Fixes #35626 - Registration & proxy's registration_url

[stejskalleos]

Use registration_url from Registration SP module
for registration command.

RFC: https://community.theforeman.org/t/rfc-host-registration-and-load-balancers/30462
Katello: https://projects.theforeman.org/issues/35627
Smart Proxy: https://projects.theforeman.org/issues/35639
Installer: TODO

[theforeman-bot]

Issues: #35626

[ekohl]

My biggest concern here is that the template URL is HTTP and not HTTPS. Normally registration uses HTTPS, right? Is that intended?

[stejskalleos]

My biggest concern here is that the template URL is HTTP and not HTTPS. Normally registration uses HTTPS, right? Is that intended?

I wouldn't say it's intended, but if users use template_url for haproxy (as described in this comment) it can be https URL.

[ekohl]

It indeed can be HTTPS, but in that case (AFAIK) you can't really kickstart since we don't set up certificates. At least back in the day Anaconda couldn't even retrieve its kickstart over HTTPS. Perhaps that's better now, but that's why it HTTP and not HTTPS. That's why I'd still suggest to introduce a new setting on the registration module. That way users don't have to choose between the two.

[ehelms]

That's why I'd still suggest to introduce a new setting on the registration module. That way users don't have to choose between the two.

Expanding on this, the suggestion is to add a new setting into registration module (https://github.com/theforeman/smart-proxy/blob/develop/config/settings.d/registration.yml.example) that is named registration_url and be set directly at installation time and is reported back to Foreman and keeps it separate from the templates URL?

Does the registration workflow hit directly the templates URL?

[stejskalleos]

Does the registration workflow hit directly the templates URL?

Yes, it's used in the end of registration when we are calling back to Foreman to update build status, in host_init_config_default template, nothing else.

Having registration_url for LB case sounds like a good idea, implementation shouldn't be big problem and it would solve the http problem with templates_url, so 👍 from me.

[ekohl]

Expanding on this, the suggestion is to add a new setting into registration module (https://github.com/theforeman/smart-proxy/blob/develop/config/settings.d/registration.yml.example) that is named registration_url and be set directly at installation time and is reported back to Foreman and keeps it separate from the templates URL?

Exactly.

[ekohl]

ACK on the Ruby side, but I haven't done anything with the JS side for a while so I'd appreciate if someone else could take a look.

[Ron-Lavi]

Looks good to me, thanks @stejskalleos 👍🏼

[Ron-Lavi]

Should we try merging Katello/katello#10315, theforeman/smart-proxy#850 all at the same time? any other concerns before merging?

[stejskalleos]

Should we try merging Katello/katello#10315, theforeman/smart-proxy#850 all at the same time? any other concerns before merging?

Katello can wait few days, but smart-proxy should go together with this PR