Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it can't find
packages.
Which would be because I've just turned off all services as asked to in the
instructions found here
https://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under "in place migration".
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.
I don't understand what I've done wrong - I am literally following the rule
book here, but it seems to trip at every step.
I read the logs, and discovered that there were only three files it
couldn't find because katello was stopped (this still amazes me - "stop
katello, then make foreman-installer get data from katello"???!!?!?! who
designed/wrote this?)
the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_something
So I found them on the file system and installed them successfully by hand.
I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppet
Now I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to ‘/etc/puppetlabs/puppet/ssl’: File
exists
Upgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed with the
same message.
Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually correct and
that the foreman-installer --upgrade-puppet service needs a "–skip-broken"
or "–skip-copy-data"
Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?
Cheers
L.
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it can’t
find packages.Which would be because I’ve just turned off all services as asked to in
the instructions found herehttps://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
Any solution ?
Same issues here the thing that is amazing the katello and foreman team
they are planning to no support anymore puppet 3 on 1.15 foreman but how we
are going to upgrade our current puppet 3 to 4 is ridiculous
Ok, I've found the itemized puppet upgrade instructions that are here:
Upgrading_from_Puppet_3_to_4
and the place where the doc'd process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states "Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl"
but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
either reference?
Skip it.
Go to next step, figuring we have little if any manual customisations, I do
step 2 and the first run give teh error
ERROR: Unrecognised option '–puppet-server-implementation'
remove it, get
ERROR: Unrecognised option '–reset-puppet-autosign'
remove it, get
ERROR: Unrecognised option '–reset-puppet-client-package'
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir'
ERROR: Unrecognised option '–reset-puppet-configtimeout'
ERROR: Unrecognised option '–reset-puppet-dir'
At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn't started but needs to be
started. The errors are now new errors, but the top error is the one that
we are warned about, so I run the command without the noop - I presume all
of these errors are related? See attached.
cheers
L.
katello_log_errors_nonoop.log (4.49 KB)
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com wrote:
I don’t understand what I’ve done wrong - I am literally following the
rule book here, but it seems to trip at every step.I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me - “stop
katello, then make foreman-installer get data from katello”???!!?!?! who
designed/wrote this?)the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully by hand.
I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to ‘/etc/puppetlabs/puppet/ssl’:
File existsUpgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed with the
same message.Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually correct and
that the foreman-installer --upgrade-puppet service needs a “–skip-broken”
or “–skip-copy-data”Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it can’t
find packages.Which would be because I’ve just turned off all services as asked to in
the instructions found herehttps://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
Hey,
I've successfully upgraded to puppet4 on my katello. In the process I've fixed, reported and worked around several issues. Feel free to check the PRs/discussions of these tickets:
http://projects.theforeman.org/issues/18123
http://projects.theforeman.org/issues/18129
http://projects.theforeman.org/issues/18131
http://projects.theforeman.org/issues/18132
After those workaround/fixes the upgrade katello 3.1.x to 3.2.3 worked for me including the puppet4 upgrade
if you encounter different issues create a bugreport and maybe even try to fix it and create a pull request 
Greetings
Klaas Demter
ATIX - The Linux & Open Source Company
www.atix.de
----- Ursprüngliche Mail -----
Any solution ?
Same issues here the thing that is amazing the katello and foreman team
they are planning to no support anymore puppet 3 on 1.15 foreman but how we
are going to upgrade our current puppet 3 to 4 is ridiculous
–
You received this message because you are subscribed to the Google Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Mario,
I'll be testing Klaas' offerings against a snapshot from last week. I'm
hoping it should just work - I'll let you know.
cheers
L.
On 15 February 2017 at 19:18, Mario Gamboa mario.gamboa@gmail.com wrote:
Any solution ?
Same issues here the thing that is amazing the katello and foreman team
they are planning to no support anymore puppet 3 on 1.15 foreman but how we
are going to upgrade our current puppet 3 to 4 is ridiculous–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
and now yum update on the katello server fails on a certificate problem?
[Errno 14] curl#35 - "Peer does not recognize and trust the CA that issued
your certificate."
On 13 February 2017 at 12:56, Lachlan Musicman datakid@gmail.com wrote:
Ok, I’ve found the itemized puppet upgrade instructions that are here:
http://projects.theforeman.org/projects/foreman/wiki/Upgradi
ng_from_Puppet_3_to_4and the place where the doc’d process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states “Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl”but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
either reference?Skip it.
Go to next step, figuring we have little if any manual customisations, I
do step 2 and the first run give teh errorERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs to be
started. The errors are now new errors, but the top error is the one that
we are warned about, so I run the command without the noop - I presume all
of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com wrote:
I don’t understand what I’ve done wrong - I am literally following the
rule book here, but it seems to trip at every step.I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me - “stop
katello, then make foreman-installer get data from katello”???!!?!?! who
designed/wrote this?)the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully by
hand.I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to ‘/etc/puppetlabs/puppet/ssl’:
File existsUpgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed with the
same message.Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually correct
and that the foreman-installer --upgrade-puppet service needs a
"–skip-broken" or “–skip-copy-data”Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it can’t
find packages.Which would be because I’ve just turned off all services as asked to in
the instructions found herehttps://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
> Ok, I've found the itemized puppet upgrade instructions that are here:
>
> About - Foreman
> Upgrading_from_Puppet_3_to_4
>
> and the place where the doc'd process fails. I start there.
>
> When I get to Step 1b. Environments, SSL and Apache; part 5 states "Update
> SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
> /etc/apache2/sites-available/05-foreman-ssl.conf, changing
> /var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl"
>
> but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
> either reference?
>
> Skip it.
>
> Go to next step, figuring we have little if any manual customisations, I do
> step 2 and the first run give teh error
I think all of these flags would be required and by removing them is why
you see all of the errors. In order to use them, I think you can by
appending --foreman to them, like:
–foreman-puppet-server-implementation
–foreman-reset-puppet-autosign
etc…
ERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs to be
started. The errors are now new errors, but the top error is the one that
we are warned about, so I run the command without the noop - I presume all
of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com wrote:
I don’t understand what I’ve done wrong - I am literally following the
rule book here, but it seems to trip at every step.I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me - “stop
katello, then make foreman-installer get data from katello”???!!?!?! who
designed/wrote this?)the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully by hand.
I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to ‘/etc/puppetlabs/puppet/ssl’:
File existsUpgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed with the
same message.Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually correct and
that the foreman-installer --upgrade-puppet service needs a "–skip-broken"
or “–skip-copy-data”Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it can’t
find packages.Which would be because I’ve just turned off all services as asked to in
the instructions found herehttps://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
–
You received this message because you are subscribed to the Google Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
[ERROR 2017-02-13 12:47:40 main] /Stage[main]/Certs/Privkey[/etc/pki/katello/private/katello-default-ca.key]: Could not evaluate: Execution of ‘/usr/bin/openssl rsa -in /root/ssl-build/katello-default-ca.key -out /root/ssl-build/katello-default-ca.key.tmp -passin file:/etc/pki/katello/private/katello-default-ca.pwd’ returned 1: unable to load Private Key
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:604:
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:483:
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/execution.rb:232:inexecute' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider/command.rb:23:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider.rb:221:inblock in has_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider.rb:422:inblock in create_class_and_instance_method’
[ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-base/modules/certs/lib/puppet/provider/privkey/katello_ssl_tool.rb:11:inexpected_content' [ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-base/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:178:inexists?’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property/ensure.rb:81:inretrieve' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type.rb:1070:inretrieve’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type.rb:1098:inretrieve_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:300:infrom_resource’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:20:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:230:inapply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:246:ineval_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:163:incall’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:163:inblock (2 levels) in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:386:inblock in thinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:inrealtime' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:385:inthinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:163:inblock in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:118:intraverse’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:154:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:222:inblock in apply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/log.rb:155:inwith_destination' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/report.rb:142:inas_logging_destination’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:221:inapply' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:171:inblock in apply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:223:inblock in benchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:inrealtime’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:222:inbenchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:170:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:343:inrun_internal' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:221:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:inoverride' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:195:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:350:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:274:inblock in main' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:inoverride' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:225:inmain’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:170:inrun_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:344:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:541:inexit_on_fail' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:344:inrun’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:132:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:72:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/bin/puppet:5:in `’
–
Daniel Lobato Garcia
@dLobatog
blog.daniellobato.me
daniellobato.me
GPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30
Keybase: https://keybase.io/elobato
Klaas,
Thank you for this, much appreciated. We have decided to revert back to
snapshot taken last week and try again - your notes will be very helpful.
One thing in particular that has us confused is 18131 "foreman-installer
–upgrade-puppet fails to set new paths for foreman-installer"
http://projects.theforeman.org/issues/18131
In particular a full workflow.
ie, after running
foreman-installer --upgrade-puppet
you ran the listed solution in your comment?
I read the details on the Foreman/Puppet upgrade page, which was
interesting for background:
http://projects.theforeman.org/projects/foreman/wiki/Upgrading_from_Puppet_3_to_4
and it includes a similar, but not the same, step.
I presumed that the upgrade instructions listed on the Katello 3.2 page
would list any extra steps that might need to be taken.
I'll report back/take notes on how I go.
Cheers
L.
On 15 February 2017 at 19:41, Klaas Demter demter@atix.de wrote:
Hey,
I’ve successfully upgraded to puppet4 on my katello. In the process I’ve
fixed, reported and worked around several issues. Feel free to check the
PRs/discussions of these tickets:
Bug #18123: Package conflict rubygem-multipart-post with EPEL7 - Packaging - Foreman
Bug #18129: qpidd connection error during upgrade-puppet - Katello - Foreman
Bug #18131: foreman-installer --upgrade-puppet fails to set new paths for foreman-installer - Katello - Foreman
Bug #18132: foreman-installer -v --scenario katello --noop deletes pulp.conf - Katello - ForemanAfter those workaround/fixes the upgrade katello 3.1.x to 3.2.3 worked for
me including the puppet4 upgradeif you encounter different issues create a bugreport and maybe even try to
fix it and create a pull requestGreetings
Klaas DemterATIX - The Linux & Open Source Company
www.atix.de----- Ursprüngliche Mail -----
Von: “Mario Gamboa” mario.gamboa@gmail.com
An: “Foreman users” foreman-users@googlegroups.com
Gesendet: Mittwoch, 15. Februar 2017 09:18:54
Betreff: [foreman-users] Re: Puppet upgrade from 3.x to 4.x failsAny solution ?
Same issues here the thing that is amazing the katello and foreman team
they are planning to no support anymore puppet 3 on 1.15 foreman but how we
are going to upgrade our current puppet 3 to 4 is ridiculous–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
I'm checking through the step 3 process. Looks like most things have been
done, with a few differences to the notes:
my installation had
master-var-dir to /opt/puppetlabs/server/data/puppetserver
same as the step above it, /opt/puppetlabs/server/data/puppetserver
I had to find the dir, because it wasn't in root - it ("foreman/tmp") was
in /var/lib/ (/var/lib/foreman/tmp/). Running the command didn't do
anything that I could see.
Everything looks ok, apart from some relatively minor issues. I currently
have 100% of servers out of sync. I presume that's connected to the ssl
error and the fact that when I go to Infrastructure->smart proxies->
puppetCA I'm down from 60 managed hosts to none.
cheers
L.
On 13 February 2017 at 13:03, Lachlan Musicman datakid@gmail.com wrote:
and now yum update on the katello server fails on a certificate problem?
[Errno 14] curl#35 - “Peer does not recognize and trust the CA that issued
your certificate.”
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 12:56, Lachlan Musicman datakid@gmail.com wrote:
Ok, I’ve found the itemized puppet upgrade instructions that are here:
http://projects.theforeman.org/projects/foreman/wiki/Upgradi
ng_from_Puppet_3_to_4and the place where the doc’d process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states “Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl”but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
either reference?Skip it.
Go to next step, figuring we have little if any manual customisations, I
do step 2 and the first run give teh errorERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs to be
started. The errors are now new errors, but the top error is the one that
we are warned about, so I run the command without the noop - I presume all
of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com wrote:
I don’t understand what I’ve done wrong - I am literally following the
rule book here, but it seems to trip at every step.I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me - “stop
katello, then make foreman-installer get data from katello”???!!?!?! who
designed/wrote this?)the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully by
hand.I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to ‘/etc/puppetlabs/puppet/ssl’:
File existsUpgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed with
the same message.Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually correct
and that the foreman-installer --upgrade-puppet service needs a
"–skip-broken" or “–skip-copy-data”Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com >>> wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it can’t
find packages.Which would be because I’ve just turned off all services as asked to in
the instructions found herehttps://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, “We’ve always done it
this way.”
- Grace Hopper
Hi,
'foreman-installer --upgrade-puppet' will take care of most of the things that are listed in foreman wiki. There are just some additional parameters that need to be changed.
For the workflow: I ran --upgrade-puppet and afterwards I ran foreman-installer again to reset answers to their "new" settings or change some that --upgrade-puppet didn't change. I'm not sure if my list is complete but it was sufficient for my foreman/katello usage.
My full workflow was something along these lines (including katello update from 3.1 to 3.2)
#Bug #17639: Upgrade fails if /var/lib/tfpboot/grub2 is not pre-created - Katello - Foreman
mkdir /var/lib/tftpboot/grub2
mkdir /var/lib/tftpboot/grub
chown -R foreman-proxy:foreman-proxy /var/lib/tftpboot
foreman-installer -v --scenario katello --upgrade
vim /usr/share/katello-installer-base/hooks/pre/31-upgrade-puppet.rb
vim /usr/share/katello-installer-base/modules/certs/manifests/candlepin.pp
rm /usr/share/katello-installer-base/hooks/pre/29-remove_package_httpd_conf.rb /usr/share/katello-installer-base/hooks/post/29-create_package_httpd_conf.rb
foreman-installer --upgrade-puppet
systemctl stop puppetserver
/usr/sbin/usermod -d /opt/puppetlabs/server/data/puppetserver puppet
systemctl start puppetserver
foreman-installer -v --scenario katello
–reset-foreman-proxy-puppetdir
–reset-foreman-proxy-puppetrun-cmd
–reset-foreman-proxy-puppetca-cmd
–reset-foreman-proxy-plugin-pulp-puppet-content-dir
–reset-foreman-puppet-home
–reset-foreman-puppet-ssldir
–reset-foreman-proxy-puppet-ssl-ca
–reset-foreman-proxy-puppet-ssl-cert
–reset-foreman-proxy-puppet-ssl-key
–foreman-proxy-puppetssh-command "/opt/puppetlabs/bin/puppet agent --onetime --no-usecacheonfailure --no-daemonize --no-splay"
–foreman-proxy-ssldir /etc/puppetlabs/puppet/ssl
I use theforeman-puppet for my configuration. After the puppet4 upgrade I had to add those additional parameters for my foreman server:
server_foreman_ssl_ca: "/etc/puppetlabs/puppet/ssl/ssl_ca.pem"
server_foreman_ssl_cert: "/etc/puppetlabs/puppet/ssl/client_cert.pem"
server_foreman_ssl_key: "/etc/puppetlabs/puppet/ssl/client_key.pem"
For my puppet capsules I chose not to upgrade them, I rather reinstalled them. I did run into more issues there but thats because I run pulp/puppet on different capsules rather than both on one capsule:
http://projects.theforeman.org/issues/17605
http://projects.theforeman.org/issues/18185
http://projects.theforeman.org/issues/18182
The pulp capsules just work after I applied Refactor #17605: Be a little more flexible on the 8GB requirement - Katello - Foreman
foreman-installer --scenario capsule --upgrade --capsule-certs-tar certs.tar --certs-update-all --certs-regenerate true --certs-deploy true
I think thats all
Greetings
Klaas Demter
ATIX - The Linux & Open Source Company
www.atix.de
----- Ursprüngliche Mail -----
Klaas,
Thank you for this, much appreciated. We have decided to revert back to
snapshot taken last week and try again - your notes will be very helpful.
One thing in particular that has us confused is 18131 “foreman-installer
–upgrade-puppet fails to set new paths for foreman-installer”
http://projects.theforeman.org/issues/18131
In particular a full workflow.
ie, after running
foreman-installer --upgrade-puppet
you ran the listed solution in your comment?
I read the details on the Foreman/Puppet upgrade page, which was
interesting for background:
http://projects.theforeman.org/projects/foreman/wiki/Upgrading_from_Puppet_3_to_4
and it includes a similar, but not the same, step.
I presumed that the upgrade instructions listed on the Katello 3.2 page
would list any extra steps that might need to be taken.
I’ll report back/take notes on how I go.
Cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
On 15 February 2017 at 19:41, Klaas Demter demter@atix.de wrote:
Hey,
I’ve successfully upgraded to puppet4 on my katello. In the process I’ve
fixed, reported and worked around several issues. Feel free to check the
PRs/discussions of these tickets:
Bug #18123: Package conflict rubygem-multipart-post with EPEL7 - Packaging - Foreman
Bug #18129: qpidd connection error during upgrade-puppet - Katello - Foreman
Bug #18131: foreman-installer --upgrade-puppet fails to set new paths for foreman-installer - Katello - Foreman
Bug #18132: foreman-installer -v --scenario katello --noop deletes pulp.conf - Katello - ForemanAfter those workaround/fixes the upgrade katello 3.1.x to 3.2.3 worked for
me including the puppet4 upgradeif you encounter different issues create a bugreport and maybe even try to
fix it and create a pull requestGreetings
Klaas DemterATIX - The Linux & Open Source Company
www.atix.de----- Ursprüngliche Mail -----
Von: “Mario Gamboa” mario.gamboa@gmail.com
An: “Foreman users” foreman-users@googlegroups.com
Gesendet: Mittwoch, 15. Februar 2017 09:18:54
Betreff: [foreman-users] Re: Puppet upgrade from 3.x to 4.x failsAny solution ?
Same issues here the thing that is amazing the katello and foreman team
they are planning to no support anymore puppet 3 on 1.15 foreman but how we
are going to upgrade our current puppet 3 to 4 is ridiculous–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
–
You received this message because you are subscribed to the Google Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Great - thanks all. VM snapshot from last week has been restored. We will
try again now.
cheers
L.
On 16 February 2017 at 22:06, Daniel Lobato Garcia elobatocs@gmail.com wrote:
On 02/13, Lachlan Musicman wrote:
Ok, I’ve found the itemized puppet upgrade instructions that are here:
About - Foreman
Upgrading_from_Puppet_3_to_4and the place where the doc’d process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states
"Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl"but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
either reference?Skip it.
Go to next step, figuring we have little if any manual customisations, I
do
step 2 and the first run give teh errorI think all of these flags would be required and by removing them is why
you see all of the errors. In order to use them, I think you can by
appending --foreman to them, like:–foreman-puppet-server-implementation
–foreman-reset-puppet-autosign
etc…ERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs to be
started. The errors are now new errors, but the top error is the one that
we are warned about, so I run the command without the noop - I presume
all
of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com > wrote:
I don’t understand what I’ve done wrong - I am literally following the
rule book here, but it seems to trip at every step.I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me - “stop
katello, then make foreman-installer get data from katello”???!!?!?!
whodesigned/wrote this?)
the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully by
hand.I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to ‘/etc/puppetlabs/puppet/ssl’:
File existsUpgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed with
thesame message.
Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually correct
andthat the foreman-installer --upgrade-puppet service needs a
"–skip-broken"or “–skip-copy-data”
Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, "We’ve always done it
thisway."
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com > wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it can’t
find packages.Which would be because I’ve just turned off all services as asked to
inthe instructions found here
https://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, "We’ve always done it
thisway."
- Grace Hopper
–
You received this message because you are subscribed to the Google
Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.[ERROR 2017-02-13 12:47:40 main] /Stage[main]/Certs/Privkey[/
etc/pki/katello/private/katello-default-ca.key]: Could not evaluate:
Execution of ‘/usr/bin/openssl rsa -in /root/ssl-build/katello-default-ca.key
-out /root/ssl-build/katello-default-ca.key.tmp -passin
file:/etc/pki/katello/private/katello-default-ca.pwd’ returned 1: unable
to load Private Key
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:06065064:digital
envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:604:
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:0906A065:PEM
routines:PEM_do_header:bad decrypt:pem_lib.c:483:
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/util/execution.rb:232:inexecute' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/provider/command.rb:23:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/provider.rb:221:inblock in has_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/provider.rb:422:inblock in
create_class_and_instance_method’
[ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-
base/modules/certs/lib/puppet/provider/privkey/katello_ssl_tool.rb:11:in
expected_content' [ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer- base/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:178:inexists?’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/property/ensure.rb:81:inretrieve' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/type.rb:1070:inretrieve’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/type.rb:1098:inretrieve_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/transaction/resource_harness.rb:300:infrom_resource’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/transaction/resource_harness.rb:20:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/transaction.rb:230:inapply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/transaction.rb:246:ineval_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/transaction.rb:163:incall’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/transaction.rb:163:inblock (2 levels) in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/util.rb:386:inblock in thinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in
realtime' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/util.rb:385:inthinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/transaction.rb:163:inblock in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/graph/relationship_graph.rb:118:intraverse’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/transaction.rb:154:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/resource/catalog.rb:222:inblock in apply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/util/log.rb:155:inwith_destination' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/transaction/report.rb:142:inas_logging_destination’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/resource/catalog.rb:221:inapply' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/configurer.rb:171:inblock in apply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/util.rb:223:inblock in benchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:inrealtime’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/util.rb:222:inbenchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/configurer.rb:170:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/configurer.rb:343:inrun_internal' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/configurer.rb:221:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/context.rb:65:inoverride' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet.rb:293:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/configurer.rb:195:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/application/apply.rb:350:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/application/apply.rb:274:inblock in main' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/context.rb:65:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet.rb:293:inoverride' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/application/apply.rb:225:inmain’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/application/apply.rb:170:inrun_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/application.rb:344:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/util.rb:541:inexit_on_fail' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/application.rb:344:inrun’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/
ruby/vendor_ruby/puppet/util/command_line.rb:132:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ ruby/vendor_ruby/puppet/util/command_line.rb:72:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/bin/puppet:5:in
`’–
Daniel Lobato Garcia@dLobatog
blog.daniellobato.me
daniellobato.meGPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30
Keybase: https://keybase.io/elobato–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Hmmm.
Certs continued to fail. I discovered that Candlepin wasn't starting. A
search took me to the Katello upgrade page.
So I ran foreman-installer --service katello --upgrade again.
It fails with:
Upgrade Step: remove_gutterball…
Upgrade Step: start_tomcat…
Redirecting to /bin/systemctl start tomcat.service
Some services failed to start: tomcat
● tomcat.service - Apache Tomcat Web Application Container
Loaded: loaded (/usr/lib/systemd/system/tomcat.service; enabled; vendor
preset: disabled)
Active: active (running) since Mon 2017-02-13 14:33:43 AEDT; 1min 55s ago
Main PID: 8278 (java)
CGroup: /system.slice/tomcat.service
└─8278 /usr/lib/jvm/jre/bin/java -classpath
/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
-Dcatalina.base=/usr/share/tomcat -Dcatalina.home=/usr/share/tomcat
-Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat/temp
-Djava.util.logging.config.file=/usr/share/tomcat/conf/logging.properties
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
org.apache.catalina.startup.Bootstrap start
Feb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public
org.candlepin.model.Persisted
org.candlepin.model.ProductCurator.create(org.candlepin.model.Persisted)]
is synthetic and is being intercepted by
[com.google.inject.persist.jpa.JpaLocalTxnInterceptor@3a8e0d80]. This could
indicate a bug. The method may be intercepted twice, or may not be
intercepted at all.
Feb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public
org.candlepin.model.Persisted
org.candlepin.model.ProductCurator.merge(org.candlepin.model.Persisted)] is
synthetic and is being intercepted by
[com.google.inject.persist.jpa.JpaLocalTxnInterceptor@3a8e0d80]. This could
indicate a bug. The method may be intercepted twice, or may not be
intercepted at all.
Feb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public void
org.candlepin.model.RulesCurator.delete(org.candlepin.model.Persisted)] is
synthetic and is being intercepted by
[com.google.inject.persist.jpa.JpaLocalTxnInterceptor@3a8e0d80]. This could
indicate a bug. The method may be intercepted twice, or may not be
intercepted at all.
Feb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public
org.candlepin.model.Persisted
org.candlepin.model.RulesCurator.create(org.candlepin.model.Persisted)] is
synthetic and is being intercepted by
[com.google.inject.persist.jpa.JpaLocalTxnInterceptor@3a8e0d80]. This could
indicate a bug. The method may be intercepted twice, or may not be
intercepted at all.
Feb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public void
org.candlepin.model.EntitlementCertificateCurator.delete(org.candlepin.model.Persisted)]
is synthetic and is being intercepted by
[com.google.inject.persist.jpa.JpaLocalTxnInterceptor@3a8e0d80]. This could
indicate a bug. The method may be intercepted twice, or may not be
intercepted at all.
…
I just wanted to update Puppet. I followed the instructions!
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
On 13 February 2017 at 13:56, Lachlan Musicman datakid@gmail.com wrote:
I’m checking through the step 3 process. Looks like most things have been
done, with a few differences to the notes:
- step 3a.3 edit /etc/puppetlabs/puppetserver/conf.d/puppetserver.conf
1. change master-var-dir to /opt/puppetlabs/puppet/cachemy installation had
master-var-dir to /opt/puppetlabs/server/data/puppetserver
- step 3b.1.2:puppetdir: /opt/puppetlabs/puppet/cache
same as the step above it, /opt/puppetlabs/server/data/puppetserver
- step 3.3c.3 “restart Foreman by running touch ~foreman/tmp/restart.txt”
I had to find the dir, because it wasn’t in root - it (“foreman/tmp”) was
in /var/lib/ (/var/lib/foreman/tmp/). Running the command didn’t do
anything that I could see.Everything looks ok, apart from some relatively minor issues. I currently
have 100% of servers out of sync. I presume that’s connected to the ssl
error and the fact that when I go to Infrastructure->smart proxies->
puppetCA I’m down from 60 managed hosts to none.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 13:03, Lachlan Musicman datakid@gmail.com wrote:
and now yum update on the katello server fails on a certificate problem?
[Errno 14] curl#35 - “Peer does not recognize and trust the CA that
issued your certificate.”
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 12:56, Lachlan Musicman datakid@gmail.com wrote:
Ok, I’ve found the itemized puppet upgrade instructions that are here:
http://projects.theforeman.org/projects/foreman/wiki/Upgradi
ng_from_Puppet_3_to_4and the place where the doc’d process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states “Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl”but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
either reference?Skip it.
Go to next step, figuring we have little if any manual customisations, I
do step 2 and the first run give teh errorERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs to
be started. The errors are now new errors, but the top error is the one
that we are warned about, so I run the command without the noop - I presume
all of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com >>> wrote:
I don’t understand what I’ve done wrong - I am literally following the
rule book here, but it seems to trip at every step.I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me - “stop
katello, then make foreman-installer get data from katello”???!!?!?! who
designed/wrote this?)the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully by
hand.I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to ‘/etc/puppetlabs/puppet/ssl’:
File existsUpgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed with
the same message.Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually correct
and that the foreman-installer --upgrade-puppet service needs a
"–skip-broken" or “–skip-copy-data”Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, “We’ve always done it
this way.”
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com >>>> wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it can’t
find packages.Which would be because I’ve just turned off all services as asked to
in the instructions found herehttps://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, “We’ve always done it
this way.”
- Grace Hopper
Daniel,
running the instructions as per the puppet upgrade page failed again.
On issue we kept running into was this, from
/var/log/foreman-installer/katello.log
[ERROR 2017-02-17 13:44:48 main] mv: cannot move ‘/var/lib/puppet/ssl’ to
‘/etc/puppetlabs/puppet/ssl’: File exists
[ERROR 2017-02-17 13:44:48 main] mv: cannot move
‘/var/lib/puppet/foreman_cache_data’ to
‘/opt/puppetlabs/puppet/cache/foreman_cache_data’: File exists
[ERROR 2017-02-17 13:44:48 main] Upgrade step copy_data failed. Check logs
for more information.
If you could point me to the log file that this message is talking about,
I'd appreciate that. Note that physically removing the offending files
doesn't seem to work - obviously there is some part of the
–foreman-installer --update-puppet execution that recreates them
Moving onto the next page, we start to do the whole thing by hand, as per
http://projects.theforeman.org/projects/foreman/wiki/Upgrading_from_Puppet_3_to_4
Again, Step 1a and 1b completes fine, except for 1b.5 again - this time we
did a grep on the whole of /etc/httpd/conf.d - there is no mention of
/var/lib/puppet/ssl in there at all
Moving onto Step 2, I ran the instructions with the changes you suggested -
adding --forman to some of the command line options.
ERROR: Unrecognised option '–foreman-puppet-server-implementation'
See: 'foreman-installer --help'
So I look at the help:
--capsule-puppet-server-implementation Puppet master implementation,
either "master" (traditional
And then if I do a grep on reset, none of these commands exist?
I tried noop with capsule-puppet-server-implementation=puppetserver with
both --foreman-reset-puppet-X (as per your recommendation) and
–reset-foreman-puppet-X (format in line with other options) and neither
worked - all died with "ERROR: Unrecognised option '–X-puppet-autosign'"
Any other pointers would be appreciated.
cheers
L.
On 17 February 2017 at 11:18, Lachlan Musicman datakid@gmail.com wrote:
Great - thanks all. VM snapshot from last week has been restored. We will
try again now.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 16 February 2017 at 22:06, Daniel Lobato Garcia elobatocs@gmail.com > wrote:
On 02/13, Lachlan Musicman wrote:
Ok, I’ve found the itemized puppet upgrade instructions that are here:
About - Foreman
Upgrading_from_Puppet_3_to_4and the place where the doc’d process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states
"Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl"but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
either reference?Skip it.
Go to next step, figuring we have little if any manual customisations,
I do
step 2 and the first run give teh errorI think all of these flags would be required and by removing them is why
you see all of the errors. In order to use them, I think you can by
appending --foreman to them, like:–foreman-puppet-server-implementation
–foreman-reset-puppet-autosign
etc…ERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs to
be
started. The errors are now new errors, but the top error is the one
that
we are warned about, so I run the command without the noop - I presume
all
of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com >> wrote:
I don’t understand what I’ve done wrong - I am literally following the
rule book here, but it seems to trip at every step.I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me -
"stopkatello, then make foreman-installer get data from katello"???!!?!?!
whodesigned/wrote this?)
the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully by
hand.I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to ‘/etc/puppetlabs/puppet/ssl’:
File existsUpgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed with
thesame message.
Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually
correct andthat the foreman-installer --upgrade-puppet service needs a
"–skip-broken"or “–skip-copy-data”
Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, "We’ve always done it
thisway."
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com >> wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it can’t
find packages.Which would be because I’ve just turned off all services as asked to
inthe instructions found here
https://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, "We’ve always done it
thisway."
- Grace Hopper
–
You received this message because you are subscribed to the Google
Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.[ERROR 2017-02-13 12:47:40 main] /Stage[main]/Certs/Privkey[/et
c/pki/katello/private/katello-default-ca.key]: Could not evaluate:
Execution of ‘/usr/bin/openssl rsa -in /root/ssl-build/katello-default-ca.key
-out /root/ssl-build/katello-default-ca.key.tmp -passin
file:/etc/pki/katello/private/katello-default-ca.pwd’ returned 1: unable
to load Private Key
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:06065064:digital
envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:604:
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:0906A065:PEM
routines:PEM_do_header:bad decrypt:pem_lib.c:483:
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/execution.rb:232:inexecute' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/provider/command.rb:23:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/provider.rb:221:inblock in has_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/provider.rb:422:inblock in
create_class_and_instance_method’
[ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-b
ase/modules/certs/lib/puppet/provider/privkey/katello_ssl_tool.rb:11:in
expected_content' [ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-b ase/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:178:inexists?’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/property/ensure.rb:81:inretrieve' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/type.rb:1070:inretrieve’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/type.rb:1098:inretrieve_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction/resource_harness.rb:300:infrom_resource’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction/resource_harness.rb:20:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction.rb:230:inapply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:246:ineval_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction.rb:163:incall’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:163:inblock (2 levels) in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util.rb:386:inblock in thinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in
realtime' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util.rb:385:inthinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:163:inblock in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/graph/relationship_graph.rb:118:intraverse’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:154:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/resource/catalog.rb:222:inblock in apply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/log.rb:155:inwith_destination' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction/report.rb:142:inas_logging_destination’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/resource/catalog.rb:221:inapply' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:171:inblock in apply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:223:inblock in benchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:inrealtime’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:222:inbenchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:170:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/configurer.rb:343:inrun_internal' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:221:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/context.rb:65:inoverride' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/configurer.rb:195:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application/apply.rb:350:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/application/apply.rb:274:inblock in main' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/context.rb:65:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:in
override' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application/apply.rb:225:inmain’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/application/apply.rb:170:inrun_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application.rb:344:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:541:inexit_on_fail' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application.rb:344:inrun’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/command_line.rb:132:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util/command_line.rb:72:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/bin/puppet:5:in
`’–
Daniel Lobato Garcia@dLobatog
blog.daniellobato.me
daniellobato.meGPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30
Keybase: https://keybase.io/elobato–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Neither candlepin nor pulp start.
logs show this?:
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - tlsv1 alert unknown ca
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - Traceback (most recent call last):
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File "/usr/lib/gofer/plugins/katelloplugin.py", line
201, in validate_registration
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - consumer = uep.getConsumer(consumer_id)
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File
"/usr/lib64/python2.7/site-packages/rhsm/connection.py", line 1064, in
getConsumer
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - return self.conn.request_get(method)
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File
"/usr/lib64/python2.7/site-packages/rhsm/connection.py", line 694, in
request_get
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - return self._request("GET", method)
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File
"/usr/lib64/python2.7/site-packages/rhsm/connection.py", line 584, in
_request
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - conn.request(request_type, handler, body=body,
headers=headers)
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File "/usr/lib64/python2.7/httplib.py", line 1017, in
request
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - self._send_request(method, url, body, headers)
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File "/usr/lib64/python2.7/httplib.py", line 1051, in
_send_request
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - self.endheaders(body)
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File "/usr/lib64/python2.7/httplib.py", line 1013, in
endheaders
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - self._send_output(message_body)
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File "/usr/lib64/python2.7/httplib.py", line 864, in
_send_output
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - self.send(msg)
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File "/usr/lib64/python2.7/httplib.py", line 826, in
send
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - self.connect()
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File
"/usr/lib64/python2.7/site-packages/rhsm/connection.py", line 250, in
connect
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - sock.connect((self.host, self.port))
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File
"/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.py", line 298,
in connect
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - ret = self.connect_ssl()
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - File
"/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.py", line 285,
in connect_ssl
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - return m2.ssl_connect(self.ssl, self._timeout)
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [ERROR][MainThread]
katelloplugin:208 - SSLError: tlsv1 alert unknown ca
Feb 13 16:25:21 vmpr-res-utils goferd[853]: [WARNING][MainThread]
katelloplugin:87 - tlsv1 alert unknown ca
Feb 13 16:25:44 vmpr-res-utils sshd[3685]: Connection closed by 127.0.0.1
[preauth]
On 13 February 2017 at 14:42, Lachlan Musicman datakid@gmail.com wrote:
Hmmm.
Certs continued to fail. I discovered that Candlepin wasn’t starting. A
search took me to the Katello upgrade page.So I ran foreman-installer --service katello --upgrade again.
It fails with:
Upgrade Step: remove_gutterball…
Upgrade Step: start_tomcat…
Redirecting to /bin/systemctl start tomcat.serviceSome services failed to start: tomcat
Upgrade step start_tomcat failed. Check logs for more information.
but systemctl tells me it’s fine - although there is some weird candlepin
output?● tomcat.service - Apache Tomcat Web Application Container
Loaded: loaded (/usr/lib/systemd/system/tomcat.service; enabled;
vendor preset: disabled)
Active: active (running) since Mon 2017-02-13 14:33:43 AEDT; 1min 55s
ago
Main PID: 8278 (java)
CGroup: /system.slice/tomcat.service
└─8278 /usr/lib/jvm/jre/bin/java -classpath
/usr/share/tomcat/bin/bootstrap.jar:/usr/share/
tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
-Dcatalina.base=/usr/share/tomcat -Dcatalina.home=/usr/share/tomcat
-Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat/temp
-Djava.util.logging.config.file=/usr/share/tomcat/conf/logging.properties
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
org.apache.catalina.startup.Bootstrap startFeb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public
org.candlepin.model.Persisted org.candlepin.model.
ProductCurator.create(org.candlepin.model.Persisted)] is synthetic and is
being intercepted by [com.google.inject.persist.
jpa.JpaLocalTxnInterceptor@3a8e0d80]. This could indicate a bug. The
method may be intercepted twice, or may not be intercepted at all.
Feb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public
org.candlepin.model.Persisted org.candlepin.model.
ProductCurator.merge(org.candlepin.model.Persisted)] is synthetic and is
being intercepted by [com.google.inject.persist.
jpa.JpaLocalTxnInterceptor@3a8e0d80]. This could indicate a bug. The
method may be intercepted twice, or may not be intercepted at all.
Feb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public void
org.candlepin.model.RulesCurator.delete(org.candlepin.model.Persisted)]
is synthetic and is being intercepted by [com.google.inject.persist.
jpa.JpaLocalTxnInterceptor@3a8e0d80]. This could indicate a bug. The
method may be intercepted twice, or may not be intercepted at all.
Feb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public
org.candlepin.model.Persisted org.candlepin.model.RulesCurator.create(org.candlepin.model.Persisted)]
is synthetic and is being intercepted by [com.google.inject.persist.
jpa.JpaLocalTxnInterceptor@3a8e0d80]. This could indicate a bug. The
method may be intercepted twice, or may not be intercepted at all.
Feb 13 14:33:46 vmpr-res-utils server[8278]: Feb 13, 2017 2:33:46 PM
com.google.inject.internal.ProxyFactory
Feb 13 14:33:46 vmpr-res-utils server[8278]: WARNING: Method [public void
org.candlepin.model.EntitlementCertificateCurator.
delete(org.candlepin.model.Persisted)] is synthetic and is being
intercepted by [com.google.inject.persist.jpa.JpaLocalTxnInterceptor@3a8e0d80].
This could indicate a bug. The method may be intercepted twice, or may not
be intercepted at all.…
I just wanted to update Puppet. I followed the instructions!
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 13:56, Lachlan Musicman datakid@gmail.com wrote:
I’m checking through the step 3 process. Looks like most things have been
done, with a few differences to the notes:
- step 3a.3 edit /etc/puppetlabs/puppetserver/conf.d/puppetserver.conf
1. change master-var-dir to /opt/puppetlabs/puppet/cachemy installation had
master-var-dir to /opt/puppetlabs/server/data/puppetserver
- step 3b.1.2:puppetdir: /opt/puppetlabs/puppet/cache
same as the step above it, /opt/puppetlabs/server/data/puppetserver
- step 3.3c.3 “restart Foreman by running touch ~foreman/tmp/restart.txt”
I had to find the dir, because it wasn’t in root - it (“foreman/tmp”) was
in /var/lib/ (/var/lib/foreman/tmp/). Running the command didn’t do
anything that I could see.Everything looks ok, apart from some relatively minor issues. I currently
have 100% of servers out of sync. I presume that’s connected to the ssl
error and the fact that when I go to Infrastructure->smart proxies->
puppetCA I’m down from 60 managed hosts to none.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 13:03, Lachlan Musicman datakid@gmail.com wrote:
and now yum update on the katello server fails on a certificate problem?
[Errno 14] curl#35 - “Peer does not recognize and trust the CA that
issued your certificate.”
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 13 February 2017 at 12:56, Lachlan Musicman datakid@gmail.com >>> wrote:
Ok, I’ve found the itemized puppet upgrade instructions that are here:
http://projects.theforeman.org/projects/foreman/wiki/Upgradi
ng_from_Puppet_3_to_4and the place where the doc’d process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states “Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl”but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
either reference?Skip it.
Go to next step, figuring we have little if any manual customisations,
I do step 2 and the first run give teh errorERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs to
be started. The errors are now new errors, but the top error is the one
that we are warned about, so I run the command without the noop - I presume
all of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it
this way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com >>>> wrote:
I don’t understand what I’ve done wrong - I am literally following the
rule book here, but it seems to trip at every step.I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me - “stop
katello, then make foreman-installer get data from katello”???!!?!?! who
designed/wrote this?)the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully by
hand.I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to ‘/etc/puppetlabs/puppet/ssl’:
File existsUpgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed with
the same message.Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually correct
and that the foreman-installer --upgrade-puppet service needs a
"–skip-broken" or “–skip-copy-data”Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, “We’ve always done it
this way.”
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com >>>>> wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it
can’t find packages.Which would be because I’ve just turned off all services as asked to
in the instructions found herehttps://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, “We’ve always done it
this way.”
- Grace Hopper
GOT IT.
GADDAM.
Edited
/usr/share/katello-installer-base/hooks/pre/31-upgrade-puppet.rb
commented out lines 21 and 22:
success << Kafo::Helpers.execute('mv /var/lib/puppet/ssl
/etc/puppetlabs/puppet') if File.directory?('/var/lib/puppet/ssl')
success << Kafo::Helpers.execute('mv /var/lib/puppet/foreman_cache_data
/opt/puppetlabs/puppet/cache/') if
File.directory?('/var/lib/puppet/foreman_cache_data')
did a diff on the two folders in both, made sure they were matching.
Ran foreman-installer --upgrade-puppet and it worked.
Un commented to two lines, ran Klass's 18131 bug solution after it, and
all worked fine.
cheers
L.
On 17 February 2017 at 14:54, Lachlan Musicman datakid@gmail.com wrote:
Daniel,
running the instructions as per the puppet upgrade page failed again.
On issue we kept running into was this, from /var/log/foreman-installer/
katello.log[ERROR 2017-02-17 13:44:48 main] mv: cannot move ‘/var/lib/puppet/ssl’ to
‘/etc/puppetlabs/puppet/ssl’: File exists
[ERROR 2017-02-17 13:44:48 main] mv: cannot move ‘/var/lib/puppet/foreman_cache_data’
to ‘/opt/puppetlabs/puppet/cache/foreman_cache_data’: File exists
[ERROR 2017-02-17 13:44:48 main] Upgrade step copy_data failed. Check logs
for more information.If you could point me to the log file that this message is talking about,
I’d appreciate that. Note that physically removing the offending files
doesn’t seem to work - obviously there is some part of the
–foreman-installer --update-puppet execution that recreates themMoving onto the next page, we start to do the whole thing by hand, as per
About - Foreman
Upgrading_from_Puppet_3_to_4Again, Step 1a and 1b completes fine, except for 1b.5 again - this time we
did a grep on the whole of /etc/httpd/conf.d - there is no mention of
/var/lib/puppet/ssl in there at allMoving onto Step 2, I ran the instructions with the changes you suggested
- adding --forman to some of the command line options.
ERROR: Unrecognised option ‘–foreman-puppet-server-implementation’
See: ‘foreman-installer --help’
So I look at the help:
foreman-installer --help | grep implementation
--capsule-puppet-server-implementation Puppet master implementation,either “master” (traditional
And then if I do a grep on reset, none of these commands exist?
I tried noop with capsule-puppet-server-implementation=puppetserver with
both --foreman-reset-puppet-X (as per your recommendation) and
–reset-foreman-puppet-X (format in line with other options) and neither
worked - all died with “ERROR: Unrecognised option ‘–X-puppet-autosign’”Any other pointers would be appreciated.
cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 17 February 2017 at 11:18, Lachlan Musicman datakid@gmail.com wrote:
Great - thanks all. VM snapshot from last week has been restored. We will
try again now.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 16 February 2017 at 22:06, Daniel Lobato Garcia elobatocs@gmail.com >> wrote:
On 02/13, Lachlan Musicman wrote:
Ok, I’ve found the itemized puppet upgrade instructions that are here:
About - Foreman
Upgrading_from_Puppet_3_to_4and the place where the doc’d process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states
"Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl"but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
either reference?Skip it.
Go to next step, figuring we have little if any manual customisations,
I do
step 2 and the first run give teh errorI think all of these flags would be required and by removing them is why
you see all of the errors. In order to use them, I think you can by
appending --foreman to them, like:–foreman-puppet-server-implementation
–foreman-reset-puppet-autosign
etc…ERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs to
be
started. The errors are now new errors, but the top error is the one
that
we are warned about, so I run the command without the noop - I presume
all
of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it
this
way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com >>> wrote:
I don’t understand what I’ve done wrong - I am literally following
therule book here, but it seems to trip at every step.
I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me -
"stopkatello, then make foreman-installer get data from katello"???!!?!?!
whodesigned/wrote this?)
the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully
by hand.I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to
‘/etc/puppetlabs/puppet/ssl’:File exists
Upgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed
with thesame message.
Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually
correct andthat the foreman-installer --upgrade-puppet service needs a
"–skip-broken"or “–skip-copy-data”
Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, "We’ve always done it
thisway."
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com >>> wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it
can’tfind packages.
Which would be because I’ve just turned off all services as asked
to inthe instructions found here
https://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, "We’ve always done it
thisway."
- Grace Hopper
–
You received this message because you are subscribed to the Google
Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.[ERROR 2017-02-13 12:47:40 main] /Stage[main]/Certs/Privkey[/et
c/pki/katello/private/katello-default-ca.key]: Could not evaluate:
Execution of ‘/usr/bin/openssl rsa -in /root/ssl-build/katello-default-ca.key
-out /root/ssl-build/katello-default-ca.key.tmp -passin
file:/etc/pki/katello/private/katello-default-ca.pwd’ returned 1:
unable to load Private Key
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:06065064:digital
envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:604:
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:0906A065:PEM
routines:PEM_do_header:bad decrypt:pem_lib.c:483:
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/execution.rb:232:inexecute' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/provider/command.rb:23:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/provider.rb:221:inblock in has_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/provider.rb:422:inblock in
create_class_and_instance_method’
[ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-b
ase/modules/certs/lib/puppet/provider/privkey/katello_ssl_tool.rb:11:in
expected_content' [ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-b ase/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:178:inexists?’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/property/ensure.rb:81:inretrieve' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/type.rb:1070:inretrieve’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/type.rb:1098:inretrieve_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction/resource_harness.rb:300:infrom_resource’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction/resource_harness.rb:20:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction.rb:230:inapply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:246:ineval_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction.rb:163:incall’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:163:inblock (2 levels) in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util.rb:386:inblock in thinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in
realtime' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util.rb:385:inthinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:163:inblock in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/graph/relationship_graph.rb:118:intraverse’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:154:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/resource/catalog.rb:222:inblock in apply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/log.rb:155:inwith_destination' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction/report.rb:142:inas_logging_destination’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/resource/catalog.rb:221:inapply' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:171:inblock in apply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:223:inblock in benchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:inrealtime’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:222:inbenchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:170:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/configurer.rb:343:inrun_internal' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:221:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/context.rb:65:inoverride' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/configurer.rb:195:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application/apply.rb:350:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/application/apply.rb:274:inblock in main' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/context.rb:65:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:in
override' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application/apply.rb:225:inmain’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/application/apply.rb:170:inrun_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application.rb:344:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:541:inexit_on_fail' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application.rb:344:inrun’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/command_line.rb:132:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util/command_line.rb:72:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/bin/puppet:5:in
`’–
Daniel Lobato Garcia@dLobatog
blog.daniellobato.me
daniellobato.meGPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30
Keybase: https://keybase.io/elobato–
You received this message because you are subscribed to the Google
Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Could you please file a bug report with this information including your fix
or add it to an existing report so that we can look at getting this fixed
in the upcoming 3.3 release?
Thanks
Eric
GOT IT.
GADDAM.
Edited
/usr/share/katello-installer-base/hooks/pre/31-upgrade-puppet.rb
commented out lines 21 and 22:
success << Kafo::Helpers.execute(‘mv /var/lib/puppet/ssl
/etc/puppetlabs/puppet’) if File.directory?(’/var/lib/puppet/ssl’)
success << Kafo::Helpers.execute(‘mv /var/lib/puppet/foreman_cache_data
/opt/puppetlabs/puppet/cache/’) if File.directory?(’/var/lib/
puppet/foreman_cache_data’)
did a diff on the two folders in both, made sure they were matching.
Ran foreman-installer --upgrade-puppet and it worked.
Un commented to two lines, ran Klass’s 18131 bug solution after it, and
all worked fine.
cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
On 17 February 2017 at 14:54, Lachlan Musicman datakid@gmail.com wrote:
Daniel,
running the instructions as per the puppet upgrade page failed again.
On issue we kept running into was this, from /var/log/foreman-installer/kat
ello.log[ERROR 2017-02-17 13:44:48 main] mv: cannot move ‘/var/lib/puppet/ssl’ to
‘/etc/puppetlabs/puppet/ssl’: File exists
[ERROR 2017-02-17 13:44:48 main] mv: cannot move
‘/var/lib/puppet/foreman_cache_data’ to ‘/opt/puppetlabs/puppet/cache/foreman_cache_data’:
File exists
[ERROR 2017-02-17 13:44:48 main] Upgrade step copy_data failed. Check logs
for more information.If you could point me to the log file that this message is talking about,
I’d appreciate that. Note that physically removing the offending files
doesn’t seem to work - obviously there is some part of the
–foreman-installer --update-puppet execution that recreates themMoving onto the next page, we start to do the whole thing by hand, as per
http://projects.theforeman.org/projects/foreman/wiki/Upgradi
ng_from_Puppet_3_to_4Again, Step 1a and 1b completes fine, except for 1b.5 again - this time we
did a grep on the whole of /etc/httpd/conf.d - there is no mention of
/var/lib/puppet/ssl in there at allMoving onto Step 2, I ran the instructions with the changes you suggested
- adding --forman to some of the command line options.
ERROR: Unrecognised option ‘–foreman-puppet-server-implementation’
See: ‘foreman-installer --help’
So I look at the help:
foreman-installer --help | grep implementation
--capsule-puppet-server-implementation Puppet master implementation,either “master” (traditional
And then if I do a grep on reset, none of these commands exist?
I tried noop with capsule-puppet-server-implementation=puppetserver with
both --foreman-reset-puppet-X (as per your recommendation) and
–reset-foreman-puppet-X (format in line with other options) and neither
worked - all died with “ERROR: Unrecognised option ‘–X-puppet-autosign’”Any other pointers would be appreciated.
cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 17 February 2017 at 11:18, Lachlan Musicman datakid@gmail.com wrote:
Great - thanks all. VM snapshot from last week has been restored. We will
try again now.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 16 February 2017 at 22:06, Daniel Lobato Garcia elobatocs@gmail.com >> wrote:
On 02/13, Lachlan Musicman wrote:
Ok, I’ve found the itemized puppet upgrade instructions that are here:
About - Foreman
Upgrading_from_Puppet_3_to_4and the place where the doc’d process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states
"Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl"but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference to
either reference?Skip it.
Go to next step, figuring we have little if any manual customisations,
I do
step 2 and the first run give teh errorI think all of these flags would be required and by removing them is why
you see all of the errors. In order to use them, I think you can by
appending --foreman to them, like:–foreman-puppet-server-implementation
–foreman-reset-puppet-autosign
etc…ERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs to
be
started. The errors are now new errors, but the top error is the one
that
we are warned about, so I run the command without the noop - I presume
all
of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it
this
way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com >>> wrote:
I don’t understand what I’ve done wrong - I am literally following
therule book here, but it seems to trip at every step.
I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me -
"stopkatello, then make foreman-installer get data from katello"???!!?!?!
whodesigned/wrote this?)
the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully
by hand.I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to
‘/etc/puppetlabs/puppet/ssl’:File exists
Upgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed
with thesame message.
Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually
correct andthat the foreman-installer --upgrade-puppet service needs a
"–skip-broken"or “–skip-copy-data”
Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, "We’ve always done it
thisway."
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com >>> wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it
can’tfind packages.
Which would be because I’ve just turned off all services as asked
to inthe instructions found here
https://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this issue?
cheers
L.The most dangerous phrase in the language is, "We’ve always done it
thisway."
- Grace Hopper
–
You received this message because you are subscribed to the Google
Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.[ERROR 2017-02-13 12:47:40 main] /Stage[main]/Certs/Privkey[/et
c/pki/katello/private/katello-default-ca.key]: Could not evaluate:
Execution of ‘/usr/bin/openssl rsa -in /root/ssl-build/katello-default-ca.key
-out /root/ssl-build/katello-default-ca.key.tmp -passin
file:/etc/pki/katello/private/katello-default-ca.pwd’ returned 1:
unable to load Private Key
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:06065064:digital
envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:604:
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:0906A065:PEM
routines:PEM_do_header:bad decrypt:pem_lib.c:483:
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/execution.rb:232:inexecute' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/provider/command.rb:23:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/provider.rb:221:inblock in has_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/provider.rb:422:inblock in
create_class_and_instance_method’
[ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-b
ase/modules/certs/lib/puppet/provider/privkey/katello_ssl_tool.rb:11:in
expected_content' [ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-b ase/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:178:inexists?’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/property/ensure.rb:81:inretrieve' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/type.rb:1070:inretrieve’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/type.rb:1098:inretrieve_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction/resource_harness.rb:300:infrom_resource’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction/resource_harness.rb:20:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction.rb:230:inapply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:246:ineval_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction.rb:163:incall’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:163:inblock (2 levels) in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util.rb:386:inblock in thinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in
realtime' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util.rb:385:inthinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:163:inblock in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/graph/relationship_graph.rb:118:intraverse’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:154:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/resource/catalog.rb:222:inblock in apply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/log.rb:155:inwith_destination' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction/report.rb:142:inas_logging_destination’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/resource/catalog.rb:221:inapply' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:171:inblock in apply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:223:inblock in benchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:inrealtime’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:222:inbenchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:170:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/configurer.rb:343:inrun_internal' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:221:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/context.rb:65:inoverride' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/configurer.rb:195:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application/apply.rb:350:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/application/apply.rb:274:inblock in main' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/context.rb:65:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:in
override' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application/apply.rb:225:inmain’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/application/apply.rb:170:inrun_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application.rb:344:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:541:inexit_on_fail' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application.rb:344:inrun’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/command_line.rb:132:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util/command_line.rb:72:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/bin/puppet:5:in
`’–
Daniel Lobato Garcia@dLobatog
blog.daniellobato.me
daniellobato.meGPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30
Keybase: https://keybase.io/elobato–
You received this message because you are subscribed to the Google
Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to foreman-users+unsubscribe@googlegroups.com.
To post to th
It was the first thing I did after sending that email.
http://projects.theforeman.org/issues/18548
Let me know if you need any more information.
cheers
L.
On 18 February 2017 at 13:44, Eric D Helms eric.d.helms@gmail.com wrote:
Could you please file a bug report with this information including your
fix or add it to an existing report so that we can look at getting this
fixed in the upcoming 3.3 release?Thanks
EricOn Feb 16, 2017 11:58 PM, “Lachlan Musicman” datakid@gmail.com wrote:
GOT IT.
GADDAM.
Edited
/usr/share/katello-installer-base/hooks/pre/31-upgrade-puppet.rb
commented out lines 21 and 22:
success << Kafo::Helpers.execute(‘mv /var/lib/puppet/ssl
/etc/puppetlabs/puppet’) if File.directory?(’/var/lib/puppet/ssl’)
success << Kafo::Helpers.execute(‘mv /var/lib/puppet/foreman_cache_data
/opt/puppetlabs/puppet/cache/’) if File.directory?(’/var/lib/pupp
et/foreman_cache_data’)did a diff on the two folders in both, made sure they were matching.
Ran foreman-installer --upgrade-puppet and it worked.
Un commented to two lines, ran Klass’s 18131 bug solution after it, and
all worked fine.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 17 February 2017 at 14:54, Lachlan Musicman datakid@gmail.com wrote:
Daniel,
running the instructions as per the puppet upgrade page failed again.
On issue we kept running into was this, from
/var/log/foreman-installer/katello.log[ERROR 2017-02-17 13:44:48 main] mv: cannot move ‘/var/lib/puppet/ssl’ to
‘/etc/puppetlabs/puppet/ssl’: File exists
[ERROR 2017-02-17 13:44:48 main] mv: cannot move
‘/var/lib/puppet/foreman_cache_data’ to ‘/opt/puppetlabs/puppet/cache/foreman_cache_data’:
File exists
[ERROR 2017-02-17 13:44:48 main] Upgrade step copy_data failed. Check
logs for more information.If you could point me to the log file that this message is talking about,
I’d appreciate that. Note that physically removing the offending files
doesn’t seem to work - obviously there is some part of the
–foreman-installer --update-puppet execution that recreates themMoving onto the next page, we start to do the whole thing by hand, as per
http://projects.theforeman.org/projects/foreman/wiki/Upgradi
ng_from_Puppet_3_to_4Again, Step 1a and 1b completes fine, except for 1b.5 again - this time
we did a grep on the whole of /etc/httpd/conf.d - there is no mention of
/var/lib/puppet/ssl in there at allMoving onto Step 2, I ran the instructions with the changes you suggested
- adding --forman to some of the command line options.
ERROR: Unrecognised option ‘–foreman-puppet-server-implementation’
See: ‘foreman-installer --help’
So I look at the help:
foreman-installer --help | grep implementation
--capsule-puppet-server-implementation Puppet masterimplementation, either “master” (traditional
And then if I do a grep on reset, none of these commands exist?
I tried noop with capsule-puppet-server-implementation=puppetserver with
both --foreman-reset-puppet-X (as per your recommendation) and
–reset-foreman-puppet-X (format in line with other options) and neither
worked - all died with “ERROR: Unrecognised option ‘–X-puppet-autosign’”Any other pointers would be appreciated.
cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 17 February 2017 at 11:18, Lachlan Musicman datakid@gmail.com wrote:
Great - thanks all. VM snapshot from last week has been restored. We
will try again now.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it this
way.”
- Grace Hopper
On 16 February 2017 at 22:06, Daniel Lobato Garcia elobatocs@gmail.com >>> wrote:
On 02/13, Lachlan Musicman wrote:
Ok, I’ve found the itemized puppet upgrade instructions that are here:
About - Foreman
Upgrading_from_Puppet_3_to_4and the place where the doc’d process fails. I start there.
When I get to Step 1b. Environments, SSL and Apache; part 5 states
"Update
SSL paths in /etc/httpd/conf.d/05-foreman-ssl.conf or
/etc/apache2/sites-available/05-foreman-ssl.conf, changing
/var/lib/puppet/ssl to /etc/puppetlabs/puppet/ssl"but our /etc/httpd/conf.d/05-foreman-ssl.conf contains no reference
to
either reference?Skip it.
Go to next step, figuring we have little if any manual
customisations, I do
step 2 and the first run give teh errorI think all of these flags would be required and by removing them is why
you see all of the errors. In order to use them, I think you can by
appending --foreman to them, like:–foreman-puppet-server-implementation
–foreman-reset-puppet-autosign
etc…ERROR: Unrecognised option ‘–puppet-server-implementation’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-autosign’
remove it, get
ERROR: Unrecognised option ‘–reset-puppet-client-package’
(repeat for )…
ERROR: Unrecognised option '–reset-puppet-codedir’
ERROR: Unrecognised option '–reset-puppet-configtimeout’
ERROR: Unrecognised option ‘–reset-puppet-dir’At this point I remove all --reset-puppet directives and hope.
There are errors. Oh, there it is, postgres isn’t started but needs
to be
started. The errors are now new errors, but the top error is the one
that
we are warned about, so I run the command without the noop - I
presume all
of these errors are related? See attached.cheers
L.
The most dangerous phrase in the language is, “We’ve always done it
this
way.”
- Grace Hopper
On 13 February 2017 at 11:28, Lachlan Musicman datakid@gmail.com >>>> wrote:
I don’t understand what I’ve done wrong - I am literally following
therule book here, but it seems to trip at every step.
I read the logs, and discovered that there were only three files it
couldn’t find because katello was stopped (this still amazes me -
"stopkatello, then make foreman-installer get data from
katello"???!!?!?! whodesigned/wrote this?)
the files were:
java-1.8.0-something_something
puppet-agent-1.9.0-something-something
puppetserver-2.7.2-something_somethingSo I found them on the file system and installed them successfully
by hand.I then repeated the above process of katello-services stop and
foreman-installer --upgrade-puppetNow I get a fail on:
Upgrade Step: copy_data…
mv: cannot move ‘/var/lib/puppet/ssl’ to
‘/etc/puppetlabs/puppet/ssl’:File exists
Upgrade step copy_data failed. Check logs for more information.
So I moved those files out of the way…and tried again. Failed
with thesame message.
Deleted the files, tried again - failed with the same message.
Might I suggest that the puppet upgrade notes are not actually
correct andthat the foreman-installer --upgrade-puppet service needs a
"–skip-broken"or “–skip-copy-data”
Anyway - I guess my question now is do I even need to run the
–upgrade-puppet?Cheers
L.
The most dangerous phrase in the language is, "We’ve always done it
thisway."
- Grace Hopper
On 13 February 2017 at 10:19, Lachlan Musicman datakid@gmail.com >>>> wrote:
Hi,
Self hosted installation.
The upgrade foreman-installer --upgrade-puppet fails because it
can’tfind packages.
Which would be because I’ve just turned off all services as asked
to inthe instructions found here
https://www.theforeman.org/plugins/katello/3.2/upgrade/puppet.html
under “in place migration”.
Seems like a chicken and an egg problem - how do I solve this
issue?cheers
L.The most dangerous phrase in the language is, "We’ve always done
it thisway."
- Grace Hopper
–
You received this message because you are subscribed to the Google
Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it,
send an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.[ERROR 2017-02-13 12:47:40 main] /Stage[main]/Certs/Privkey[/et
c/pki/katello/private/katello-default-ca.key]: Could not evaluate:
Execution of ‘/usr/bin/openssl rsa -in /root/ssl-build/katello-default-ca.key
-out /root/ssl-build/katello-default-ca.key.tmp -passin
file:/etc/pki/katello/private/katello-default-ca.pwd’ returned 1:
unable to load Private Key
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:06065064:digital
envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:604:
[ERROR 2017-02-13 12:47:40 main] 139660402321312:error:0906A065:PEM
routines:PEM_do_header:bad decrypt:pem_lib.c:483:
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/execution.rb:232:inexecute' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/provider/command.rb:23:inexecute’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/provider.rb:221:inblock in has_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/provider.rb:422:inblock in
create_class_and_instance_method’
[ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-b
ase/modules/certs/lib/puppet/provider/privkey/katello_ssl_tool.rb:11:in
expected_content' [ERROR 2017-02-13 12:47:40 main] /usr/share/katello-installer-b ase/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:178:inexists?’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/property/ensure.rb:81:inretrieve' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/type.rb:1070:inretrieve’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/type.rb:1098:inretrieve_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction/resource_harness.rb:300:infrom_resource’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction/resource_harness.rb:20:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction.rb:230:inapply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:246:ineval_resource' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction.rb:163:incall’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:163:inblock (2 levels) in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util.rb:386:inblock in thinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in
realtime' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/util.rb:385:inthinmark’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:163:inblock in evaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/graph/relationship_graph.rb:118:intraverse’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/transaction.rb:154:inevaluate' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/resource/catalog.rb:222:inblock in apply’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/log.rb:155:inwith_destination' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/transaction/report.rb:142:inas_logging_destination’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/resource/catalog.rb:221:inapply' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:171:inblock in apply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:223:inblock in benchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:inrealtime’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:222:inbenchmark' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:170:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/configurer.rb:343:inrun_internal' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/configurer.rb:221:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/context.rb:65:inoverride' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/configurer.rb:195:inrun' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application/apply.rb:350:inapply_catalog’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/application/apply.rb:274:inblock in main' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/context.rb:65:inoverride’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:293:in
override' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application/apply.rb:225:inmain’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/application/apply.rb:170:inrun_command' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application.rb:344:inblock in run’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util.rb:541:inexit_on_fail' [ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub y/vendor_ruby/puppet/application.rb:344:inrun’
[ERROR 2017-02-13 12:47:40 main] /opt/puppetlabs/puppet/lib/rub
y/vendor_ruby/puppet/util/command_line.rb:1