From 1b1739c5ebf677ba12ad53a6b11785471e5f52b5 Mon Sep 17 00:00:00 2001 From: Emilien Macchi Date: Thu, 19 Oct 2017 14:39:36 -0700 Subject: RHSM: when using proxy, test its connectivity first When using RHSM with a proxy, we want to make sure the proxy can be reached. This patch verify that a tcp socket can be open from the client to the proxy. This patch also does a bit of refactoring: - --retry-delay 10 --max-time 30 is now used in a parameter everytime we use curl. - proxy options are now used everytime curl is used, even for detecting which version of Satellite is running, now we use proxy options. Co-Authored-By: Vincent S. Cojot Change-Id: I4dcac1528c10f698338383445e27c8a613f9bcd9 Closes-Bug: #1724970 (cherry picked from commit f4e46f4b3ddac3f536a3a1955c91447e8b26ffca) --- .../rhel-registration/scripts/rhel-registration | 38 ++++++++++++++++++---- .../notes/rhsm_proxy_verify-548f104c97cf5f90.yaml | 5 +++ 2 files changed, 37 insertions(+), 6 deletions(-) create mode 100644 releasenotes/notes/rhsm_proxy_verify-548f104c97cf5f90.yaml diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration index c7d0b231..4592473f 100644 --- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration @@ -23,6 +23,8 @@ proxy_port= proxy_url= proxy_username= proxy_password= +curl_opts="--retry-delay 10 --max-time 30 --retry ${retry_max_count} --cacert /etc/rhsm/ca/redhat-uep.pem" +portal_test_url="https://$(crudini --get /etc/rhsm/rhsm.conf server hostname)/subscription/" # process variables.. if [ -n "${REG_AUTO_ATTACH:-}" ]; then @@ -129,12 +131,14 @@ if [ -n "${REG_HTTP_PROXY_HOST:-}" ]; then # Good both values are not empty proxy_url="http://${proxy_host}:${proxy_port}" config_opts="--server.proxy_hostname=${proxy_host} --server.proxy_port=${proxy_port}" - sat5_opts="${sat5_opts} --proxy_hostname=${proxy_url}" + sat5_opts="${sat5_opts} --proxy=${proxy_url}" + curl_opts="${curl_opts} -x http://${proxy_host}:${proxy_port}" echo "RHSM Proxy set to: ${proxy_url}" if [ -n "${REG_HTTP_PROXY_USERNAME:-}" ]; then if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then config_opts="${config_opts} --server.proxy_user=${proxy_username} --server.proxy_password=${proxy_password}" sat5_opts="${sat5_opts} --proxyUser=${proxy_username} --proxyPassword=${proxy_password}" + curl_opts="${curl_opts} --proxy-user ${proxy_username}:${proxy_password}" else echo "Warning: REG_HTTP_PROXY_PASSWORD cannot be null with non-empty REG_HTTP_PROXY_USERNAME! Skipping..." proxy_username= ; proxy_password= @@ -187,10 +191,10 @@ function retry() { } function detect_satellite_server { - if curl --retry ${retry_max_count} --retry-delay 10 --max-time 30 -L -k -s -D - -o /dev/null $REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm | grep "200 OK"; then + if curl ${curl_opts} -L -k -s -D - -o /dev/null $REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm | grep "200 OK"; then echo Satellite 6 or beyond with Katello API detected at $REG_SAT_URL katello_api_enabled=1 - elif curl --retry ${retry_max_count} --retry-delay 10 --max-time 30 -L -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then + elif curl ${curl_opts} -L -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then echo Satellite 5 with RHN detected at $REG_SAT_URL katello_api_enabled=0 else @@ -199,7 +203,13 @@ function detect_satellite_server { fi } -if [ "x${proxy_url}" != "x" ];then +if [ "x${proxy_url}" != "x" ]; then + # Before everything, we want to make sure the proxy can be reached + # Note: no need to manage retries, already done by retry() function. + echo "Testing proxy connectivity..." + retry bash -c "