PDA

View Full Version : Configuring SMT11 server to use self-hosted repositories



kobuse
29-Jul-2015, 14:06
Hi,
I have a SLES 11 SP 3 server with SMT 11 SP 3 installed. The SMT server was successfully connecter to SCC and is doing the mirroring as expected. There is however a problem when I try to register to be a client of itself (ie. do it's own updates from the local mirror and not going out on the internet to the SCC). It looks to me like when you try to register against the local host it ignores the /etc/hosts file and try to reach the server thru the proxy server.

cat /etc/hosts
127.0.0.2 ps001.pwv.gov.za ps001

./clientSetup4SMT.sh --host ps001.pwv.gov.za --regcert http://localhost/smt.crt
-----snip-----
Signature Algorithm: sha1WithRSAEncryption
4d:dc:99:30:e1:9d:0a:0f:a5:f3:a1:67:a2:3b:d0:ab:96 :ae:
ab:3d:16:75:92:2e:16:81:2f:42:c5:f2:1a:84:c0:d3:aa :52:
ad:41:69:19:80:ac:94:00:b4:4b:3d:2a:08:b9:0a:b3:a7 :59:
01:d8:73:a4:0c:ff:27:af:30:71:01:0b:c6:1b:0b:2d:29 :c8:
8f:6d:4f:ae:a5:51:d8:25:37:88:aa:e1:c3:e1:fe:bc:94 :e5:
2b:7d:3a:7f:26:03:92:ac:66:bc:c1:a9:ab:91:9f:3f:dc :65:
de:3c:34:ac:4d:5f:fe:93:a2:8a:e6:40:5e:d4:3f:94:97 :99:
b4:ba:48:6d:88:7b:eb:de:aa:36:7c:02:23:70:a6:78:85 :a6:
b1:2f:66:09:57:48:8d:50:0b:0e:9d:8d:a7:51:2d:79:52 :ec:
d9:85:1a:d1:02:1c:1a:9f:e1:78:6d:f1:bb:70:74:9f:7e :62:
ab:05:87:f0:b8:27:ea:96:fa:98:fe:b5:48:d3:7a:26:54 :68:
df:63:e0:ff:66:69:48:14:b6:d2:b3:cd:19:cc:bd:7b:44 :21:
31:ed:31:93:3b:47:f3:e3:b3:1a:cd:8f:38:da:11:a2:42 :a3:
d0:47:62:11:03:af:60:aa:14:42:d6:84:a6:77:77:7e:fe :ae:
32:e5:18:88
Do you accept this certificate? [y/n] y
WARNING: Skipping duplicate certificate YaST-CA.pem
Client setup finished.
Start the registration now? [y/n] y
/usr/bin/suse_register -i -L /root/.suse_register.log
All services have been refreshed.
Repository 'SUSE-Linux-Enterprise-Server-11-SP3 11.3.3-1.138' is up to date.
Repository 'Subscription-Management-Tool-for-SUSE-Linux-Enterprise-11-SP3 11.3.3-1.1' is up to date.
Repository 'Subscription-Management-Tool-for-SUSE-Linux-Enterprise-11-SP3 11.3.3-1.1' is up to date.
All repositories have been refreshed.
ERROR: HTTP/1.0 504 Gateway Time-out
Server: squid
Date: Wed, 29 Jul 2015 13:03:00 GMT
Content-Type: text/html
Content-Length: 1148
X-Squid-Error: ERR_DNS_FAIL 0


(2)
ERROR: Failure when receiving data from the peer: (56)
(2)
ERROR: Failure when receiving data from the peer: (56)
(2)


Any ideas how to fix it. I have a proxy defined (needs it to be able to go to SCC). The local server is not defined in a proxy server. Other machines can register to ps001 without any problems.

Regards,
Kobus

ab
29-Jul-2015, 14:22
On 07/29/2015 07:14 AM, kobuse wrote:
>
> CAT /ETC/HOSTS
> 127.0.0.2 ps001.pwv.gov.za ps001
>
> ./CLIENTSETUP4SMT.SH --HOST PS001.PWV.GOV.ZA --REGCERT
> HTTP://LOCALHOST/SMT.CRT

Maybe it's nothing, but was that really your entire /etc/hosts file? If
so, how did your localhost bit work at all, as it was not shown in the
output as being mapped to an IP address?

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...

kobuse
29-Jul-2015, 14:45
You are correct, did not show the complete hosts file. Here is the complete one

ps001:/srv/www/htdocs/repo/tools # cat /etc/hosts
#
# hosts This file describes a number of hostname-to-address
# mappings for the TCP/IP subsystem. It is mostly
# used at boot time, when no name servers are running.
# On small systems, this file can be used instead of a
# "named" name server.
# Syntax:
#
# IP-Address Full-Qualified-Hostname Short-Hostname
#

127.0.0.1 localhost

# special IPv6 addresses
::1 localhost ipv6-localhost ipv6-loopback

fe00::0 ipv6-localnet

ff00::0 ipv6-mcastprefix
ff02::1 ipv6-allnodes
ff02::2 ipv6-allrouters
ff02::3 ipv6-allhosts
# 192.0.1.218 ps001.pwv.gov.za ps001
127.0.0.2 ps001.pwv.gov.za ps001
# SMT server hipersocket added by root on 201411171146
192.0.1.202 p0023.ifms.gov.za p0023
# NFS server hipersocket added by root on 201411171146
192.0.1.199 p0035.ifms.gov.za p0035
# Nagios server hipersocket added by root on 201411171146
192.0.1.229 nagiosp.IFMS.gov.za nagiosp

jmozdzen
29-Jul-2015, 16:15
Hi Kobus,

how about defining an exception in you proxy settings, excluding ps001.pwv.gov.za from being handled via proxy?

If that doesn't work for some reason, unset the "http_proxy" and "https_proxy" environment variables in the shell you call clientSetup4SMT.sh from.

In order to let smt-agent run successfully on the SMT server, you'll need to enable forwardRegistration in /etc/smt.conf.

Regards,
Jens

kobuse
30-Jul-2015, 08:13
Hi Jens,

The forwarding was enabled but the proxy idea worked (as a matter of fact the NO_Proxy for the server was set but with a spelling mistake :-( ).
Thanks for the info, it made me look at some of the configs that I overlooked. A handy command that I picked up to see what the proxy settings are is the following :
set | grep -i proxy

Thanks again.

Regards,
Kobus

jmozdzen
30-Jul-2015, 12:35
Hi Kobus,


Hi Jens,

The forwarding was enabled but the proxy idea worked

thank you for reporting back, it's always nice to see issues got resolved :)


[...]
A handy command that I picked up to see what the proxy settings are is the following :
set | grep -i proxy

Let me add that some system scripts actually look at /etc/sysconfig/proxy directly, and some commands use their own local configuration (i.e. ~/.curlrc). So looking at the environment variables is a pretty good first guess, but may not show the whole picture...

Regards,
Jens