Puppet required?
by Avram Lubkin
I was looking over the project and it looks interesting, much improved over
Spacewalk. I particularly like how different projects are used instead of
one monolithic project. There's just one thing that concerns me. It looks
like if I want to do provisioning I have to use Foreman and if I use
Foreman I have to use Puppet. Since Puppet requires ruby installed on all
clients I can't deploy it. This is due to a security requirement. I can't
add interpreters to a system unless I have a good justification. I can do
what puppet does without adding another interpreter, so I can't justify it.
I know there are lots of organizations that use puppet and probably install
Ruby to support it, but I've never worked with a group that would allow
that. Any plans to support CFengine or something similar that wouldn't
require another interpreter on the clients? Python is Okay too, since any
RHEL or RHEL-like system already has it.
Please reply all, not on the list.
Thanks,
Avram
10 years, 11 months
Katello postgres backends - replication and failover via pgpool-II
by corey welton
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All,
Below is a wiki article I've written that outlines a little preliminary
research I've done on using pgpool-II as a layer between katello and
the postgres backend, in order to enable db replication and failover.
https://fedorahosted.org/katello/wiki/KatelloFailoverUsingPGPoolII
A few [very considerable] caveats:
* It's not currently possible to install katello natively against
pgpool[1]. It could probably be done with some tweaks to
katello-configure and/or katello/candlepin config files, but I
haven't figured those changes out. Right now ,initially, you'll have
to:
(a) install it,
(b) shut it (and all associated services) down,
(c) manually copy a snapshot of katelloschema/candlepin over to your
other dbs, and
(d) point katello and candlepin to your pgpool-II port (9999) vs
postgres (5432), before restarting.
* The scope of this experiment is limited to the postgresql portions of
katello -- katello itself and candlepin. Pulp, which uses mongodb, is
not covered here.
* There has not been a great deal of research done on this beyond
creating users, orgs, etc. This was a proof-of-concept effort.
What does this mean?
* Here there be dragons! !!!This is not a supported configuration!!!
* There's a lot of curious things for those interested in trying out
new stuff!
A few higher-priority tasks to look into might be:
1. Figuring out necessary modifications to katello-configure, etc., to
be able to natively install against pgpool
2. Work out the bugs seen when using pgpool's query_cache, particularly
figuring out why Organizational environments don't seem to display with
it enabled.
3. Figuring out how to enable and automate db node recovery - when a
node goes down, how does it get brought back up to par (Slony? WAL?)
4. Once #3 is figured out, assure that the failover actually functions.
It _should_ "just work" but I've only go so far as to test replication
since I haven't figured out #3.
Lower priority tasks might be:
1. Experiment with parallel queries (a feature supported by pgpool).
2. Affinity configurations/multi-headed pgpool instances
3. Experiment with load-balancing (a feature supported by pgpool).
Actually, I have been running with this enabled but haven't done any
real tests.
Anyway, I'd be interested in seeing what sort of things anyone else
could figure out. I'm not a pgsql expert so I am kind of reaching the
outer limits of my current knowledge on that front. Anyone? Anyone?
Bueller?
Thanks,
Corey.
[1] To paraphrase Boromir, "One does not simply install katello
against pgpool."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iEYEARECAAYFAk++bw4ACgkQQISRiYQQwezYTwCeILmRPMuXVaKnSZnCj4hURycn
rGQAnRHY+c1pnFJ7uCYm7kGAf8wGvCDw
=4Zi7
-----END PGP SIGNATURE-----
11 years, 11 months
New katello build available
by Lukas Zapletal
Hello,
we prepared new build today. There is still liquibase workaround
needed. (*) The liquibase update is now in process of getting into the
stable (Fedora and EPEL), its just a matter of few days to get there.
The version must be higher than -7 so be sure to use the workaround (*)
or wait until weekend.
Also with Fedora 16+ you can run into issues with mongodb
initialization. This is because mongodb preallocates about 3 GBs of data
during its first start and puppet can fail configuring Pulp because
socket is not ready during initialization. On Fedora please start mongo
BEFORE katello-configure and wait about 3 minutes until it responds (you
can use "mongo" command to connect to the database). We will deliver fix
next week.
(*) Workaround:
#!/bin/bash
FEDORA_VERSION=$(rpm -q --queryformat '%{VERSION}' fedora-release)
echo Fedora version: $FEDORA_VERSION
REDHAT_VERSION=$(rpm -q --queryformat '%{VERSION}'
redhat-release-server)
echo Red Hat version: $REDHAT_VERSION
CENTOS_VERSION=$(rpm -q --queryformat '%{VERSION}' centos-release)
echo CentOS version: $CENTOS_VERSION
if [ "$FEDORA_VERSION" == "16" ]; then
cat > /etc/yum.repos.d/goodwin.repo <<EOF
# temporary until its there
[epel-goodwin]
name=Extra Goodwin Packages for F16 - \$basearch
baseurl=http://repos.fedorapeople.org/repos/dgoodwin/liquibase/fedora-16/...
enabled=1
gpgcheck=0
EOF
fi
if [ "$REDHAT_VERSION" == "6Server" -o "$CENTOS_VERSION" == "6" ];
then
cat > /etc/yum.repos.d/goodwin.repo <<EOF
# temporary until its there
[epel-goodwin]
name=Extra Goodwin Packages for Enterprise Linux 6 - \$basearch
baseurl=http://repos.fedorapeople.org/repos/dgoodwin/liquibase/epel-6/x86...
enabled=1
gpgcheck=0
EOF
fi
yum -y install liquibase postgresql-jdbc
--
Later,
Lukas "lzap" Zapletal
#katello #systemengine
11 years, 11 months
Katello in Fedora 16
by Pavel Pokorný
Hi,
I am trying to install Katello on clean Fedora 16 in VirtualBox. After few
hours its still not working.
I find out from logs that liquibase and tcnative packages were missing and
required. Then I had to change ownership of some folders (mentioned in
comment of bug report). But there is still some problem with ssl
certificates I think. Could somebody help me with this?
$ sudo katello-configure
Starting Katello configuration
The top-level log file is
[/var/log/katello/katello-configure-20120518-231646/main.log]
err: /Stage[main]/Candlepin::Service/Exec[wait for candlepin]/returns:
change from notrun to 0 failed: Command exceeded timeout at
/usr/share/katello/install/puppet/modules/candlepin/manifests/service.pp:10
katello-debug
https://www.dropbox.com/s/2r1tj2yl07tp9h1/katello-debug-20120518232351.ta...
$ sudo /usr/share/candlepin/cpsetup
candlepin.conf already exists, skipping...
Cerficiates already exist, skipping...
Waiting for tomcat to restart...
Waiting for tomcat to restart...
Waiting for tomcat to restart...
Waiting for tomcat to restart...
########## ERROR ############
Error running command: wget -qO- http://localhost:8080/candlepin/admin/init
Status code: 2048
Command output:
Traceback (most recent call last):
File "/usr/share/candlepin/cpsetup", line 221, in <module>
main(sys.argv[1:])
File "/usr/share/candlepin/cpsetup", line 216, in main
run_command("wget -qO- http://localhost:8080/candlepin/admin/init")
File "/usr/share/candlepin/cpsetup", line 42, in run_command
raise Exception("Error running command")
Exception: Error running command
This is my second attempt to install it. I somehow managed to get over this
error first time but I cant remember how. But after this there was another
error - candlepin on port 8443 was not available.
What have I done wrong? I tried to follow
https://fedorahosted.org/katello/wiki/Install.
11 years, 11 months
New stable build - workaround needed
by Lukas Zapletal
Hey all,
we have a new stable build in the repo.
katello-0.2.38-1.fc16.noarch
katello-cli-0.2.36-1.fc16.noarch
katello-agent-1.0.3-1.fc16.noarch
pulp-1.1.8-1.fc16.noarch
candlepin-0.6.2-1.fc16.noarch
There is still an issue with a liquibase dependency, that can lead to
cpsetup errors. Please note you need liquibase-2.0.3-7, there is already
an older version (liquibase-2.0.3-6) in Fedora 16 which does NOT work
correctly. Having said that, you still need manually install liquibase
because of missing require in candlepin.
As a workaround, you need to add Devan Goodwin's repository and install
liquibase manually before you proceed with katello-configure. This
script should do the work for you:
#!/bin/bash
FEDORA_VERSION=$(rpm -q --queryformat '%{VERSION}' fedora-release)
echo Fedora version: $FEDORA_VERSION
REDHAT_VERSION=$(rpm -q --queryformat '%{VERSION}'
redhat-release-server)
echo Red Hat version: $REDHAT_VERSION
CENTOS_VERSION=$(rpm -q --queryformat '%{VERSION}' centos-release)
echo CentOS version: $CENTOS_VERSION
if [ "$FEDORA_VERSION" == "16" ]; then
cat > /etc/yum.repos.d/goodwin.repo <<EOF
# temporary until its there
[epel-goodwin]
name=Extra Goodwin Packages for F16 - \$basearch
baseurl=http://repos.fedorapeople.org/repos/dgoodwin/liquibase/fedora-16/...
enabled=1
gpgcheck=0
EOF
fi
if [ "$REDHAT_VERSION" == "6Server" -o "$CENTOS_VERSION" == "6" ]; then
cat > /etc/yum.repos.d/goodwin.repo <<EOF
# temporary until its there
[epel-goodwin]
name=Extra Goodwin Packages for Enterprise Linux 6 - \$basearch
baseurl=http://repos.fedorapeople.org/repos/dgoodwin/liquibase/epel-6/x86...
enabled=1
gpgcheck=0
EOF
fi
yum -y install liquibase
katello-configure ...
Take care!
--
Later,
Lukas "lzap" Zapletal
#katello #systemengine
11 years, 11 months
Katello repos working under CentOS6
by Lukas Zapletal
Hello,
I have created symlinks "6" -> "6Server" for all our katello and backend
engine repositories. Now both katello testing and stable should install
fine on CentOS 6.
--
Later,
Lukas "lzap" Zapletal
#katello #systemengine
11 years, 11 months
Katello on CentOS
by Lukas Zapletal
Hello,
today I successfully installed on CentOS and it's looking good.
I added just one line on our installation wiki page:
https://fedorahosted.org/katello/wiki/Install
It's because of katello-agent (requires rhsm which is not in CentOS).
Happy hacking.
--
Later,
Lukas "lzap" Zapletal
#katello #systemengine
11 years, 11 months
katello-configure cert deploy failed
by Pieter Baele
Hi,
On a freshly installed centos 6.2 I've this problem:
katello-configure
Starting Katello configuration
The top-level log file is
[/var/log/katello/katello-configure-20120503-152425/main.log]
err: /Stage[main]/Certs::Config/Exec[deploy-ssl-qpid-client-certificate]/returns:
change from notrun to 0 failed: rpm -qp
/root/ssl-build/lablxkat01.example.org/$(grep
noarch.rpm
/root/ssl-build/lablxkat01.example.org/latest.txt
) | xargs rpm -q; if
[ $? -ne 0 ]; then rpm -Uvh --force
/root/ssl-build/lablxkat01.example.org/$(grep
qpid-client.*noarch.rpm
/root/ssl-build/lablxkat01.example.org/latest.txt
); fi returned 1
instead of one of [0] at
/usr/share/katello/install/puppet/modules/certs/manifests/config.pp:298
Creating Katello database user
############################################################ ... OK
Creating Candlepin database user
############################################################ ... OK
Creating Candlepin database
############################################################ ... OK
Creating Katello database
############################################################ ... OK
err: /Stage[main]/Apache2/Exec[reload-apache2]: Failed to call
refresh: /etc/init.d/httpd reload returned 7 instead of one of [0] at
/usr/share/katello/install/puppet/modules/apache2/manifests/init.pp:14
Regards, PieterB
11 years, 11 months