Will do. Its just a quirky problem that is happening on both versions of
Centos and OL6. Now let me say, these machines are both back on versions,
the Centos is 6.5 and the OL is 6.4. I wanted them back revs so I could
make sure they were pulling updates correctly. If they have to be at a
certain rev to work, then it is a different issue, because I have them in
all sorts of rev versions and are unable to update them.
---------------
Len Ewen
Systems Administrator 1
Information Technology
University of Indianapolis
(317) 788-3362
[image: UIndyIT.jpg]
Confidentiality Notice: This communication and/or its content are for the
sole use of the intended recipient, and may be privileged, confidential, or
otherwise protected from disclosure by law. If you are not the intended
recipient, please notify the sender and then delete all copies of it.
Unless you are the intended recipient, your use or dissemination of the
information contained in this communication may be illegal.
On Wed, Jul 15, 2020 at 10:21 AM Julio González Gil
All looks good OK (except for the error, of course).
Please open an Uyuni issue, and add all the information there. I will try to reproduce the problem and fix it if I can reproduce.
Thanks!
client-config-overrides.txt enableProxy=0 enableProxyAuth=0 httpProxy= noSSLServerURL=http://uyuni.test.uindy.edu/XMLRPC proxyPassword= proxyUser= serverURL=https://uyuni.test.uindy.edu/XMLRPC sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT useGPG=1
command to kick off bootstrap ./bootstrap.sh
Using it for Salt
Version Information for package Uyuni-Server-release: --------------------------------------------- Repository : uyuni-server-stable Name : Uyuni-Server-release Version : 2020.06-78.2.uyuni Arch : x86_64 Vendor : obs://build.opensuse.org/systemsmanagement:Uyuni Support Level : Level 3 Installed Size : 1.4 KiB Installed : Yes (automatically) Status : up-to-date Source package : Uyuni-Server-release-2020.06-78.2.uyuni.src Summary : Uyuni Server
---------------
Len Ewen
Systems Administrator 1
Information Technology
University of Indianapolis
(317) 788-3362
[image: UIndyIT.jpg]
Confidentiality Notice: This communication and/or its content are for the sole use of the intended recipient, and may be privileged, confidential, or otherwise protected from disclosure by law. If you are not the intended recipient, please notify the sender and then delete all copies of it. Unless you are the intended recipient, your use or dissemination of the information contained in this communication may be illegal.
On Tue, Jul 14, 2020 at 6:09 PM Julio González Gil
wrote:
This is strange, your log says:
* configured not to use SSL: don't install corporate public CA cert
So I'd say that's what causing your problem... but I don't know why it is hapening.
At the bootstrap script you have have:
USING_SSL=1
Which is OK.
And the part of the code that shows the message I pasted above if USING_SSL
equals 0, as you can see if you inspect the script (you will find):
if [ $USING_SSL -eq 1 ] ; then [...a lot of lines to the CA import...] else
echo "* configured not to use SSL: don't install corporate
cert"
fi
So in your case the RPM should get downloaded, installed, and the SSL verification should not fail.
I am running out of ideas, but four final questions:
1) Can you paste the content of client-config-overrides.txt? 2) Can you give us the CLI call you are using for the bootstrap? 3) Is the bootstrap script for traditional or for salt? 4) Are you using Uyuni Stable 2020.06 or Uyuni Master? (if not sure, please run `zypper info Uyuni-Server-release` on the server.
It's strange this is failing as we recently tested Oracle6 both salt
and
traditional bootstrap from script, it was working and I don't recally any change to the bootstrap script generator.
So if my next email (after you send us the answers for the questions) is unable to fix your problem, I will ask for a bug report to go deeper into this, and to try to reproduce it.
On martes, 14 de julio de 2020 17:44:45 (CEST) Len Ewen wrote:
No, I didn't make any changes to the file. Here is the bootstrap.sh
CLIENT_OVERRIDES=client-config-overrides.txt HOSTNAME=uyuni.test.uindy.edu
ORG_CA_CERT=rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm ORG_CA_CERT_IS_RPM_YN=1
USING_SSL=1 USING_GPG=1
REGISTER_THIS_BOX=1
ALLOW_CONFIG_ACTIONS=1 ALLOW_REMOTE_COMMANDS=1
# this variable is only relevant for traditional clients and is ignored
on
salt minions FULLY_UPDATE_THIS_BOX=0
# Set if you want to specify profilename for client systems. # NOTE: Make sure it's set correctly if any external command is used. # # ex. PROFILENAME="foo.example.com" # For specific client system # PROFILENAME=`hostname -s` # Short hostname # PROFILENAME=`hostname -f` # FQDN PROFILENAME="" # Empty by default to let it be set automatically.
# After registration, before updating the system (or at least the
installer)
# disable all repos not provided by SUSE Manager. DISABLE_LOCAL_REPOS=1
# Disable yasts automatic online update feature in case it is enabled # on the client. Leaving automatic online update enabled, the client
would
# continue to update himself independently from SUSE Manager requests. DISABLE_YAST_AUTOMATIC_ONLINE_UPDATE=1
# SUSE Manager Specific settings: # # - Alternate location of the client tool repos providing the zypp-plugin-spacewalk # and packges required for registration. Unless they are already
installed
on the # client this repo is expected to provide them for SLE-10/SLE-11
clients: # ${CLIENT_REPOS_ROOT}/sle/VERSION/PATCHLEVEL # If empty, the SUSE Manager repositories provided at https:// ${HOSTNAME}/pub/repositories # are used. CLIENT_REPOS_ROOT=
I just changed the two lines.
---------------
Len Ewen
Systems Administrator 1
Information Technology
University of Indianapolis
(317) 788-3362
[image: UIndyIT.jpg]
Confidentiality Notice: This communication and/or its content are for the sole use of the intended recipient, and may be privileged, confidential,
or
otherwise protected from disclosure by law. If you are not the intended recipient, please notify the sender and then delete all copies of it. Unless you are the intended recipient, your use or dissemination of
information contained in this communication may be illegal.
On Tue, Jul 14, 2020 at 11:36 AM Julio González Gil < jgonzalez@suse.com>
wrote:
Can you share the content of your bootstrap script until the part
where it
says:
# DO NOT EDIT BEYOND THIS POINT
Did you change anything at client-config-overrides.txt?
On martes, 14 de julio de 2020 17:30:49 (CEST) Len Ewen wrote:
It is the self signed certificate that is created by default uyuni.
I
didn't even need to use the certificate when I install OL7 or Cent7
boxes.
It just sees to work. Ol6 and Cent6 seem to be a little more needy. ---------------
Len Ewen
Systems Administrator 1
Information Technology
University of Indianapolis
(317) 788-3362
[image: UIndyIT.jpg]
Confidentiality Notice: This communication and/or its content are for the sole use of the intended recipient, and may be privileged,
confidential,
or
otherwise protected from disclosure by law. If you are not the
intended
recipient, please notify the sender and then delete all copies of it. Unless you are the intended recipient, your use or dissemination of
the
information contained in this communication may be illegal.
On Tue, Jul 14, 2020 at 11:06 AM Julio González Gil <
jgonzalez@suse.com>
wrote: > Who issued the SSL certificate you are using? > > Is it the self-signed certificate that Uyuni creates by default? > > If not, you need to follow
https://www.uyuni-project.org/uyuni-docs/uyuni/
> administration/ssl-certs- > <
https://www.uyuni-project.org/uyuni-docs/uyuni/administration/ssl-certs->
>
imported.html#_replace_certificates_with_a_third_party_certificate
> > In the end you will get a RPM published, and if you open your > bootstrap > script, you will notice this warning: > > echo "Verify that the script variable settings are correct:" > echo " - CLIENT_OVERRIDES should be only set differently if a > customized" > echo " client-config-overrides-VER.txt file was created with > a > different" > echo " name." > echo " - ensure the value of HOSTNAME is correct." > echo " - ensure the value of ORG_CA_CERT is correct." > > And below there's the value of the RPM: > > ORG_CA_CERT=rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm > > So all in all, the short story is: you need to generate the RPMs,
install
> them > and deploy them and then update the bootstrap scripts. > > On martes, 14 de julio de 2020 16:14:43 (CEST) Len Ewen wrote: > > UPDATING RHN_REGISTER/UP2DATE CONFIGURATION FILES > > ------------------------------------------------- > > * downloading necessary files > > > > client_config_update.py... > > > > 2020-07-14 09:52:25 URL: http://uyuni.test.uindy.edu/pub/bootstrap/client_config_update.py
> > [6456/6456] -> "client_config_update.py" [1] > > FINISHED --2020-07-14 09:52:25-- > > Downloaded: 1 files, 6.3K in 0s (12025 GB/s) > > > > client-config-overrides.txt... > > > > 2020-07-14 09:52:25 URL:
http://uyuni.test.uindy.edu/pub/bootstrap/client-config-overrides.txt
> > [629/629] -> "client-config-overrides.txt" [1] > > FINISHED --2020-07-14 09:52:25-- > > Downloaded: 1 files, 629 in 0s (1172 GB/s) > > > > PREPARE GPG KEYS AND CORPORATE PUBLIC CA CERT > > ------------------------------------------------- > > > > * importing organizational GPG keys > > 2020-07-14 09:52:25 URL: > >
http://uyuni.test.uindy.edu/pub/uyuni-gpg-pubkey-0d20833e.key
> > [1126/1126] > > > -> "uyuni-gpg-pubkey-0d20833e.key" [1] > > FINISHED --2020-07-14 09:52:25-- > > Downloaded: 1 files, 1.1K in 0s (2097 GB/s) > > > > * configured not to use SSL: don't install corporate public CA
cert
> > CLEANING UP OLD SUSE MANAGER REPOSITORIES > > ------------------------------------------------- > > > > CHECKING THE REGISTRATION STACK > > ------------------------------------------------- > > * check for necessary packages being installed... > > * client codebase is oracle-6 > > package salt is not installed > > package salt-minion is not installed > > WARNING: cannot verify uyuni.test.uindy.edu’s certificate,
issued by
> > “/C=US/ST=IN/L=Indy/O=Uindy/OU=Uindy/CN=uyuni.test.uindy.edu ”: > > Unable to locally verify the issuer’s authority. > > > > 2020-07-14 09:52:25 URL:
https://uyuni.test.uindy.edu/pub/repositories/oracle/6/bootstrap/repodata/
> re> > > > pomd.xml [2618/2618] -> "repomd.xml" [1] > > FINISHED --2020-07-14 09:52:25-- > > Downloaded: 1 files, 2.6K in 0s (4876 GB/s) > > > > adding client software repository at > > > >
https://uyuni.test.uindy.edu/pub/repositories/oracle/6/bootstrap
> > * going to install missing packages...
https://uyuni.test.uindy.edu/pub/repositories/oracle/6/bootstrap/repodata/
> re> > > > pomd.xml: [Errno 14] problem making ssl connection > > Trying other mirror. > > Error: Cannot retrieve repository metadata (repomd.xml) for
repository:
> > susemanager:bootstrap. Please verify its path and try again > > package salt is not installed > > ERROR: Failed to install all missing packages. > > > > --------------- > > > > Len Ewen > > > > Systems Administrator 1 > > > > Information Technology > > > > University of Indianapolis > > > > (317) 788-3362 > > > > [image: UIndyIT.jpg] > > > > Confidentiality Notice: This communication and/or its content > > are > > for > > the > > sole use of the intended recipient, and may be privileged,
confidential,
> or > > > otherwise protected from disclosure by law. If you are not
intended
> > recipient, please notify the sender and then delete all
copies
> > of > > it. > > Unless you are the intended recipient, your use or dissemination
of
the
> > information contained in this communication may be illegal. > > > > > > On Tue, Jul 14, 2020 at 9:25 AM Julio González Gil <
jgonzalez@suse.com>
> > wrote: > > > Can you provide the log so we can see the error? > > > > > > On martes, 14 de julio de 2020 15:22:39 (CEST) Len Ewen wrote: > > > > I am getting an error where it cannot find the ssl
certificate
even
> > > though > > > > > > > it is in the bootstrap file. Oracle Linux 7 and Centos 7 > > > > install > > fine, > > > > but > > > > > > > C6 and OL6 just freak out with the install. Is there some
sort
of
> magic > > > > I > > > > > > > am missing to get C6 and OL6 to install properly? > > > > > > > > --------------- > > > > > > > > Len Ewen > > > > > > > > Systems Administrator 1 > > > > > > > > Information Technology > > > > > > > > University of Indianapolis > > > > > > > > (317) 788-3362 > > > > > > > > [image: UIndyIT.jpg] > > > > > > > > Confidentiality Notice: This communication and/or its > > > > content > > > > are > > > > for > > > > the > > > > sole use of the intended recipient, and may be
On miércoles, 15 de julio de 2020 16:14:29 (CEST) Len Ewen wrote: public CA based the the privileged,
> > confidential, > > > > or > > > > > > > otherwise protected from disclosure by law. If you are not
the
> intended > > > > > recipient, please notify the sender and then delete all
copies
> > > > of > > > > it. > > > > Unless you are the intended recipient, your use or
dissemination
of
> the > > > > > information contained in this communication may be illegal. > > > > > > -- > > > Julio González Gil > > > Release Engineer, SUSE Manager and Uyuni > > > jgonzalez@suse.com > > -- > Julio González Gil > Release Engineer, SUSE Manager and Uyuni > jgonzalez@suse.com
-- Julio González Gil Release Engineer, SUSE Manager and Uyuni jgonzalez@suse.com
-- Julio González Gil Release Engineer, SUSE Manager and Uyuni jgonzalez@suse.com
-- Julio González Gil Release Engineer, SUSE Manager and Uyuni jgonzalez@suse.com