Something changed in the past 3+ monts so that the nodename is now constructed differently

We have nodes running on ec2, that were provisioned outside of
foreman, and something changed so they now have two entries:

e.g.:
app1.mydomain.com
and
app1.domain.com.compute-1.internal
or
app1.domain.com.ec2.internal

Do any recent changes made ring any bells here? (The latest reports
are associating with the foreman host that it is rendering with the
extraneous .internal domain.)

I'm thinking it's picking it up from domain in resolv.conf?

(Keep in mind that the hostname for this hostname and certname are
app1.mydomain.com, but it is rendering as
app1.mydomain.com.ec2.internal)

I have enabled UUID certnames, but am using hostname based certs for most hosts.

-Brian

P.S. - It looks like pretty much every host running on ec2 has two
foreman entries now.

Hmm… do you still use storeconfigs?

··· On Mon, Dec 10, 2012 at 12:31 AM, Brian Gupta wrote:

We have nodes running on ec2, that were provisioned outside of
foreman, and something changed so they now have two entries:

e.g.:
app1.mydomain.com
and
app1.domain.com.compute-1.internal
or
app1.domain.com.ec2.internal

Do any recent changes made ring any bells here? (The latest reports
are associating with the foreman host that it is rendering with the
extraneous .internal domain.)

I’m thinking it’s picking it up from domain in resolv.conf?

(Keep in mind that the hostname for this hostname and certname are
app1.mydomain.com, but it is rendering as
app1.mydomain.com.ec2.internal)

I have enabled UUID certnames, but am using hostname based certs for most
hosts.

-Brian

P.S. - It looks like pretty much every host running on ec2 has two
foreman entries now.

Yes, but it's a separate database. -Brian

··· On Mon, Dec 10, 2012 at 5:03 AM, Ohad Levy wrote: > Hmm... do you still use storeconfigs? > > > > > On Mon, Dec 10, 2012 at 12:31 AM, Brian Gupta > wrote: >> >> We have nodes running on ec2, that were provisioned outside of >> foreman, and something changed so they now have two entries: >> >> e.g.: >> app1.mydomain.com >> and >> app1.domain.com.compute-1.internal >> or >> app1.domain.com.ec2.internal >> >> Do any recent changes made ring any bells here? (The latest reports >> are associating with the foreman host that it is rendering with the >> extraneous .internal domain.) >> >> I'm thinking it's picking it up from domain in resolv.conf? >> >> (Keep in mind that the hostname for this hostname and certname are >> app1.mydomain.com, but it is rendering as >> app1.mydomain.com.ec2.internal) >> >> I have enabled UUID certnames, but am using hostname based certs for most >> hosts. >> >> -Brian >> >> P.S. - It looks like pretty much every host running on ec2 has two >> foreman entries now. > >

This sounds like storeconfigs. I've seen this when the output of
facter domain doesn't match the domain configured in foreman.

-Josh

··· -- On 12/10/2012 10:58 AM, Brian Gupta wrote: > Yes, but it's a separate database. -Brian > > On Mon, Dec 10, 2012 at 5:03 AM, Ohad Levy wrote: >> Hmm... do you still use storeconfigs? >> >> >> >> >> On Mon, Dec 10, 2012 at 12:31 AM, Brian Gupta >> wrote: >>> >>> We have nodes running on ec2, that were provisioned outside of >>> foreman, and something changed so they now have two entries: >>> >>> e.g.: >>> app1.mydomain.com >>> and >>> app1.domain.com.compute-1.internal >>> or >>> app1.domain.com.ec2.internal >>> >>> Do any recent changes made ring any bells here? (The latest reports >>> are associating with the foreman host that it is rendering with the >>> extraneous .internal domain.) >>> >>> I'm thinking it's picking it up from domain in resolv.conf? >>> >>> (Keep in mind that the hostname for this hostname and certname are >>> app1.mydomain.com, but it is rendering as >>> app1.mydomain.com.ec2.internal) >>> >>> I have enabled UUID certnames, but am using hostname based certs for most >>> hosts. >>> >>> -Brian >>> >>> P.S. - It looks like pretty much every host running on ec2 has two >>> foreman entries now. >> >>

OK I'm seeing multiple issues here that are definitely not
storeconfigs related as these are separate databases. We are however
using enc script to upload facts, which looks like the likely culprit.

So for example while certname might be: myserver.mydomain.com
hostname is set to: myserver
domainname is unset, but factor domain -> ec2.internal

What was confusing though, is foreman maintains two records for this
host even if I delete the myserver.ec2.internal one. (On next puppet
run it recreates.) (I think I understand though why it does this, and
am not sure we can fix it without making certname == FQDN.)

Thanks,
Brian

··· On Mon, Dec 10, 2012 at 2:04 PM, Joshua hoblitt wrote: > This sounds like storeconfigs. I've seen this when the output of > `facter domain` doesn't match the domain configured in foreman. > > -Josh > > -- > On 12/10/2012 10:58 AM, Brian Gupta wrote: >> Yes, but it's a separate database. -Brian >> >> On Mon, Dec 10, 2012 at 5:03 AM, Ohad Levy wrote: >>> Hmm... do you still use storeconfigs? >>> >>> >>> >>> >>> On Mon, Dec 10, 2012 at 12:31 AM, Brian Gupta >>> wrote: >>>> >>>> We have nodes running on ec2, that were provisioned outside of >>>> foreman, and something changed so they now have two entries: >>>> >>>> e.g.: >>>> app1.mydomain.com >>>> and >>>> app1.domain.com.compute-1.internal >>>> or >>>> app1.domain.com.ec2.internal >>>> >>>> Do any recent changes made ring any bells here? (The latest reports >>>> are associating with the foreman host that it is rendering with the >>>> extraneous .internal domain.) >>>> >>>> I'm thinking it's picking it up from domain in resolv.conf? >>>> >>>> (Keep in mind that the hostname for this hostname and certname are >>>> app1.mydomain.com, but it is rendering as >>>> app1.mydomain.com.ec2.internal) >>>> >>>> I have enabled UUID certnames, but am using hostname based certs for most >>>> hosts. >>>> >>>> -Brian >>>> >>>> P.S. - It looks like pretty much every host running on ec2 has two >>>> foreman entries now. >>> >>> >