Out of troublePosted by Magnus Glantz 2016-01-28 22:24:01
It seems that when abrt detects crashes, it generates traffic to Satellite 6 candlepin...
Be aware of running abrt on RHEL 6.7 when using Satellite 6. abrt can get stuck in a loop of reporting crashes that itself causes. This generates enormous amounts of traffic to candlepin (tomcat) (postgresql) and foreman causing it to consume fantastic amounts of CPU and memory.
Check if you are affected on RHEL 6.7 by looking at number of crash counts:
# abrt-cli list|grep -i countSolution:
# for item in abrtd abrt-oops abrt-ccpp; do service $item stop; chkconfig $item off; done
Out of troublePosted by Magnus Glantz 2016-01-13 10:50:15
Installing docker and then upgrading from Red Hat Enterprise Linux 7.1 to Red Hat Enteprise Linux 7.2 (which took me from 1.6.0-11.el7.x86_64 to docker-1.8.2-8.el7.x86_64) I hit this problem.
[root@thehostname ~]# systemctl start docker
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.
[root@thehostname ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2016-01-13 09:39:03 UTC; 5s ago
Process: 7711 ExecStart=/usr/bin/docker daemon $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY (code=exited, status=1/FAILURE)
Main PID: 7711 (code=exited, status=1/FAILURE)
Jan 13 09:39:03 thehostname.domainname systemd: Starting Docker Application Container Engine...
Jan 13 09:39:03 thehostname.domainname docker: time="2016-01-13T09:39:03.894323859Z" level=info msg="Listening for HTTP on unix (/var/run/docker.sock)"
Jan 13 09:39:03 thehostname.domainname docker: time="2016-01-13T09:39:03.916209315Z" level=fatal msg="Error starting daemon: error initializing graphdriver: Unable to take ownership of thin-pool (rootvg-docke...ed data blocks"
Jan 13 09:39:03 thehostname.domainname systemd: docker.service: main process exited, code=exited, status=1/FAILURE
Jan 13 09:39:03 thehostname.domainname systemd: Failed to start Docker Application Container Engine.
Jan 13 09:39:03 thehostname.domainname systemd: Unit docker.service entered failed state.
Jan 13 09:39:03 thehostname.domainname systemd: docker.service failed.Solution:
# systemctl stop docker
# rm -rf /var/lib/docker
# lvremove /dev/volumegroupxyz/docker-pool
# systemctl start dockerDone.More info:
You must readPosted by Magnus Glantz 2016-01-11 08:49:12
Starting mid-February I start my new job as Solution Architect at Red Hat in the Nordics with focus on Denmark. So... wish me luck :)
Out of troublePosted by Magnus Glantz 2015-12-11 14:26:39
If you are running Capsules. Do not forget to update katello-agent, goferd, katello-ca-consumer (from the capsule) on all clients and then to re-register all clients using subscription-manager. If you do not do that, clients will keep communicating to 5671 on the Satellite and if you have a lot of hosts, this will within time cause qpid to fail on the Satellite, which is very serious as pretty much everything then will fail.
Out of troublePosted by Magnus Glantz 2015-12-10 19:23:12
So I never ever forget.1. Install tools on the Capsule
# yum install crypto-utils mod_ssl2. Generate certificate request
# genkey $(hostname)3. Submit certificate request and get an certificate.
# Not sure how you do that..4. Download signed certificate. Convert to PEM format if it's not already that. If in DER format, convert like so:
# openssl x509 -inform der -in mysignedcertficates.cer -out /etc/pki/tls/certs/capsule-fqdn.crt5. Perhaps, download certificate chain from CA (if you have your own CA).
# Not sure how you do that..6. Upload files to Satellite from Capsule:
# Certificate Request:
/etc/pki/tls/private/capsule-fqdn.key7. Upload other files to Satellite:
# Certificate chain from CA
# Signed certificate for Capsule:
/someplace/capsule-fqdn.crt8. Move all files to /root/capsule-fqdn on Satellite
...9. Generate certificate tar for Capsule on Satellite:
capsule-certs-generate --capsule-fqdn CAPSULE-FQDN --server-ca-cert /root/capsule-fqdn/my-certificate-chain.pem --server-cert /root/capsule-fqdn/capsule-fqdn.crt --server-cert-req /root/capsule-fqdn/capsule-fqdn.0.csr --server-key /root/capsule-fqdn/capsule-fqdn.key --certs-tar /root/capsule-fqdn.tar --certs-update-server10. Install Capsule as described from the output from the capsule-certs-generate command. 11. Done.
Out of troublePosted by Magnus Glantz 2015-12-03 15:31:48
If your repositories disappear from your Products and Content Views, you may be able to solve that by issuing a Sync of those repositories.
Worked for me :-)
You must readPosted by Magnus Glantz 2015-11-04 12:56:57Problem:
100000000 servers that are not used in your development or test environmnets.Solution:
Put below script in /etc/cron.daily/. 30 days after installation date, the server will shutdown automatically. You can make this as fancy as you want, but the solution is still fairly simple.
# Date format is 15-01-31
# Calculates number of days between today and installation date
if [ "$(( ($(date --date="$DATEB" +%s) - $(date --date="$DATEA" +%s) )/(60*60*24) ))" -ge 30 ]; then
logger -t auto_decommision "Server has passed it's end date. Halting server."
shutdown -h now
You must readPosted by Magnus Glantz 2015-09-23 10:50:28
Keep in mind that you need to put a template (in Sat 6.1, called image) on each cluster.
That was all.
Out of troublePosted by Magnus Glantz 2015-09-22 22:59:41
FYI. In the current release of Red Hat Satellite 6.1 there is no way to set resource pools in VMware. A new VM will default to the root resource pool, meaning you have to either drag and drop VMs into correct resource pool in Vsphere, create a script that does this or create a hook script to set the resource pool for a VM.
Patches providing this functionality are available upstream in Foreman and I am using hotfixes that provides this functionality in Satellite 6.1, so I'm guessing a solution is not that far away.
Out of troublePosted by Magnus Glantz 2015-09-18 17:29:21
To be able to sync with Red Hats Docker registry you will need to open up in our firewall to the two following URLs:* registry.access.redhat.com
That is all.