendor_ruby/puppet/util/profiler/around_profiler.rb:58:inprofile'", "/usr/share/ruby/vendor_ruby/puppet/util/profiler.rb:51:in
profile'", "/usr/share/ruby/vendor_ruby/puppet/network/http/handler.rb:61:inprocess'", "/usr/share/ruby/vendor_ruby/puppet/network/http/rack.rb:21:in
call'", "/usr/share/gems/gems/passenger-4.0.18/lib/phusion_passenger/rack/thread_handler_extension.rb:77:inprocess_request'",
"/usr/share/gems/gems/passenger-4.0.18/lib/phusion_passenger/request_handler/thread_handler.rb:140:in
accept_and_process_next_request'", "/usr/share/gems/gems/passenger-4.0.18/lib/phusion_passenger/request_handler/thread_handler.rb:108:inmain_loop'",
"/usr/share/gems/gems/passenger-4.0.18/lib/phusion_passenger/request_handler.rb:441:in
`block (3 levels) in start_threads'"]

Why is it sending the report to itself and not to the foreman master?

Also another slight issue - On the front end under infrastructure -->
smart proxies although all features for the seperate smart proxy are listed
as ok however under puppet --> environments I received the following error:

*Failure: ERF50-5345 [Foreman::WrappedException]: Unable to connect
([ProxyAPI::ProxyException]: ERF12-2749 [ProxyAPI::ProxyException]: Unable
to get environments from Puppet ([RestCli…)*I have checked the
permissions on the dirs under puppet/environments and they all seem to be
ok.

Any help would be appreciated!

> I have recently updated both our Foreman master and a seperate foreman
> proxy to version 1.14. I have noticed though that the proxy no longer
> sends reports to the master and gives the following error in messages:
>
> May 5 09:51:43 foremanproxy puppet-master[3950]: Report processor
> failed: Could not send report to Foreman at
> https://foremanproxy.test.dmz/api/config_reports: Connection refused -
> connect(2)
[…]
>
> Why is it sending the report to itself and not to the foreman master?

Check the value of :url in /etc/puppetlabs/puppet/foreman.yaml is
correct. This is the configuration file for the report processor and ENC.

> Also another slight issue - On the front end under infrastructure -->
> smart proxies although all features for the seperate smart proxy are
> listed as ok however under puppet --> environments I received the
> following error:
> *
> Failure: ERF50-5345 [Foreman::WrappedException]: Unable to connect
> ([ProxyAPI::ProxyException]: ERF12-2749 [ProxyAPI::ProxyException]:
> Unable to get environments from Puppet ([RestCli…)

The underlying part of the message (RestCli…) is truncated, check
/var/log/foreman/production.log for the whole message. It may indicate
an unusual HTTP response from the smart proxy, in which case,
check/reply with the smart proxy logs while performing the import again
to find the cause.

Thanks Dominic, the problem with reports is now fixed! The second issue
regarding enviroments however isn't. The message in the Production log is
also truncated however in the Smart proxy log i see this:

Failed to list puppet environments: SSL_connect returned=1 errno=0
state=SSLv3 read server session ticket A: sslv3 alert certificate revoked

This refers to the certificate used by the smart proxy to make API
requests to the Puppet Server, as configured in
/etc/foreman-proxy/settings.d/puppet_proxy_puppet_api.yml. As it says,
the certificate used is revoked.

If the certificate has been "cleaned" on the CA then this could be one
way in which it would be revoked. The certificate may need to be
regenerated with "puppet cert generate foremanproxy.test.dmz" and the
files replaced.