Support #8296
closedsmart_proxy not starting -foreman
Description
Foreman installation(1.6.1) went smooth but found out later smart_proxy is stopped. Getting below error while starting it and also if I try to
add classes from my puppetmaster to foreman.Any pointer will be helpfull as new to foreman.
/etc/init.d/foreman-proxy start
Starting Foreman Proxy on 4567 using WEBrick
/usr/share/foreman-proxy/bin/../lib/sinatra-patch.rb:22:in `run!': private method `gsub' called for false:FalseClass (NoMethodError)
from /usr/share/foreman-proxy/bin/smart-proxy:44
Error while importing classes from puppet master
Warning!
ERF12-2749 [ProxyAPI::ProxyException]: Unable to get environments from Puppet ([Errno::ECONNREFUSED]: Connection refused - connect(2)) for proxy https://omething.localdomain:8443/puppet
_
Please note :Disable firewall for testing but no luck!
Updated by Dominic Cleal over 9 years ago
- Project changed from Foreman to Smart Proxy
- Status changed from New to Feedback
Can you pastebin your /etc/foreman-proxy/settings.yml and settings.d/*.yml files? Sounds like there's some configuration that's breaking it.
Updated by Biswajit Banerjee over 9 years ago
Please find below...
# cat settings.yml --- ### File managed with puppet ### ## Module: 'foreman_proxy' :settings_directory: /etc/foreman-proxy/settings.d # SSL Setup # if enabled, all communication would be verfied via SSL # NOTE that both certificates need to be signed by the same CA in order for this to work # see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information :ssl_ca_file: /var/lib/puppet/ssl/certs/ca.pem :ssl_certificate: /var/lib/puppet/ssl/certs/cfadmin.localdomain.pem :ssl_private_key: /var/lib/puppet/ssl/private_keys/cfadmin.localdomain.pem # the hosts which the proxy accepts connections from # commenting the following lines would mean every verified SSL connection allowed :trusted_hosts: - cfadmin.localdomain # by default smart_proxy runs in the foreground. To enable running as a daemon, uncomment 'daemon' setting :daemon: true # Only used when 'daemon' is set to true. # Uncomment and modify if you want to change the default pid file '/var/run/foreman-proxy/foreman-proxy.pid' #:daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid # HTTP ports configuration # http is disabled by default. To enable, uncomment 'http_port' setting # https is enabled if certificate, CA certificate, and private key are present in locations specifed by # ssl_certificate, ssl_ca_file, and ssl_private_key correspondingly # default values for https_port is 8443 #:http_port: 8000 :https_port: 8443 # shared options for virsh DNS/DHCP provider :virsh_network: default # Where our proxy log files are stored # filename or STDOUT :log_file: /var/log/foreman-proxy/proxy.log # valid options are # WARN, DEBUG, Error, Fatal, INFO, UNKNOWN #:log_level: DEBUG
________________________
:/etc/foreman-proxy/settings.d# pwd /etc/foreman-proxy/settings.d root@cfadmin:/etc/foreman-proxy/settings.d# ls bmc.yml dhcp.yml puppetca.yml realm.yml chef.yml dns.yml puppet.yml tftp.yml # cat puppet.yml --- # Puppet management :enabled: true :puppet_conf: /etc/puppet/puppet.conf # valid providers: # puppetrun (for puppetrun/kick, deprecated in Puppet 3) # mcollective (uses mco puppet) # puppetssh (run puppet over ssh) # salt (uses salt puppet.run) # customrun (calls a custom command with args) #:puppet_provider: puppetrun # customrun command details # Set :customrun_cmd to the full path of the script you want to run, instead of /bin/false :customrun_cmd: /bin/false # Set :customrun_args to any args you want to pass to your custom script. The hostname of the # system to run against will be appended after the custom commands. :customrun_args: -ay -f -s # whether to use sudo before the ssh command :puppetssh_sudo: false # the command which will be sent to the host :puppetssh_command: /usr/bin/puppet agent --onetime --no-usecacheonfailure # With which user should the proxy connect #:puppetssh_user: root #:puppetssh_keyfile: /etc/foreman-proxy/id_rsa # Which user to invoke sudo as to run puppet commands #:puppet_user: root # URL of the puppet master itself for API requests :puppet_url: https://cfadmin.localdomain:8140 # SSL certificates used to access the puppet master API :puppet_ssl_ca: /var/lib/puppet/ssl/certs/ca.pem :puppet_ssl_cert: /var/lib/puppet/ssl/certs/cfadmin.localdomain.pem :puppet_ssl_key: /var/lib/puppet/ssl/private_keys/cfadmin.localdomain.pem # Override use of Puppet's API to list environments, by default it will use only if # environmentpath is given in puppet.conf, else will look for environments in puppet.conf #:puppet_use_environment_api: true
cat puppetca.yml --- # PuppetCA management :enabled: true :ssldir: /var/lib/puppet/ssl :puppetdir: /etc/puppet # cat dns.yml --- # DNS management :enabled: false # valid providers: # dnscmd (Microsoft Windows native implementation) # nsupdate # nsupdate_gss (for GSS-TSIG support) # virsh (simple implementation for libvirt) :dns_provider: nsupdate :dns_key: /etc/bind/rndc.key # use this setting if you are managing a dns server which is not localhost though this proxy :dns_server: 127.0.0.1 # use this setting if you want to override default TTL setting (86400) :dns_ttl: 86400 # use dns_tsig_* for GSS-TSIG updates using Kerberos. Required for Windows MS DNS with # Secure Dynamic Updates, or BIND as used in FreeIPA. Set dns_provider to nsupdate_gss. #:dns_tsig_keytab: /usr/share/foreman-proxy/dns.keytab #:dns_tsig_principal: DNS/host.example.com@EXAMPLE.COM
__________
Updated by Dominic Cleal over 9 years ago
Could you double check which version of foreman-proxy is installed? I think you have a 1.5.x version of the package, but the config files are set up for version 1.6.x. Use dpkg -l/rpm -q to check, and upgrade it to 1.6 if possible.
Updated by Biswajit Banerjee over 9 years ago
I am not getting the error while start the foreman-proxy but the issue to import classes from my localdomain still failing.
__________
Warning!
ERF12-2749 [ProxyAPI::ProxyException]: Unable to get environments from Puppet ([Errno::ECONNREFUSED]: Connection refused - connect(2)) for proxy https://cfadmin.localdomain:8443/puppet
______________________________
updated settings.yml _____________________ --- #replace default location of "settings.d" :settings_directory: /etc/foreman-proxy/settings.d # SSL Setup # If enabled, all communication would be verified via SSL # NOTE that both certificates need to be signed by the same CA in order for this to work #see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information :ssl_certificate: /var/lib/puppet/ssl/certs/cfadmin.localdomain.pem :ssl_ca_file:/var: /lib/puppet/ssl/certs/ca.pem :ssl_private_key: /var/lib/puppet/ssl/private_keys/cfadmin.localdomain.pem # Hosts which the proxy accepts connections from # commenting the following lines would mean every verified SSL connection allowed #:trusted_hosts: #- foreman.prod.domain - cfadmin.localdomain #:foreman_url: http://cfadmin.localdomain:3000 # by default smart_proxy runs in the foreground. To enable running as a daemon, uncomment 'daemon' setting :daemon: true # Only used when 'daemon' is set to true. # Uncomment and modify if you want to change the default pid file '/var/run/foreman-proxy/foreman-proxy.pid' :daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid # HTTP ports configuration # http is disabled by default. To enable, uncomment 'http_port' setting #:http_port: 8000 # https is enabled if certificate, CA certificate, and private key are present in locations specifed by # ssl_certificate, ssl_ca_file, and ssl_private_key correspondingly # default values for https_port is 8443 :https_port: 8443 # Shared options for virsh DNS/DHCP provider :virsh_network: default # Log configuration # Uncomment and modify if you want to change the location of the log file or use STDOUT :log_file: /var/log/foreman-proxy/proxy.log # Uncomment and modify if you want to change the log level # WARN, DEBUG, ERROR, FATAL, INFO, UNKNOWN :log_level: ERROR
Updated by Dominic Cleal over 9 years ago
Can you check /var/log/foreman-proxy/proxy.log to see if anything is logged?
If not, run sudo -u foreman-proxy /usr/share/foreman-proxy/bin/smart-proxy directly and see if it prints an error.
Updated by Biswajit Banerjee over 9 years ago
I am not getting the error while start the foreman-proxy but the issue to import classes from my localdomain still failing.
__
Warning!
ERF12-2749 [ProxyAPI::ProxyException]: Unable to get environments from Puppet ([Errno::ECONNREFUSED]: Connection refused - connect(2)) for proxy https://cfadmin.localdomain:8443/puppet
______________________
updated settings.yml
_____________
--- #replace default location of "settings.d" :settings_directory: /etc/foreman-proxy/settings.d # SSL Setup # If enabled, all communication would be verified via SSL # NOTE that both certificates need to be signed by the same CA in order for this to work #see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information :ssl_certificate: /var/lib/puppet/ssl/certs/cfadmin.localdomain.pem :ssl_ca_file:/var: /lib/puppet/ssl/certs/ca.pem :ssl_private_key: /var/lib/puppet/ssl/private_keys/cfadmin.localdomain.pem # Hosts which the proxy accepts connections from # commenting the following lines would mean every verified SSL connection allowed #:trusted_hosts: #- foreman.prod.domain - cfadmin.localdomain #:foreman_url: http://cfadmin.localdomain:3000 # by default smart_proxy runs in the foreground. To enable running as a daemon, uncomment 'daemon' setting :daemon: true # Only used when 'daemon' is set to true. # Uncomment and modify if you want to change the default pid file '/var/run/foreman-proxy/foreman-proxy.pid' :daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid # HTTP ports configuration # http is disabled by default. To enable, uncomment 'http_port' setting #:http_port: 8000 # https is enabled if certificate, CA certificate, and private key are present in locations specifed by # ssl_certificate, ssl_ca_file, and ssl_private_key correspondingly # default values for https_port is 8443 :https_port: 8443 # Shared options for virsh DNS/DHCP provider :virsh_network: default # Log configuration # Uncomment and modify if you want to change the location of the log file or use STDOUT :log_file: /var/log/foreman-proxy/proxy.log # Uncomment and modify if you want to change the log level # WARN, DEBUG, ERROR, FATAL, INFO, UNKNOWN :log_level: ERROR root@cfadmin:/etc/foreman-proxy# sudo -u foreman-proxy /usr/share/foreman-proxy/bin/smart-proxy root@cfadmin:/etc/foreman-proxy#
<<It did not return anything>> , so configuration is OK ?
Adding to that I am not seeing any foreman-proxy process, perhaps not started at all but not throwing any error while starting.
root@cfadmin:~# ps -eaf | grep foreman-proxy | grep -v grep
root@cfadmin:~#
Updated by Dominic Cleal over 9 years ago
Yeah, the problem is that the process isn't starting which causes the error in Foreman. Now the proxy is the right version I think the settings are broadly correct.
Please try setting :daemon to false in the settings.yml, and then run the sudo smart-proxy command again. It may show us the error message then. Be sure to change daemon back to true once we're finished.
Updated by Biswajit Banerjee over 9 years ago
root@cfadmin:/etc/foreman-proxy# /etc/init.d/foreman-proxy start
foreman-proxy: :daemon is false in /etc/foreman-proxy/settings.yml; not starting service
root@cfadmin:/etc/foreman-proxy# sudo -u foreman-proxy /usr/share/foreman-proxy/bin/smart-proxy
(did not print any again)
again that error repeated.
E, [2014-11-06T15:50:50.223561 #10726] ERROR -- : Both http and https are disabled, unable to start.