Reports not showing up in foreman

Support
1

I'm going to re-ask this question because the issue is driving me crazy
even though I'm already close enough to walk.

Here's the setup:
[Foreman Server with Puppet/PuppetDB]
^
>
V
[ Subordinate (remote) Puppet Server ] (Proxy installed)
^
>
V
[End client[

The Puppet master running on the Foreman host's job is to manage just the
remote masters. The subordinate Puppet Masters are planned to be installed
in various data centers around the country.

The end client's puppet.conf looks like this (with the template variables
being replaced by their actual values):

File managed with puppet

Module: 'puppet'

[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet

# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl

# Allow services in the 'puppet' group to access key (Foreman + proxy)
privatekeydir = $ssldir/private_keys { group = service }
hostprivkey = $privatekeydir/$certname.pem { mode = 640 }

# Puppet 3.0.x requires this in both [main] and [master] - harmless on

agents
autosign = $confdir/autosign.conf { mode = 664 }

show_diff     = false

hiera_config = $confdir/hiera.yaml

ca_server =<%= foreman_host_fqdn%>

Next part of the file is managed by a different template

Module: 'puppet'

[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuration. Can be loaded in
# the separate puppet executable using the --loadclasses
# option.
# The default value is '$statedir/classes.txt'.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is &#39;$confdir/localconfig&#39;.
localconfig = $vardir/localconfig

# Disable the default schedules as they cause continual skipped
# resources to be displayed in Foreman - only for Puppet &gt;= 3.4
default_schedules = false

report            = true
pluginsync        = true
masterport        = 8140
environment       = POC
certname          = &lt;%= fqdn %&gt;
server            = &lt;%= puppethost_fqdn %&gt;
listen            = false
splay             = false
splaylimit        = 1800
runinterval       = 1800
noop              = false
configtimeout     = 600

Report is turned on and the remote Puppet Master is successfully managing
the client.

The [master] section of the remote Puppet Master's puppet.conf looks like
this:
[master]
storeconfigs = true
storeconfigs_backend = puppetdb
autosign = $confdir/autosign.conf { mode = 664 }
reports = foreman
external_nodes = /etc/puppet/node.rb
node_terminus = exec

ca             = false


certname       = &lt;%= fqdn %&gt;
strict_variables = false

environmentpath  = /etc/puppet/environments
basemodulepath   =

/etc/puppet/environments/common:/etc/puppet/modules:/usr/share/puppet/modules

and I have a foreman.yaml file that looks like this:

··· --- # Update for your Foreman and Puppet master hostname(s) :url: "https://mtinjacn01.cip.att.com" :ssl_ca: "/var/lib/puppet/ssl/certs/ca.pem" :ssl_cert: "/var/lib/puppet/ssl/certs<%= fqdn %>.pem" :ssl_key: "/var/lib/puppet/ssl/private_keys/<%= fqdn %>.pem"

Advanced settings

:user: “”
:password: “”
:puppetdir: “/var/lib/puppet”
:puppetuser: “puppet”
:facts: true
:timeout: 10
:threads: null

Now the facts are showing up on the Foreman server for the remote client
but just not the reports.

First obvious question: should they or am I chasing a ghost?

If they should be showing up what am I missing here?

2

As far as I know, that should be fine. The puppetmasters log to syslog
iirc, so you could always drop some "puts 'foo'" type logging into the
foreman.rb report processor and check it's actually being called. If
it is, then you can check the foreman logs for calls to the reports
API - if it isn't then you know to focus troubleshooting on the master
itself.

Hope that helps,
Greg

3

Facts are probably coming in as Foreman is the ENC (the node.rb script).
Reports definitely should work, so something seems amiss.

Is there a foreman.rb in your Puppet installation on the subordinate
masters? It could be in a number of places depending on your Ruby
installation. This is the script that is used when reports is set to
"foreman". If you use foreman-installer this probably gets done for you,
otherwise you need to follow the docs as per the link below. If this is the
problem then I'm surprised the master didn't complain loudly. Try enabling
debug logging for the master if you haven't already.

http://theforeman.org/manuals/1.3/index.html#3.5.4PuppetReports

find /usr/share -name foreman.rb

/usr/share/ruby/vendor_ruby/puppet/reports/foreman.rb

··· On Wednesday, 4 March 2015 16:46:25 UTC, Salty Old Cowdawg wrote: > > I'm going to re-ask this question because the issue is driving me crazy > even though I'm already close enough to walk. > > Here's the setup: > [Foreman Server with Puppet/PuppetDB] > ^ > > > V > [ Subordinate (remote) Puppet Server ] (Proxy installed) > ^ > > > V > [End client[ > > The Puppet master running on the Foreman host's job is to manage just the > remote masters. The subordinate Puppet Masters are planned to be installed > in various data centers around the country. > > The end client's puppet.conf looks like this (with the template variables > being replaced by their actual values): > > ### File managed with puppet ### > ## Module: 'puppet' > > [main] > # The Puppet log directory. > # The default value is '$vardir/log'. > logdir = /var/log/puppet > > # Where Puppet PID files are kept. > # The default value is '$vardir/run'. > rundir = /var/run/puppet > > # Where SSL certificates are kept. > # The default value is '$confdir/ssl'. > ssldir = $vardir/ssl > > # Allow services in the 'puppet' group to access key (Foreman + proxy) > privatekeydir = $ssldir/private_keys { group = service } > hostprivkey = $privatekeydir/$certname.pem { mode = 640 } > > # Puppet 3.0.x requires this in both [main] and [master] - harmless on > agents > autosign = $confdir/autosign.conf { mode = 664 } > > show_diff = false > > hiera_config = $confdir/hiera.yaml > > > ca_server =<%= foreman_host_fqdn%> > > > ### Next part of the file is managed by a different template ### > ## Module: 'puppet' > > [agent] > # The file in which puppetd stores a list of the classes > # associated with the retrieved configuration. Can be loaded in > # the separate ``puppet`` executable using the ``--loadclasses`` > # option. > # The default value is '$statedir/classes.txt'. > classfile = $vardir/classes.txt > > # Where puppetd caches the local configuration. An > # extension indicating the cache format is added automatically. > # The default value is '$confdir/localconfig'. > localconfig = $vardir/localconfig > > # Disable the default schedules as they cause continual skipped > # resources to be displayed in Foreman - only for Puppet >= 3.4 > default_schedules = false > > report = true > pluginsync = true > masterport = 8140 > environment = POC > certname = <%= fqdn %> > server = <%= puppethost_fqdn %> > listen = false > splay = false > splaylimit = 1800 > runinterval = 1800 > noop = false > configtimeout = 600 > > Report is turned on and the remote Puppet Master is successfully managing > the client. > > The [master] section of the remote Puppet Master's puppet.conf looks like > this: > [master] > storeconfigs = true > storeconfigs_backend = puppetdb > autosign = $confdir/autosign.conf { mode = 664 } > reports = foreman > external_nodes = /etc/puppet/node.rb > node_terminus = exec > > ca = false > > > certname = <%= fqdn %> > strict_variables = false > > environmentpath = /etc/puppet/environments > basemodulepath = > /etc/puppet/environments/common:/etc/puppet/modules:/usr/share/puppet/modules > > and I have a foreman.yaml file that looks like this: > > --- > # Update for your Foreman and Puppet master hostname(s) > :url: "https://mtinjacn01.cip.att.com" > :ssl_ca: "/var/lib/puppet/ssl/certs/ca.pem" > :ssl_cert: "/var/lib/puppet/ssl/certs<%= fqdn %>.pem" > :ssl_key: "/var/lib/puppet/ssl/private_keys/<%= fqdn %>.pem" > > # Advanced settings > :user: "" > :password: "" > :puppetdir: "/var/lib/puppet" > :puppetuser: "puppet" > :facts: true > :timeout: 10 > :threads: null > > Now the *facts* are showing up on the Foreman server for the remote client > but just not the reports. > > First obvious question: should they or am I chasing a ghost? > > If they should be showing up what am I missing here? > > >
4

now I'm mad at myself… I must have read that doc ten times in the last
week and missed that very important point.

Good news is my module for managing the configuration of the Remote Masters
now includes that tidbit.

··· On Thu, Mar 5, 2015 at 9:58 AM Nick Howes wrote:

Facts are probably coming in as Foreman is the ENC (the node.rb script).
Reports definitely should work, so something seems amiss.

Is there a foreman.rb in your Puppet installation on the subordinate
masters? It could be in a number of places depending on your Ruby
installation. This is the script that is used when reports is set to
"foreman". If you use foreman-installer this probably gets done for you,
otherwise you need to follow the docs as per the link below. If this is the
problem then I’m surprised the master didn’t complain loudly. Try enabling
debug logging for the master if you haven’t already.

Foreman :: Manual

find /usr/share -name foreman.rb

/usr/share/ruby/vendor_ruby/puppet/reports/foreman.rb

On Wednesday, 4 March 2015 16:46:25 UTC, Salty Old Cowdawg wrote:

I’m going to re-ask this question because the issue is driving me crazy
even though I’m already close enough to walk.

Here’s the setup:
[Foreman Server with Puppet/PuppetDB]
^
>
V
[ Subordinate (remote) Puppet Server ] (Proxy installed)
^
>
V
[End client[

The Puppet master running on the Foreman host’s job is to manage just the
remote masters. The subordinate Puppet Masters are planned to be installed
in various data centers around the country.

The end client’s puppet.conf looks like this (with the template variables
being replaced by their actual values):

File managed with puppet

Module: ‘puppet’

[main]
# The Puppet log directory.
# The default value is ‘$vardir/log’.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet

# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl

# Allow services in the 'puppet' group to access key (Foreman + proxy)
privatekeydir = $ssldir/private_keys { group = service }
hostprivkey = $privatekeydir/$certname.pem { mode = 640 }

# Puppet 3.0.x requires this in both [main] and [master] - harmless

on agents
autosign = $confdir/autosign.conf { mode = 664 }

show_diff     = false

hiera_config = $confdir/hiera.yaml

ca_server =<%= foreman_host_fqdn%>

Next part of the file is managed by a different template

Module: ‘puppet’

[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuration. Can be loaded in
# the separate puppet executable using the --loadclasses
# option.
# The default value is ‘$statedir/classes.txt’.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig

# Disable the default schedules as they cause continual skipped
# resources to be displayed in Foreman - only for Puppet >= 3.4
default_schedules = false

report            = true
pluginsync        = true
masterport        = 8140
environment       = POC
certname          = <%= fqdn %>
server            = <%= puppethost_fqdn %>
listen            = false
splay             = false
splaylimit        = 1800
runinterval       = 1800
noop              = false
configtimeout     = 600

Report is turned on and the remote Puppet Master is successfully managing
the client.

The [master] section of the remote Puppet Master’s puppet.conf looks like
this:
[master]
storeconfigs = true
storeconfigs_backend = puppetdb
autosign = $confdir/autosign.conf { mode = 664 }
reports = foreman
external_nodes = /etc/puppet/node.rb
node_terminus = exec

ca             = false


certname       = <%= fqdn %>
strict_variables = false

environmentpath  = /etc/puppet/environments
basemodulepath   = /etc/puppet/environments/

common:/etc/puppet/modules:/usr/share/puppet/modules

and I have a foreman.yaml file that looks like this:

Update for your Foreman and Puppet master hostname(s)

:url: “https://mtinjacn01.cip.att.com
:ssl_ca: “/var/lib/puppet/ssl/certs/ca.pem”
:ssl_cert: “/var/lib/puppet/ssl/certs<%= fqdn %>.pem”
:ssl_key: “/var/lib/puppet/ssl/private_keys/<%= fqdn %>.pem”

Advanced settings

:user: “”
:password: “”
:puppetdir: “/var/lib/puppet”
:puppetuser: “puppet”
:facts: true
:timeout: 10
:threads: null

Now the facts are showing up on the Foreman server for the remote
client but just not the reports.

First obvious question: should they or am I chasing a ghost?

If they should be showing up what am I missing here?


You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.