Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix foreman_provisioning role #1866

Open
wants to merge 13 commits into
base: master
Choose a base branch
from

Conversation

adamruzicka
Copy link
Contributor

The role expects that the user has community.libvirt role installed. With these changes, the role should at least pass.

@sjha4
Copy link
Contributor

sjha4 commented Nov 21, 2024

I ran into this when running this playbook:

Thursday 21 November 2024  11:32:58 -0500 (0:00:00.017)       0:08:41.550 ***** 
 [started TASK: foreman_provisioning : create hostgroup Base on ip-10-0-167-217.rhos-01.prod.psi.rdu2.redhat.com]

TASK [foreman_provisioning : create hostgroup Base] **********************************************************************************************
fatal: [ip-10-0-167-217.rhos-01.prod.psi.rdu2.redhat.com]: FAILED! => changed=true 
  cmd: |-
    hammer hostgroup create --name 'Base' --architecture x86_64 --domain example.com --puppet-environment production --puppet-ca-proxy-id 1 --puppet-proxy-id 1 --subnet '192.168.73.0/24' --compute-profile libvirt-profile --compute-resource libvirt --root-pass changeme --pxe-loader "PXELinux BIOS" --organization 'Default Organization' --organizations 'Default Organization' --locations 'Default Location'
  delta: '0:00:00.810490'
  end: '2024-11-21 11:32:59.718525'
  msg: non-zero return code
  rc: 64
  start: '2024-11-21 11:32:58.908035'
  stderr: |-
    Could not create the hostgroup:
      Error: Unrecognised option '--root-pass'.
  
      See: 'hammer hostgroup create --help'.
  stderr_lines: <omitted>
  stdout: ''
  stdout_lines: <omitted>


Copy link
Member

@ekohl ekohl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In 5592157 we rewrote the CentOS parts to FAM. I had hoped the other distros would also get done. Is this a good excuse to clean them up into sustainable code? I'd imagine people might actually use it as reference code.

--medium '{{ centos_medium_name }}'
--name 'CentOS 9 Mirror'
--operatingsystem 'CentOS_Stream 9'
--medium 'CentOS Stream 9 mirror'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In theforeman/foreman#10227 I'd like to rename this again to the generic CentOS mirror so I think the variable still makes sense.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would this work as a replacement for the Hammer stuff?

- name: "Ensure Debian 12" # noqa: args[module]       
  theforeman.foreman.operatingsystem:
    name: Debian
    family: Debian
    major: 12
    minor: 7                                                                             
    release_name: Bookworm                                                               
    architectures:                                                                       
      - x86_64                                                                           
    media:                                                                               
      - Debian mirror                                                                    
    provisioning_templates:                                                              
      - Preseeed default                                                                 
    ptables:                                                                             
      - Preseed default                                                                  
    state: present                                                                       
                                                                                         
- name: "Set default template for Debian 12" # noqa: args[module]                        
  theforeman.foreman.os_default_template:                                                
    operatingsystem: "Debian 12"                                                         
    template_kind: "provision"                                                           
    provisioning_template: "Preseed default"                                             
    state: present  

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Almost, if I'm reading it correctly, the current hammer-based implementation associates all templates which start with "Preseed default" with the os. This one associates just the ones which are explicitly listed? Unless I'm missing something, fam doesn't really give us options to list with search and the reuse the result so I'd have to fallback to a mix of hammer and this to associate all the relevant templates?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've also often wondered how we can make this better. We already know the operating systems that are compatible (since the template lists them) so should Foreman have some option to automatically associate all compatible options? And by that I mean server side, without having to specify them.

@evgeni any thoughts on this?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FAM can do searches (I can drop you an example if you want), but yeah, automatic in Foreman would be cooler

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can drop you an example if you want

If you'd indulge me

Copy link
Member

@evgeni evgeni Dec 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Untested:

- name: "Find all preseed templates"
  theforeman.foreman.resource_info:
    resource: provisioning_templates
    search: name ~ "Preseed default"
  register: result

- name: "Set default template for Debian 12" # noqa: args[module]                        
  theforeman.foreman.os_default_template:                                                
    operatingsystem: "Debian 12"                                                         
    template_kind: "{{ item.template_kind_name }}"                                                           
    provisioning_template: "{{ item.name }}"                                             
    state: present
  loop: "{{ result.resources }}"

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But now I wonder, how should an OS have multiple default templates of the same kind?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, not of the same kind. The search should return several templates of different kinds. It would be nice to not have to do this https://github.com/theforeman/forklift/pull/1885/files

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right! Updated the snippet above to do that, can you try it?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mhh, but it'd still be a problem for PXE* ones, as there are two of them? 🤔

        {
            "created_at": "2024-09-04 05:14:23 UTC",
            "description": "The template to render Grub2 bootloader configuration for preseed based distributions.\nThe output is deployed on the host's subnet TFTP proxy.",
            "id": 9,
            "name": "Preseed default PXEGrub2",
            "snippet": false,
            "template_kind_id": 4,
            "template_kind_name": "PXEGrub2",
            "updated_at": "2024-09-04 05:14:23 UTC"
        },
        {
            "created_at": "2024-09-04 05:14:23 UTC",
            "description": null,
            "id": 10,
            "name": "Preseed default PXEGrub2 Autoinstall",
            "snippet": false,
            "template_kind_id": 4,
            "template_kind_name": "PXEGrub2",
            "updated_at": "2024-09-04 05:14:23 UTC"
        },
        {
            "created_at": "2024-09-04 05:14:23 UTC",
            "description": "The template to render PXELinux bootloader configuration for preseed based distributions.\nThe output is deployed on the host's subnet TFTP proxy.",
            "id": 19,
            "name": "Preseed default PXELinux",
            "snippet": false,
            "template_kind_id": 2,
            "template_kind_name": "PXELinux",
            "updated_at": "2024-09-04 05:14:23 UTC"
        },
        {
            "created_at": "2024-09-04 05:14:23 UTC",
            "description": null,
            "id": 20,
            "name": "Preseed default PXELinux Autoinstall",
            "snippet": false,
            "template_kind_id": 2,
            "template_kind_name": "PXELinux",
            "updated_at": "2024-09-04 05:14:23 UTC"
        },

template_kind: "{{ item.template_kind_name }}"
provisioning_template: "{{ item.name }}"
state: present
loop: "{{ result.resources | sort(attribute='name') | unique(attribute='template_kind_name') }}"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think Ubuntu 24 needs the "Autoinstall" type templates, not the classic ones.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is regular debian fine with the non-autoinstall ones?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, it's just ubuntu who switched to the new installer.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, let's just hope there won't be any other flavor of the preseed templates.

ptables:
- Preseed default
state: present
password_hash: "SHA256"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Like CentOS

Suggested change
password_hash: "SHA256"
password_hash: "SHA512"

ptables:
- Kickstart default
state: present
password_hash: "SHA256"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
password_hash: "SHA256"
password_hash: "SHA512"

register: foreman_provisioning_hostgroup_centos_mirror
ignore_errors: True

- name: 'create hostgroup CentOS 7 Mirror'
- name: 'create hostgroup CentOS 9 Mirror'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we replace the hammer logic with FAM here too? theforeman.foreman.hostgroup should be way easier to maintain:

- name: "Ensure CentOS 9 Mirror hostgroup"
  theforeman.foreman.hostgroup:
    name: 'CentOS 9 Mirror'
    operatingsystem: 'CentOS_Stream 9'
    medium: '{{ foreman_provisioning_centos_medium_name }}'
    ptable: 'Kickstart default'
    parent: 'Base'

Not sure how to convert foreman_provisioning_hammer_taxonomy_params easily.

And the same for the Base hostgroup.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In #1888 I had a go at rewriting much of this file to also use FAM. I'd appreciate if you could take a look.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants