Problems installing RockNSM 2_1 from Devel branch


#1

In general the root cause seems related to the GPG keys not being present, accessible or trusted. I’ve tried to eliminate as many causes as possible, but still not joy.
Here’s my starting point:

  • CentOS7 Minimal Install with NO Security Policy applied
  • yum install git, then vim, then ansible
  • I’ve NOT run yum update yet
  • create Snapshot1

From this starting point I’ve tested several scenarios.

Scenario1

  • Test connectivity (curl hxxp://mirror.centos.org…) <-- GTG
  • mkdir ~/rock_devel
  • sudo git clone hxxps://github.com/rocknsm/rock.git --branch devel ~/rock_devel
  • cd ~/rock_devel/bin
  • sudo ./deploy_rock.sh

RESULT Error in Task [sensor-common : Trust RockNSM GPG keys]
“Not a valid key /etc/pki/rpm-pgp/RPM-GPG-KEY-RockNSM-2”
“Not a valid key /etc/pki/rpm-pgp/RPM-GPG-KEY-RockNSM-pkgcloud-2_1”

Workaround Attempt 1 <- failed

  • sudo vim ~/rock_devel/playbooks/roles/sensor_common/tasks/configure.yml
    … I deleted the “Trust RockNSM keys” section
  • cd ~/rock_devel/bin
  • sudo ./deploy_rock.sh

RESULT Error in Task [sensor-common : Install packages]
Failure talking to yum: failure: repodata/repomd.xml from rocknsm_2_1…

Workaround Attempt 2 <- also failed

RESULT Error in Task [sensor-common : Install packages]
Failure talking to yum: failure: repodata/repomd.xml from rocknsm_2_1…

Workaround Attempt 3 <- also failed

  • I reverted to Snapshot 1
  • Test connectivity (curl hxxp://mirror.centos.org…) <-- GTG
  • mkdir ~/rock_devel
  • sudo git clone hxxps://github.com/rocknsm/rock.git --branch devel ~/rock_devel
  • cd ~/rock_devel/bin
  • NEW STEP sudo ./generate_defaults.sh
  • NEW STEP sudo vim /etc/rocknsm/config.yml
    … I changed rock_online_install to False
  • sudo ./deploy_rock.sh

RESULT Error in Task [sensor-common : Trust RockNSM GPG keys]
“Not a valid key /etc/pki/rpm-pgp/RPM-GPG-KEY-RockNSM-2”
“Not a valid key /etc/pki/rpm-pgp/RPM-GPG-KEY-RockNSM-pkgcloud-2_1”

Any recommendations are appreciated!


#2

Gus,
I busy working on setting up a mirror of your current environment. Thanks for being thorough on what you have attempted so far. I’ll try and find a workaround/fix for you.


#3

Here is what i have figured out so far.

  • I was able to duplicate the issue you are having on my end
  • The Keys that are not in /etc/pki/rpm-gpg/RPM-GPG-KEY-RockNSM-2 and -pkgclould-2_1 are not present in the rpm-gpg as they should be
  • Attempting to add the keys manually has pass es the check but installation fails when it comes to actually install the packages
  • Installing using instructions @ https://packagecloud.io/rocknsm/2/install#bash-rpm does not yield desired result.

I will update this thread as I make progress


#4

Thanks for looking into this…your results so far are identical to mine. I look forward to your findings.


#5

Gus,
Here is what I have:

  • sudo yum install git vim ansible
  • sudo git clone htt[s://github.com/rocknsm.rock.git --branch devel ~/rock_devel
  • curl https://copr.fedorainfracloud.org/coprs/g/rocknsm/rocknsm-2.1/repo/epel-7/group_rocknsm-rocknsm-2.1-epel-7.repo | sudo tee /etc/yum.repos.d/rock-testing.repo
  • sudo ./generate_defaults
  • this is the part I need some feedback, I don’t know what your etc/rocknsm/config.yml file looks like and what bits you have flipped. I am running this on a laptop so I shut off some of the more “expensive” features.
  • sudo rm-fr /var/cache/yum/*
  • sudo yum clean all
  • yum repolist
  • sudo ~/devel_rock/bin/deploy_rock.sh

Let me know how it works…

koelslaw