Discussion:
[foreman-users] Installing Smart Proxy
claude juif
2015-01-09 14:04:20 UTC
Permalink
Hi,

I have a foreman server, installed with foreman-installer and everything
work really well.

I have another subnet which i want to provision with foreman also. My idea
was to install a foreman smart proxy on this subnet to manage DHCP, DNS and
TFTP, and link it to my central foreman server.

Can I do this ? And can i do it with foreman-installer ? I've tried various
options to foreman-installer like this :

Puppet is my working foreman installation with
PuppetCA,Puppet,TFTP,DHCP,DNS on a Debian Wheezy.

172.16.1.x is my new subnet

foreman-installer \
--enable-foreman-proxy \
--puppet-puppetmaster=puppet \
--foreman-proxy-tftp=true \
--foreman-proxy-tftp-servername=172.16.1.5 \
--foreman-proxy-dhcp=true \
--foreman-proxy-dhcp-interface=eth0 \
--foreman-proxy-dhcp-gateway=172.16.1.1 \
--foreman-proxy-dhcp-range="172.16.1.10 172.16.1.230" \
--foreman-proxy-dhcp-nameservers="172.16.1.5" \
--foreman-proxy-dns=true \
--foreman-proxy-dns-interface=eth0 \
--foreman-proxy-dns-zone=new.lan \
--foreman-proxy-dns-reverse=1.16.172.in-addr.arpa \
--foreman-proxy-dns-forwarders=172.16.1.2 \
--foreman-proxy-foreman-base-url=https://puppet \
--foreman-proxy-oauth-consumer-key=xxx \
--foreman-proxy-oauth-consumer-secret=xx


I think i misunderstood something but i can't find it.

Any pointer this install scenario would be greatly appreciated.

Regards,
--
You received this message because you are subscribed to the Google Groups "Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+***@googlegroups.com.
To post to this group, send email to foreman-***@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Lukas Zapletal
2015-01-12 09:56:26 UTC
Permalink
Hey,

and what does not work exactly?
Post by claude juif
foreman-installer \
--enable-foreman-proxy \
--puppet-puppetmaster=puppet \
--foreman-proxy-tftp=true \
--foreman-proxy-tftp-servername=172.16.1.5 \
--foreman-proxy-dhcp=true \
--foreman-proxy-dhcp-interface=eth0 \
--foreman-proxy-dhcp-gateway=172.16.1.1 \
--foreman-proxy-dhcp-range="172.16.1.10 172.16.1.230" \
--foreman-proxy-dhcp-nameservers="172.16.1.5" \
--foreman-proxy-dns=true \
--foreman-proxy-dns-interface=eth0 \
--foreman-proxy-dns-zone=new.lan \
--foreman-proxy-dns-reverse=1.16.172.in-addr.arpa \
--foreman-proxy-dns-forwarders=172.16.1.2 \
--foreman-proxy-foreman-base-url=https://puppet \
Make sure this resolves to foreman base url and proxy can connect
foreman on this URL correctly.
Post by claude juif
--foreman-proxy-oauth-consumer-key=xxx \
--foreman-proxy-oauth-consumer-secret=xx
I think this would install Foreman as well on your proxy node what is
not what you really want. You want to add

--no-enable-foreman


option for foreman-proxy installation.
--
Later,
Lukas #lzap Zapletal
--
You received this message because you are subscribed to the Google Groups "Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+***@googlegroups.com.
To post to this group, send email to foreman-***@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
claude juif
2015-01-12 10:25:28 UTC
Permalink
Post by Lukas Zapletal
Hey,
and what does not work exactly?
I always get this after running forman-installer :

Preparing installation Done
Something went wrong! Check the log for ERROR-level output

And the error.log gives this :

pick(): must receive at least one non empty value at
/usr/share/foreman-installer/modules/foreman/manifests/cli.pp:31 on node
puppet
Post by Lukas Zapletal
Post by claude juif
foreman-installer \
--enable-foreman-proxy \
--puppet-puppetmaster=puppet \
--foreman-proxy-tftp=true \
--foreman-proxy-tftp-servername=172.16.1.5 \
--foreman-proxy-dhcp=true \
--foreman-proxy-dhcp-interface=eth0 \
--foreman-proxy-dhcp-gateway=172.16.1.1 \
--foreman-proxy-dhcp-range="172.16.1.10 172.16.1.230" \
--foreman-proxy-dhcp-nameservers="172.16.1.5" \
--foreman-proxy-dns=true \
--foreman-proxy-dns-interface=eth0 \
--foreman-proxy-dns-zone=new.lan \
--foreman-proxy-dns-reverse=1.16.172.in-addr.arpa \
--foreman-proxy-dns-forwarders=172.16.1.2 \
--foreman-proxy-foreman-base-url=https://puppet \
Make sure this resolves to foreman base url and proxy can connect
foreman on this URL correctly.
I can confirm than there is no network problem preventing this server to
contact base foreman
Post by Lukas Zapletal
Post by claude juif
--foreman-proxy-oauth-consumer-key=xxx \
--foreman-proxy-oauth-consumer-secret=xx
I think this would install Foreman as well on your proxy node what is
not what you really want. You want to add
--no-enable-foreman
I've tried with this option and it gives me the same error message as above.
Post by Lukas Zapletal
option for foreman-proxy installation.
--
Later,
Lukas #lzap Zapletal
--
You received this message because you are subscribed to the Google Groups "Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+***@googlegroups.com.
To post to this group, send email to foreman-***@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Lukas Zapletal
2015-01-12 11:19:48 UTC
Permalink
Post by claude juif
pick(): must receive at least one non empty value at
/usr/share/foreman-installer/modules/foreman/manifests/cli.pp:31 on node
puppet
This looks like a bug. Try to provide:

--foreman-foreman-url=http://dummy

if it helps.
--
Later,
Lukas #lzap Zapletal
--
You received this message because you are subscribed to the Google Groups "Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+***@googlegroups.com.
To post to this group, send email to foreman-***@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
claude juif
2015-01-12 12:57:22 UTC
Permalink
Post by Lukas Zapletal
Post by claude juif
pick(): must receive at least one non empty value at
/usr/share/foreman-installer/modules/foreman/manifests/cli.pp:31 on node
puppet
--foreman-foreman-url=http://dummy
if it helps.
Still playing with foreman-installer, i've getting rid off this error
message by passing this arguments to foreman-installer :

foreman-installer \
--enable-foreman-proxy \
--puppet-puppetmaster=puppet.hq0 \
* --foreman-cli-foreman-url=https://puppet.hq0 \*
* --foreman-cli-username=admin \*
* --foreman-cli-password=mypassword \*
--foreman-proxy-tftp=true \
--foreman-proxy-tftp-servername=172.16.1.5 \
--foreman-proxy-dhcp=true \
--foreman-proxy-dhcp-interface=eth0 \
--foreman-proxy-dhcp-gateway=172.16.1.1 \
--foreman-proxy-dhcp-range="172.16.1.10 172.16.1.230" \
--foreman-proxy-dhcp-nameservers="172.16.1.5" \
--foreman-proxy-dns=true \
--foreman-proxy-dns-interface=eth0 \
--foreman-proxy-dns-zone=ny0.lan \
--foreman-proxy-dns-reverse=1.16.172.in-addr.arpa \
--foreman-proxy-dns-forwarders=172.16.1.2 \
--foreman-proxy-foreman-base-url=https://puppet.hq0

and now i get this error :

Could not find dependent Class[Foreman::Service] for Package[setup] at
/usr/share/foreman-installer/modules/foreman/manifests/plugin.pp:16

I think i miss something, maybe i'm not providing the correct options, but
i can't find a good explanation on how to setup this kind of features. It
strange because i think this is a common task.
Post by Lukas Zapletal
--
Later,
Lukas #lzap Zapletal
--
You received this message because you are subscribed to the Google Groups "Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+***@googlegroups.com.
To post to this group, send email to foreman-***@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Lukas Zapletal
2015-01-13 12:59:17 UTC
Permalink
Post by claude juif
Could not find dependent Class[Foreman::Service] for Package[setup] at
/usr/share/foreman-installer/modules/foreman/manifests/plugin.pp:16
We are not including some dependencies, I am not Puppet expert. Anyone
else?
--
Later,
Lukas #lzap Zapletal
--
You received this message because you are subscribed to the Google Groups "Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+***@googlegroups.com.
To post to this group, send email to foreman-***@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
claude juif
2015-01-13 14:25:11 UTC
Permalink
Hi,

I've finally get it working with this :

foreman-installer \
--no-enable-foreman \
--no-enable-foreman-cli \
--no-enable-foreman-plugin-bootdisk \
--no-enable-foreman-plugin-setup \
--no-enable-puppet \
--enable-foreman-proxy \
--foreman-proxy-puppetca=false \
--foreman-proxy-puppetrun=false \
--foreman-proxy-tftp=true \
--foreman-proxy-tftp-servername=172.16.1.5 \
--foreman-proxy-dhcp=true \
--foreman-proxy-dhcp-interface=eth0 \
--foreman-proxy-dhcp-gateway=172.16.1.1 \
--foreman-proxy-dhcp-range="172.16.1.10 172.16.1.230" \
--foreman-proxy-dhcp-nameservers="172.16.1.5" \
--foreman-proxy-dns=true \
--foreman-proxy-dns-interface=eth0 \
--foreman-proxy-dns-zone=ny0.lan \
--foreman-proxy-dns-reverse=1.16.172.in-addr.arpa \
--foreman-proxy-dns-forwarders=172.16.1.2 \
--foreman-proxy-foreman-base-url=https://fm.ny0.lan \
--foreman-proxy-trusted-hosts=puppet.hq0 \
--foreman-proxy-oauth-consumer-key=xx \
--foreman-proxy-oauth-consumer-secret=xx \
--foreman-proxy-registered-proxy-url=https://fm.ny0.lan:8443

I really wonder how i can miss this part on the foreman manual.

Thanks for your help,
Post by Lukas Zapletal
Post by claude juif
Could not find dependent Class[Foreman::Service] for Package[setup] at
/usr/share/foreman-installer/modules/foreman/manifests/plugin.pp:16
We are not including some dependencies, I am not Puppet expert. Anyone
else?
--
Later,
Lukas #lzap Zapletal
--
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+***@googlegroups.com.
To post to this group, send email to foreman-***@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Lukas Zapletal
2015-01-14 09:16:44 UTC
Permalink
Post by claude juif
foreman-installer \
--no-enable-foreman \
--no-enable-foreman-cli \
--no-enable-foreman-plugin-bootdisk \
--no-enable-foreman-plugin-setup \
--no-enable-puppet \
--enable-foreman-proxy \
--no-enable-foreman-cli \
--no-enable-foreman-plugin-bootdisk \
--no-enable-foreman-plugin-setup \
It should.
Post by claude juif
I really wonder how i can miss this part on the foreman manual.
Well, I guess we have a documentation now :-)

I will make a patch to
http://theforeman.org/manuals/1.7/#4.3SmartProxies

Thanks.
--
Later,
Lukas #lzap Zapletal
--
You received this message because you are subscribed to the Google Groups "Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+***@googlegroups.com.
To post to this group, send email to foreman-***@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
claude juif
2015-01-14 11:52:46 UTC
Permalink
I've tried without and it didn't work.

If i enable foreman cli, i need to pass username and password as well, but
i end up with the failed dependency on foreman::service mention earlier.

If i can help you in any way, feel free to tell me ;)
Post by Lukas Zapletal
Post by claude juif
foreman-installer \
--no-enable-foreman \
--no-enable-foreman-cli \
--no-enable-foreman-plugin-bootdisk \
--no-enable-foreman-plugin-setup \
--no-enable-puppet \
--enable-foreman-proxy \
--no-enable-foreman-cli \
--no-enable-foreman-plugin-bootdisk \
--no-enable-foreman-plugin-setup \
It should.
Post by claude juif
I really wonder how i can miss this part on the foreman manual.
Well, I guess we have a documentation now :-)
I will make a patch to
http://theforeman.org/manuals/1.7/#4.3SmartProxies
Thanks.
--
Later,
Lukas #lzap Zapletal
--
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+***@googlegroups.com.
To post to this group, send email to foreman-***@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
Loading...