Katello 3.5 and cockpit #570
Conversation
|
There were the following issues with the commit message:
If you don't have a ticket number, please create an issue in Redmine. More guidelines are available in Coding Standards or on the Foreman wiki. This message was auto-generated by Foreman's prprocessor |
theforeman-bot
added
Waiting on contributor
Needs testing
Not yet reviewed
and removed
Waiting on contributor
labels
|
There were the following issues with the commit message:
If you don't have a ticket number, please create an issue in Redmine. More guidelines are available in Coding Standards or on the Foreman wiki. This message was auto-generated by Foreman's prprocessor |
|
Technically this would also need a migration but before we get into the technical details, it's good to think about the longer term goal. Vanilla foreman uses port 8443 but in the katello context RHSM also uses 8443. That means we have a conflict. I recall @stbenjam was working on adding a proxy for the RHSM stuff so it could run on 8443 again. I'd prefer that over port 9093 but it'd need some work. |
|
There were the following issues with the commit message:
If you don't have a ticket number, please create an issue in Redmine. More guidelines are available in Coding Standards or on the Foreman wiki. This message was auto-generated by Foreman's prprocessor |
|
There were the following issues with the commit message:
If you don't have a ticket number, please create an issue in Redmine. More guidelines are available in Coding Standards or on the Foreman wiki. This message was auto-generated by Foreman's prprocessor |
| @@ -29,7 +29,7 @@ def mod(manifest, params) | |||
| answers['foreman_proxy'] = { | |||
| 'custom_repo' => true, | |||
| 'http' => true, | |||
| 'ssl_port' => '9090', | |||
There was a problem hiding this comment.
Migrations are executed only once and then it's stored that it was executed. That means you have to create new migrations. There's a helper script bin/create-migration
|
I have found this problem. When I install Katello and I want to use a cockpit plugin I have a conflit on a TCP port 9090. The 9090 port is used for communication with the Smart Proxy and also the cockpit. I have propose 9093 but another port is valid. |
|
My target is: change the default port on answer file when I use the scenario katello. |
|
The bot wants you to modify the commit message. It should be sufficient to squash it all in a single commit and have it include |
|
Ok! sorry @ekohl |
|
There were the following issues with the commit message:
If you don't have a ticket number, please create an issue in Redmine. More guidelines are available in Coding Standards or on the Foreman wiki. This message was auto-generated by Foreman's prprocessor |
theforeman-bot
added
Needs testing
Waiting on contributor
and removed
Waiting on contributor
labels
|
There were the following issues with the commit message:
If you don't have a ticket number, please create an issue in Redmine. More guidelines are available in Coding Standards or on the Foreman wiki. This message was auto-generated by Foreman's prprocessor |
Change default ssl port because is not compatible with cockpit
Change default ssl port because is not compatible with cockpit
Change default ssl port because is not compatible with cockpit
Change default ssl port because is not compatible with cockpit
|
I'm sorry but I think this constitutes a major change whose impact is not worth it at this time. I would recommend either changing the cockpit port or customizing this port using the installer in your own installation. I do not think that cockpits use of the same port warrants such a large change in our project given cockpit is configurable.
|
|
I partly agree with @ehelms that changing it to another port is not worth the effort. If we could change our stack back to port 8443 to match vanilla foreman that would be an interesting option. We would need to take care of RHSM in that case. That is a big change though. |
|
Yes is the big change. This is valid only if I install katello and not if I install Foreman. If I already use the cockpit in all my servers I must modify all cockpit port and all firewall rules. Alternatively is possible to add a specific option or add the entry in the help like "If you want use the cockpit modify this port" or add this issue in the official documentation. In the mean time I can propose to change the port on cockpit prj if you want. |
|
I forgot, if I change the cockpit port I must modify the foreman_cockpit plugin for use a new port. |
|
It's good to note that these are the defaults. You're still free to change the values in your installation by providing these as command line arguments to the installer. See |
|
I understood that is a default value. But this default is not compatible with default cockpit plugin installation and this is not configurable via option in my installation command but only editing the file. |
|
While I appreciate that, it's simply too big of a change at this point to manage. A lot of our documentation, downstream usage and other integrations would need to be changed. When we do invest time into this, it'd make more sense to align it back with foreman to 8443. I recall @stbenjam having looked into that so maybe he can give his opinion on it. |
I was only looking at getting rid of using 8443 on the Katello capsule as a reverse proxy. I think that would need to be done first before we consider moving the proxy port back to 8443 to align with Foreman. |
|
Ok, if you want I can test it. |
|
For now it'll need quite a bit of effort and it's not high on my agenda right now. Maybe @stbenjam could outline the needed steps for anyone who wants to work on this. |
|
For your own environment if you wanted to run the installer with The best solution long term would for us to move to 8443, but it's in use by something else. That needs to get moved to 443, but there needs to be some ability for at least some period of time to support both ports - that's the problem with moving things. There are many many many client systems out there that connect to 8443 for the subscription-manager service, they need to get moved to 443 but we need to give people at least one release to do it, maybe two. I started some work over here last year, but didn't get a chance to finish it. |
|
@peppos I wanted to clarify something as I think about this. This only affects cockpit running on the actual Foreman server with Katello? That is to say, our choice of port currently does not break Cockpit on all the hosts being managed just simply viewing cockpit for the server itself? |
|
@ehelms not only for cockpit on Foreman but for all cockpit, because the url is the same for all host. Only the hostname is a variable in the plugin code. From my point of view the are three ways, modify the port for all cockpit services on all servers or modify the foreman proxy port or modify the plugin code and assume that port is a variable. |
|
I think option 3 has the most flexibility and would require the least amount of re-configuration in user environments. Further, that allows an organization to modify the cockpit ports across hosts if they have requirements around port usage. |
1. decrease the chunk size to be compatible with Pulp's expectations 2. suppress false-positive warnings from rest-client 3. log exceptions properly
|
This repository has been deprecated and merged into https://github.com/theforeman/foreman-installer (#731). If this is still relevant, please resubmit the PR there. |
Change default port ssl from 9090 to 9093 because is not compatible with cockpit
theforeman/foreman_cockpit#14