fails with:
No package FQDN-qpid-client-cert available.
same thing for foreman-proxy, foreman-proxy-client qpid-router etc
all rpm s are in the tarball but somehow the foreman-installer doesn’t find them,
I tried to yum install them manually and they show up in a yum search but the installer still fails to find them.
So, while i’ve not completed a proper smart proxy install, I HAVE gotten past this part of the installation, so I suspect the issue is on your side, not Katello/Foreman.
One thing I’ve noticed is that when Foreman goes to build the client certs package it creates a ssl-build directory under wherever you have the --certs-tar location pointed at. Katello does NOT clean up old ssl-build directories that are currently laying around (though it may delete them upon re-build, I don’t know this).
One thing you might try is to remove any ssl-build directory you have in the --certs-tar location to begin with and try again.
Secondly, foreman-proxy-certs-generate has a bug where --certs-tar MUST be a fully qualified directory location (starting from /). If you’re not specifying something like /root/FQDN-certs.tar in your --certs-tar location, try that.
You should also be able to rpm -qa | grep for the various certs that were installed by passing the FQDN name (or short hostname) into RPM.
rpm -qa | grep should return a list of about 8 client certs.
Lastly, the requirement after building the Certs bundle from the master server is to put it in the same location on the client, specifically in your “foreman-installer” command --foreman-proxy-content-certs-tar must be pointed at the bundle you copied over…again, by non-relative path.
If your foreman-proxy-certs-generate command used --certs-tar “/root/server.example.com-certs.tar” then you need server.example.com-certs.tar to exist in /root on server.example.com and foreman-installer’s --foreman-proxy-content-certs-tar should be “/root/server.example.com-certs.tar”.
removed /root/ssl-build/proxy.example.com directory on Katello
removed /root/proxy.example.com-certs.tar from both Katello and proxy
Regenerated the tarball on the Katello:
foreman-proxy-certs-generate --foreman-proxy-fqdn “proxy.example.com” --certs-tar “/root/proxy.example.com-certs.tar”
Copied it to the proxy:
scp /root/proxy.example.com-certs.tar root@proxy.example.com:/root/proxy.example.com-certs.tar
Ran the foreman-installer on the proxy:
foreman-installer --scenario foreman-proxy-content
–foreman-proxy-content-parent-fqdn “katello.example.com”
–foreman-proxy-register-in-foreman “true”
–foreman-proxy-foreman-base-url “https://katello.example.com”
–foreman-proxy-trusted-hosts “katello.example.com”
–foreman-proxy-trusted-hosts “proxy.example.com”
–foreman-proxy-oauth-consumer-key “9T3sRwNNABHbuxRWxc7bKC2Z3JgvmP4G”
–foreman-proxy-oauth-consumer-secret “mtAuzDJKPYqzkptw9RKr32KHQjnLJqWs”
–foreman-proxy-content-pulp-oauth-secret “kVEBmRovv8imQu6r5epuTrKQg6FAs96k”
–foreman-proxy-content-certs-tar “/root/proxy.example.com-certs.tar”
–puppet-server-foreman-url “https://katello.example.com”
The installer created the /root/ssl-build/proxy.example.com directory
on the proxy an populated it with:
proxy.example.com-apache-1.0-1.noarch.rpm proxy.example.com-qpid-broker-1.0-1.noarch.rpm
proxy.example.com-foreman-client-1.0-1.noarch.rpm proxy.example.com-qpid-client-cert-1.0-1.noarch.rpm
proxy.example.com-foreman-proxy-1.0-1.noarch.rpm proxy.example.com-qpid-router-client-1.0-1.noarch.rpm
proxy.example.com-foreman-proxy-client-1.0-1.noarch.rpm proxy.example.com-qpid-router-server-1.0-1.noarch.rpm
proxy.example.com-puppet-client-1.0-1.noarch.rpm
The installer created the /root/ssl-build/proxy.example.com directory
on the Katello an populated it with:
To summarize, looking at the installation log the only error I could find for all packages is always a yum install error.
No package proxy.example.com-puppet-client available
Trying to install the package manually with yum also fails even if the full path is given !?
/usr/bin/yum install /root/ssl-build/proxy.example.com/proxy.example.com-puppet-client-1.0-1.noarch
No package /root/ssl-build/proxy.example.com/proxy.example.com-puppet-client-1.0-1.noarch available.
Error: Nothing to do
That kind of error reminds me of what happens when you try to install 32 bit libraries into an Ubuntu system that doesn’t recognize the 32 bit architecture…
We’re going to start getting into stupid question time.
You are running the cert generate from the Katello MASTER right?
You don’t have any exclusions in your /etc/yum.conf or other files that might be causing this particular package not to properly install right?
I have never tried to do an RPM Validate/Verify of a package but I THINK there’s a way to do this? You might consider validating if this is even a proper package. Perhaps an rpm query on the package itself to see if it has anything in it?
The proxy.example.com-puppet-client* should be in your Katello master’s /root/ssl-build directory, you might consider validating that as well to see if perhaps it was corrupted in transit/as part of a bad build.
Worst case scenario, you should be able to find the files built into the proxy.example.com-puppet-client* RPM and do your own RPM build on that package if you can’t get a valid installation done with either the version sitting on the Smart Proxy or the version sitting on the Master.
Edit: Have you checked the permissions on the package to make sure they’re not some weird setting that isn’t readable or writable or something?
Assuming, however, that the package is valid but YUM isn’t installing it, I’d start looking at the yum logs and/or try running 'rpm -ihv ’ directly to see if you can manually install it. Katello’s installers are usually pretty intelligent at detecting a package’s existence and not throwing up if the package is already installed. Given that this is part of the Tarball that may NOT be the case in this instance, but it’s worth giving it a shot…might get you past the error.
