foreman_abrt/README.md @ cf998638
ForemanAbrt
This plugin allows your Foreman instance to receive problem reports generated
on your hosts by ABRT (Automatic Bug Reporting
Tool). These reports can be inspected and eventually sent to the ABRT server
for analysis.
Overview
- Whenever a bug is caught by ABRT on the managed host, it is sent to the Smart proxy instead of being sent directly to the ABRT server.
- The Smart proxy receives the report and stores it to the disk. Stored
reports are then sent to Foreman every 30 minutes (by means of cron job).
The proxy may optionally:
- Forward the report to an ABRT server immediately after being received. Server's response is discarded.
- Aggregate stored reports prior to sending them to the Foreman. Only one instance of set of similar reports from a host is sent, together with number of the reports in the set.
- Foreman receives the aggregated report and stores it to the database. The reports can be inspected and forwarded ("sent for analysis") to the ABRT server. If the server responds with additional information about the report, such as links to bug trackers or suggested solutions, it is displayed alongside the report.
Network ports
Reports from managed hosts are sent to smart-proxy's https port which is 8443
for standalone Foreman installations and 9090 for Katello.
The proxy sends the reports using Foreman's API, which normally runs on
standard https (port 443).
Installation
To be able to see ABRT problem reports in your Foreman instance, you need to
install the plugin itself, install ABRT plugin for your smart proxies and
configure your hosts to send the problem reports to their smart proxy.
Please note that the configuration is slightly different when using Foreman
stand-alone and when it is part of Katello. Any configuration specific to
Katello will be explicitly indicated.
Both plugins are available as RPMs in Foreman YUM repositories.
Prerequisites
The plugins require both Foreman and smart-proxy to be version 1.7 or later.
The plugins have been tested on Fedora 19, RHEL 6 and RHEL 7. Versions of the
plugins compatible with Katello are foreman_abrt-0.0.4 and
smart_proxy_abrt-0.0.6.
To have hosts automatically send ureports to Foreman, you need to have ABRT
2.1.11 or higher installed on them. RHEL 7 and Fedora 19 and higher satisfy
this. ABRT in RHEL6 does not have ureport support, however you can use an
unofficial build if you
wish to test this feature.
Installing the Foreman plugin
To install the Foreman plugin, follow the plugin installation
instructions.
You need to install the rubygem-foreman_abrt package (or
ruby193-rubygem-foreman_abrt on RHEL/CentOS).
After installing the plugin, restart Foreman with touch /usr/share/foreman/tmp/restart.txt.
Setting up smart proxies
Follow the smart-proxy plugin installation
instructions.
You need to install the rubygem-smart_proxy_abrt package.
The plugin needs some configuration in order to work correctly.
Ensure that
/etc/foreman-proxy/settings.d/abrt.ymlcontains the following line::enabled: trueAfter installing and configuring the plugin, smart-proxy has to be restarted.
service foreman-proxy restartCron is used to transfer the captured problem reports to Foreman in batches.
Ensure that thesmart-proxy-abrt-sendcommand is run periodically. The
provided RPM package contains a cron snippet that runs the command every 30
minutes.
Configuring hosts to send problem reports to Foreman
This setup needs to be performed on every host that you wish to report its
crashes to Foreman. The host has to be managed by Puppet, i.e. host record must
exist in Foreman web interface.
Make sure that ABRT is installed and running.
yum install abrt-cli systemctl start abrtd abrt-ccpp systemctl enable abrtd abrt-ccppEnable auto-reporting by running the following command:
abrt-auto-reporting enabled
- Configure ABRT reporting destination -
/etc/libreport/plugins/ureport.confshould contain following:
# URL of your foreman-proxy, with /abrt path.
URL = https://smartproxy.tld:8443/abrt
# Verify the server certificate.
SSLVerify = yes
# This asks puppet config for the path to the ceritificates. you can
# explicitly provide path by using /path/to/cert:/path/to/key on the
# right hand side.
SSLClientAuth = puppet
Katello: when using Foreman with Katello, the host needs to be registered
(using subscription-manager) to your Katello instance. You can find the
registration instructions on https://foreman.tld/content_hosts/register.
The /etc/libreport/plugins/ureport.conf file should instead contain the
following:
# URL of your foreman-proxy, with /abrt path.
URL = https://smartproxy.tld:9090/abrt
# Verify the server certificate.
SSLVerify = yes
# Use the subscription management certificates to authenticate to the proxy.
SSLClientAuth = /etc/pki/consumer/cert.pem:/etc/pki/consumer/key.pem
- Add the Puppet CA to the list of trusted certificate authorities. This is needed for verifying the validity of smart-proxy's certificate:
cp /var/lib/puppet/ssl/certs/ca.pem /etc/pki/ca-trust/source/anchors/
update-ca-trust
Katello: when using Foreman with Katello, the subscription management
certificate should be used instead:
cp /etc/rhsm/ca/katello-server-ca.pem /etc/pki/ca-trust/source/anchors/
update-ca-trust
Verifying that the setup works
You can verify your setup by crashing something on your managed host. We have a
set of utilities in the Fedora/EPEL repository especially for this purpose:
yum -y install will-crash
will_segfault
Will segfault.
Segmentation fault (core dumped)
After a couple of seconds, a new file should appear in
/var/spool/foreman-proxy-abrt on the smart-proxy host. The reports from
the smart-proxy are sent to the Foreman in batches every half an hour (by
default). This means that within half an hour you should be able to see the bug
report in the Foreman web interface. You can send the reports to Foreman
manually by running the smart-proxy-abrt-send command.
Please note that you need to enable the
EPEL repository if you are using RHEL in
order to install will-crash. If the will-crash package is not available, you
can try the following. Please make sure not to actually report this to sleep
maintainers, though:
sleep 1d &
kill -SEGV $!
Testing aggregation
If you crash the same program twice (on one host) within the same period that
smart-proxy waits between forwarding the reports to foreman, then only one
report with count = 2 should appear in the web interface.
However, be careful about ABRT's rate limiting - if you crash a program
and then crash it again sooner that 20 seconds then the second crash is
simply ignored.
Usage
The list of received problem reports can be accessed by clicking on Problem
reports link in the Monitor menu. To see detailed information for a report,
click on its reported date.
List of problem reports coming from a particular host is also displayed on the
page with the details about the host in the Problem reports tab on the left.
Forwarding the report to the ABRT server
On the problem report details page you can forward the problem report to an
actual ABRT server by clicking the Send for analysis button. The ABRT server
may respond with some information it knows about the bug, such as the list of
URLs related to the bug (e.g. Bugzilla link) and list of possible solutions to
the problem that caused the bug to occur.
The forwarding functionality may have to be configured in Abrt tab of the
configuration screen (Administer->Settings).
TODO
- Use puppet to configure managed hosts to send ureports to Foreman.
Copyright
Copyright (c) 2014 Red Hat
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.