Smart Proxy Infoblox DNS records not being created

Hi folk,

I’m having an issue with Foreman Smart Proxy Infoblox DNS plugin.

Foreman front server is 1.15.3 Release: 1.el7
foreman-proxy 1.13.4 Release: 1.el7
rubygem-infoblox 1.0.0 Release: 1.el7
rubygem-smart_proxy_dhcp_infoblox 0.0.5 Release: 1.fm1_14.el7
rubygem-smart_proxy_dns_infoblox 0.0.4 Release: 1.fm1_13.el7
Infoblox NIOS Release 8.1.5-359439 (64bit)

We set up the appropriate configuration items:

# cat dns.yml 
:enabled: https
:dns_ttl: 86400
:use_provider: dns_infoblox

# cat dns_infoblox.yml
# Configuration file for 'infoblox dns provider

:username: "admin"
:password: "infoblox"
:dns_server: "infoblox"

I’ve tried both dns.yml method enabled: true, and enabled: https with same results.

I have confirmed the user in question can create Host records on infoblox via API.

On the Foreman front server, I have “refreshed” the Smart Proxy and it does indeed show DNS as a service available now.

I turned on debug on the smart proxy logging to hopefully see more details about why DNS records aren’t being created, unfortunately there’s nothing in there about it. Some of the heading logs show it’s just being loaded:

D, [2018-01-31T21:22:46.926342 ] DEBUG -- : 'dns' settings: 'dns_ttl': 86400 (default), 'enabled': https, 'use_provider': dns_infoblox
D, [2018-01-31T21:22:46.943186 ] DEBUG -- : Providers ['dns_infoblox'] are going to be configured for 'dns'
D, [2018-01-31T21:22:46.945444 ] DEBUG -- : 'dns_infoblox' settings: 'dns_server': infoblox, 'dns_ttl': 86400, 'password': infoblox, 'use_provider': dns_infoblox, 'username': admin

Hoping we can figure this one out,

Shawn Q

You should see requests for dns record creations (or any other calls for that matter) in smart-proxy log. If there are none, no calls to smart-proxy are being made. Please check that smart-proxy and subnet and domains associations are correct in Foreman.

1 Like

You were right, I had to set up the smart proxy in the domain configuration. Was sure it was there before. However, it must have gotten lost while tinkering with DNS.

So now I get an interesting error during host creation:

Unable to save
Create IPv4 DNS record for dev-testvm78 task failed with the following error: ERF12-2357 [ProxyAPI::ProxyException]: Unable to set DNS entry ([RestClient::ResourceNotFound]: 404 Resource Not Found) for proxy http://foreman-proxy:8443/dns

I do see a dns log entry now, sort of, but nothing else that can help identify the problem, it just seens ‘/dns’ doesn’t get created or something:

D, [2018-01-31T22:15:59.305611 ] DEBUG -- : close: 10.x.x.19:57908
D, [2018-01-31T22:15:59.404772 ] DEBUG -- : accept: 10.x.x.19:57910
D, [2018-01-31T22:15:59.451391 ] DEBUG -- : Rack::Handler::WEBrick is invoked.
I, [2018-01-31T22:15:59.453532 ]  INFO -- : 10.x.x.19 - - [31/Jan/2018:22:15:59 +0000] "POST /dns/ HTTP/1.1" 404 27 0.0004

Check that smart-proxy and dns module is configured for http, that the port is correct, and that the dns module loaded up without errors.

The DNS module does load, according to the logs. I tried setting in dns.yaml from enabled: https, to enabled:true, restarted foreman-proxy, refreshed smart proxy on foreman front end, create host now gives the following error:

Unable to save
Create IPv4 DNS record for dev-testvm79 task failed with the following error: ERF12-2357 [ProxyAPI::ProxyException]: Unable to set DNS entry ([RestClient::RequestTimeout]: Request Timeout) for proxy http://foreman-proxy:8443/dns

Checked log, says 200 now, so not sure what the problem is now:

D, [2018-01-31T22:34:46.991060 ] DEBUG -- : close: 10.x.x.19:57960
I, [2018-01-31T22:35:00.941659 ]  INFO -- : 10.x.x.19 - - [31/Jan/2018:22:35:00 +0000] "POST /dns/ HTTP/1.1" 200 - 75.2232

I will troubleshoot more tomorrow, exhausted right now.

Thanks for your help.

I am getting an identical error in my environment. What I found is that the record does get correctly created in the zone, it’s just that Foreman never gets notified of this by the smart proxy. Do you see the record created in your DNS zone despite the error too?

I still haven’t figured out how to fix this one, but at least it will be good to know I’m not alone.

1 Like

You’re right, James, I’m surprised I didn’t see your post when I was searching.

I’ll post in your post / follow it.