[Spacewalk-list] Problem registring Spacewalk client
Bidault, Philippe
Philippe.Bidault at colt.net
Fri Dec 19 08:19:46 UTC 2014
Hello,
You are absolutely right, I can find the import in the kickstart profile, but ….. :
Kickstart profile :
# begin Red Hat management server registration
mkdir -p /usr/share/rhn/
wget http://192.168.253.1/pub/RHN-ORG-TRUSTED-SSL-CERT -O /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
perl -npe 's/RHNS-CA-CERT/RHN-ORG-TRUSTED-SSL-CERT/g' -i /etc/sysconfig/rhn/*
if [ -f /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release ]; then
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
fi
In the freshly kickstarted server :
[root at kickstarttest rpm-gpg]# ls -lrt
total 12
-rw-r--r--. 1 root root 1690 Jul 4 13:00 RPM-GPG-KEY-CentOS-Testing-7
-rw-r--r--. 1 root root 13 Jul 4 13:00 RPM-GPG-KEY-CentOS-Debug-7
-rw-r--r--. 1 root root 1690 Jul 4 13:00 RPM-GPG-KEY-CentOS-7
ð It does try to import the GPG key RPM-GPG-KEY-redhat-realease while only RPM-GPG-KEY-CentOS-7 is the exiting one on the server
How is that possible ?
Regards,
Philippe.
Philippe Bidault
Tel : +34 617 301 667
Tel bis : +34 93 550 1402
COLT ISU Managed Services
0811 653 653 / www.colt.net<http://www.colt.net/>
Colt Technology Services, 23-27 rue Pierre Valette, 92240 Malakoff, France
From: spacewalk-list-bounces at redhat.com [mailto:spacewalk-list-bounces at redhat.com] On Behalf Of Waldirio Manhães Pinheiro
Sent: 18 December 2014 20:40
To: spacewalk-list at redhat.com
Subject: Re: [Spacewalk-list] Problem registring Spacewalk client
No
When you kickstart a new machine, this step is included in your ks file. Take a look in ks file via webUI and check there, for sure the KS will download a key, import keys, etc.
Take Care
______________
Atenciosamente
Waldirio
msn: waldirio at gmail.com<mailto:waldirio at gmail.com>
Skype: waldirio
Site: www.waldirio.com.br<http://www.waldirio.com.br>
Blog: blog.waldirio.com.br<http://blog.waldirio.com.br>
LinkedIn: http://br.linkedin.com/pub/waldirio-pinheiro/22/b21/646
PGP: www.waldirio.com.br/public.html<http://www.waldirio.com.br/public.html>
On Thu, Dec 18, 2014 at 5:05 PM, Bidault, Philippe <Philippe.Bidault at colt.net<mailto:Philippe.Bidault at colt.net>> wrote:
This is working, but I still need to execute the “rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7”.
I can add this command on the post script, but is this normal or do I forget something ?
Regards,
Philippe.
Philippe Bidault
Tel : +34 617 301 667<tel:%2B34%20617%20301%20667>
Tel bis : +34 93 550 1402<tel:%2B34%2093%20550%201402>
COLT ISU Managed Services
0811 653 653 / www.colt.net<http://www.colt.net/>
Colt Technology Services, 23-27 rue Pierre Valette, 92240 Malakoff, France
From: spacewalk-list-bounces at redhat.com<mailto:spacewalk-list-bounces at redhat.com> [mailto:spacewalk-list-bounces at redhat.com<mailto:spacewalk-list-bounces at redhat.com>] On Behalf Of Dave Goodbourn
Sent: 18 December 2014 19:43
To: spacewalk-list at redhat.com<mailto:spacewalk-list at redhat.com>
Subject: Re: [Spacewalk-list] Problem registring Spacewalk client
Ah, I had this problem. I wasn't using the FQDN just the server name when using rhnreg_ks to register the client to Spacewalk.
Dave.
On 18 December 2014 at 18:29, Bidault, Philippe <Philippe.Bidault at colt.net<mailto:Philippe.Bidault at colt.net>> wrote:
Hello,
Found the problem ☺
Clue was in the end of “yum update” error message :
error was [Errno 14] curl#51 - "Unable to communicate securely with peer: requested domain name does not match the server's certificate."
Just modifying /etc/sysconfig/rhn/up2date to have hostname in serverURL line matching from what appears in the certificate solved my problem.
Thanks !!
Philippe.
Philippe Bidault
Tel : +34 617 301 667<tel:%2B34%20617%20301%20667>
Tel bis : +34 93 550 1402<tel:%2B34%2093%20550%201402>
COLT ISU Managed Services
0811 653 653 / www.colt.net<http://www.colt.net/>
Colt Technology Services, 23-27 rue Pierre Valette, 92240 Malakoff, France
From: Bidault, Philippe
Sent: 18 December 2014 19:18
To: spacewalk-list at redhat.com<mailto:spacewalk-list at redhat.com>
Subject: RE: [Spacewalk-list] Problem registring Spacewalk client
Hello,
Thanks for the quick answer.
This is not a firewall problem nor a network one as both servers are on the same VLAN.
I have checked the logs, no errors. I enclosed it with this mail.
After a fresh restart, I have this strange behaviour too, not sure if this is related with my original problem :
[root at kickstarttest ~]# yum update
Loaded plugins: fastestmirror, langpacks, rhnplugin
This system is receiving updates from RHN Classic or Red Hat Satellite.
You have enabled checking of packages via GPG keys. This is a good thing.
However, you do not have any GPG public keys installed. You need to download
the keys for packages you wish to install and install them.
You can do that by running the command:
rpm --import public.gpg.key
Alternatively you can specify the url to the key you would like to use
for a repository in the 'gpgkey' option in a repository section and yum
will install it for you.
For more information contact your distribution or package provider.
Problem repository: centos7-base-x86_64
If I import the key :
[root at kickstarttest rpm-gpg]# pwd
/etc/pki/rpm-gpg
[root at kickstarttest rpm-gpg]# rpm --import RPM-GPG-KEY-CentOS-7
I have the error shown in my first mail when executing “yum update” :
One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
Regards,
Philippe
Philippe Bidault
Tel : +34 617 301 667<tel:%2B34%20617%20301%20667>
Tel bis : +34 93 550 1402<tel:%2B34%2093%20550%201402>
COLT ISU Managed Services
0811 653 653 / www.colt.net<http://www.colt.net/>
Colt Technology Services, 23-27 rue Pierre Valette, 92240 Malakoff, France
From: spacewalk-list-bounces at redhat.com<mailto:spacewalk-list-bounces at redhat.com> [mailto:spacewalk-list-bounces at redhat.com] On Behalf Of Waldirio Manhães Pinheiro
Sent: 18 December 2014 18:10
To: spacewalk-list at redhat.com<mailto:spacewalk-list at redhat.com>
Subject: Re: [Spacewalk-list] Problem registring Spacewalk client
Philippe, good afternoon
Yes, this is a normal behavior, we are talking about CentOS and not RHEL. You may delete repo files in post script. In SW world is very "normal" this approach.
About don't get your external repor, you may check your env, for example, firewall, proxy, network, default gateway, etc etc etc
To register your client to SW, you may use AK to do this, enable in your ks the logs and you can check in the client possible errors.
Take Care
______________
Atenciosamente
Waldirio
msn: waldirio at gmail.com<mailto:waldirio at gmail.com>
Skype: waldirio
Site: www.waldirio.com.br<http://www.waldirio.com.br>
Blog: blog.waldirio.com.br<http://blog.waldirio.com.br>
LinkedIn: http://br.linkedin.com/pub/waldirio-pinheiro/22/b21/646
PGP: www.waldirio.com.br/public.html<http://www.waldirio.com.br/public.html>
On Thu, Dec 18, 2014 at 2:50 PM, Bidault, Philippe <Philippe.Bidault at colt.net<mailto:Philippe.Bidault at colt.net>> wrote:
Hello,
I have a problem after the kickstart of a CentOS 7 from a spacewalk server 2.2 (2.2.33-1.el6).
First of all, I do not understand the repos added by default on my fresh kickstarted client server :
[root at kickstarttest yum.repos.d]# ls -lrt
total 16
-rw-r--r--. 1 root root 156 Jul 4 13:00 CentOS-Vault.repo
-rw-r--r--. 1 root root 1331 Jul 4 13:00 CentOS-Sources.repo
-rw-r--r--. 1 root root 640 Jul 4 13:00 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 1612 Jul 4 13:00 CentOS-Base.repo
Knowing that I would only use the repos of my kickstart server. How can I change this behaviour ?
(I could remove the files from a post-script, but ….)
But the main problem I have is that I can’t register on my server spacewalk. I can see my server on the http console, but
From the client server, it shows me 0 package on the both channels added to this server :
[root at kickstarttest ~]# yum repolist
Loaded plugins: fastestmirror, langpacks, rhnplugin
This system is receiving updates from RHN Classic or Red Hat Satellite.
Loading mirror speeds from cached hostfile
repo id repo name status
centos7-base-x86_64 CentOS 7 Base - x86_64 0
epel7-x86_64 EPEL 7 - x86_64 0
repolist: 0
And ‘yum update’ result :
[root at kickstarttest ~]# yum update
Loaded plugins: fastestmirror, langpacks, rhnplugin
This system is receiving updates from RHN Classic or Red Hat Satellite.
Loading mirror speeds from cached hostfile
One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Disable the repository, so yum won't use it by default. Yum will then
just ignore the repository until you permanently enable it again or use
--enablerepo for temporary usage:
yum-config-manager --disable <repoid>
4. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true
failed to retrieve repodata/repomd.xml from centos7-base-x86_64
error was [Errno 14] curl#51 - "Unable to communicate securely with peer: requested domain name does not match the server's certificate."
Anybody has an idea about the problem I have ?
Regards,
Philippe.
Philippe Bidault
Tel : +34 617 301 667<tel:%2B34%20617%20301%20667>
Tel bis : +34 93 550 1402<tel:%2B34%2093%20550%201402>
COLT ISU Managed Services
0811 653 653 / www.colt.net<http://www.colt.net/>
Colt Technology Services, 23-27 rue Pierre Valette, 92240 Malakoff, France
[Colt Disclaimer] This email is from an entity of the Colt group of companies. Colt Group S.A., K2 Building, Forte 1, 2a rue Albert Borschette, L-1246 Luxembourg, R.C.S. B115679. Corporate and contact information for our entities can be found at http://colt.net/uk/en/Colt-Group-of-Companies/index.htm. Internet communications are not secure and Colt does not accept responsibility for the accurate transmission of this message. Content of this email or its attachments is not legally or contractually binding unless expressly previously agreed in writing by Colt
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list at redhat.com<mailto:Spacewalk-list at redhat.com>
https://www.redhat.com/mailman/listinfo/spacewalk-list
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list at redhat.com<mailto:Spacewalk-list at redhat.com>
https://www.redhat.com/mailman/listinfo/spacewalk-list
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list at redhat.com<mailto:Spacewalk-list at redhat.com>
https://www.redhat.com/mailman/listinfo/spacewalk-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20141219/c9f2b594/attachment.htm>
More information about the Spacewalk-list
mailing list