Problem:
Using userdata/cloud-init installation with a foreman-proxy-content-proxy as template server
**Expected outcome: **
Same results as if the host would connect to the main foreman-server to get the user-data-/cloud-init-template
Foreman and Proxy versions:
Both on 1.24.3
Distribution and version:
CentOS 7
Other relevant data:
Hi,
I am currently trying to provision new VMware machines using image-based deployments. For this I want to use cloud-init & userdata and static IP-adresses.
This works fine with an foreman 1.24.3 if my hosts are connected directly to the foreman-server itself to get their userdata-template.
However, I have separated network with no access to other subnets. For this I use a foreman-content-proxy, which is also configured to be template-server. This proxy works fine for other deployment-methods but in case of the userdata-templates the URL http:///userdata/user-data throws an 404.
curl -D - -H 'X-Forwarded-For: 192.168.167.90' https://<proxy-content-url>/userdata/user-data
HTTP/1.1 404 Not Found
Date: Fri, 28 Aug 2020 08:33:54 GMT
Server: Apache
Content-Length: 216
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /userdata/user-data was not found on this server.</p>
</body></html>
Other than that I have not found any helpful entries in the logs.
I also tried to access it on different ports. Port 8000 gives an Internal Server Error, which also appears in the production.log.
If I try to use port 8443 I get a userdata-template but this is rendered for my proxy-content-host and not for the given IP or host I want to provision. Same effect if I use a squid-proxy to connect to the main foreman.
This was added as part of âtemplatesâ feature, the moment you have it turned on on HTTP endpoint, you should be able to reach it on the HTTP port (8000 in your case) under the /userdata path. Doublecheck the smart proxy config in settings.d/templates.yml and that the module was not turned off during boot because of some error.
thank you for the answer. But my templates.yml looks ok:
--
# Enable this if the Proxy should handle template requests on behalf of Foreman
# Can be true, false, or http/https to enable just one of the protocols
:enabled: true
# This plugin also requires that :foreman_url: be set in the main settings.yml
# This lets the plugin know how to obtain the templates from foreman.
# This allows the proxy to define how hosts that are being provisioned where to
# obtain the templates from. Most installers don't support https, so it's recommended
# to enable an http port listener in the main config file too, and use it in
# the url below
#
# :template_url is the URL the host should use to contact the proxy for a template.
# The default protocol is http on port 80 unless otherwise specified in the url.
# Examples:
# https://1.2.3.4:8443 # default proxy https port
# http://1.2.3.4:8000 # default proxy http port
# https://smart-proxy.example.com # assumes port 443
# http://smart-proxy.example.com # assumes port 80
# smart-proxy.example.com:8080 # assumes http
:template_url: http://<proxyurl>:8000
Or do I need some extra configuration for the userdata?
But I can try it again with the port 8000 in the URL - maybe I missed something during the tests until it worked without the proxy.
I retried it - with port 8000 I get a user-data-template, BUT it is not the correct one.
I expect the template to render with the details of the host I provisioned but I get the template rendered for the smart-proxy I am using to register to.
It seems that the template-API is forwarded to the foreman but then it renders the template for the smart proxy and not for the host I want to register.
This follows to a new cloned host (with the correct provisioned static IP by the vSphere Customization) but then it runs cloud-init and has the same hostname as my smart-proxy (which then leads to errors within the subscription-manager and the puppet registration).
If i try it with port 8000 instead of 8443 i get
Failed to retrieve user-data userdata template for {âkindâ=>âuser-dataâ}: Error retrieving userdata/user-data for {âurlâ=>âhttp://< smart-proxy-fqdn >:8443â} from < foreman-fqdn >.
Hi,
I am trying to deploy a server cloudinit-based via foreman-proxy as well (version is foreman 2.3.5). Unfortunately the parameter remote_adress no longer exists in this version and apparently has been replaced by the setting âtrusted hostsâ.
I tried to set the trusted hosts in the katello-answers.yaml on the foreman and foreman-proxy-content-answers.yaml on the foreman proxy (with subsequently running foreman-installer â value is being correctly set in setting.yml), but deployment remains impossible, as the proxy returns an internal server error 500.
When trying to curl the user-data this only works for foreman, the foreman-proxy returns There was an error rendering the CloudInit default demo template: undefined method 'full_path' for nil:NilClass
This has not been changed by the trusted hosts setting. Can possibly any one tell me the correct setting to deploy cloudinit-based via foreman proxy? Thanks!
Your problem seems to be with installation procedure, this thread is about a particular problem in content proxying. I suggest you to create a new thread.
Hi @lzap,
the issue is not really an problem with the installation procedure.
In the original case I had, the solution was to configure my smart proxy in the settings using the âremote_addrâ parameter. However, this parameter does not exist any more since foreman 2.3 but is still the solution to this problem according to the manual.
So the question is: where is the âremote_addrâ parameter found in releases >= 2.3 or how should the content proxying be configured.
Thank you! I think this helps and should be adapted in the documentation.
Can this setting be set via foreman-installer?
Because otherwise it will be deleted after each installer-run in my experience if I edit the settings.yml directly.
