Install Foreman on CentOS 7 / RHEL 7 / Ubuntu 14.04.3
Foreman (also known as The Foreman) is an open source complete life cycle systems management tool for provisioning, configuring and monitoring of physical and virtual servers. Foreman has deep integration to configuration management software, with Puppet, Chef, Salt and other solutions through plugins, which allows you to automate repetitive tasks, deploy applications and manage change to deployed servers.
Foreman provides provisioning on bare-metal (through managed DHCP, DNS, TFTP, and PXE-based unattended installations), virtualization and cloud. Foreman provides comprehensive, auditable interaction facilities including a web frontend, a command line interface, and a robust REST API.
INSTALLATION:-
Before installing Foreman, make sure you have setup a FQDN for your server.
Note: You should do this on both CentOS and Ubuntu.
Configure EPEL, Puppet and Foreman repositories.
Once the installation is completed, you will see an output like below where you would find the initial username and password to access the Foreman.
The following ports are used by the components of Foreman, needs to be allowed in IP tables (FirewallD) / Hardware Firewall.
Make sure you have setup a FQDN mentioned in prerequisites. Now, we will install Foreman on Ubuntu.Setup a puppet repository,
Configure Foreman (Optional):
If your Foreman host is not visible in Hosts –> All Hosts tab, you should run below command which will send the first Puppet report to Foreman, automatically creating the host in Foreman’s database.
Access Foreman Web Console:
Open up your favourite web browser, navigate to https://your-ip-address or https://FQDN
You should get login page, enter your Foreman credentials.
Once you logged in, you will get an overview page. Like below.
To list down the available hosts, goto Hosts –> All Hosts from Menu. Since we do not have any puppet clients, All Hosts tab would only list your Foreman host, with an "O"status. This indicates its status is OK, with no changes made on the last Puppet run.
It is recommended to change the password of Admin user for security reasons. To do that, click UserName (Top right) –> My Account, you would end up with an option to change a password.
Download and Install NTP module:
One of the more important requirement of puppet is to have an accurate time-keeping, to do this, we will install Puppet NTP module for managing the NTP service.
If you have Puppet 2.7.14 or higher, install the module automatically from Puppet Forge to our “production” environment (the default).
Use following command to install NTP module on Foreman (Puppet master) host.
Select the NTP module and click the update button.
After clicking the update button, you will see something like below. The "ntp" class will appear in the Puppet class list if installed correctly. Click on NTP class on the left.
Now, Click the Smart Class Parameter and then select server list on the left side. Tick the Override checkbox so Foreman manages the "server list" parameter of the class, then click Submit.
Note: Change the default value if you want to use your own NTP servers.
Go to Hosts –> All Hosts, edit the Foreman host.
Go to Puppet Classes tab and expand the ntp module and click the + icon to add the ntp class to the host, then click submit.
This time, it will take you automatically to the host details page. Click on YAML, it will show the ntp class and the server list parameter, as passed to Puppet via the ENC (external node classifier) interface.
At last, run the following command on the Foreman host to see the NTP service automatically reconfigured by Puppet and the NTP module.
Foreman (also known as The Foreman) is an open source complete life cycle systems management tool for provisioning, configuring and monitoring of physical and virtual servers. Foreman has deep integration to configuration management software, with Puppet, Chef, Salt and other solutions through plugins, which allows you to automate repetitive tasks, deploy applications and manage change to deployed servers.
Foreman provides provisioning on bare-metal (through managed DHCP, DNS, TFTP, and PXE-based unattended installations), virtualization and cloud. Foreman provides comprehensive, auditable interaction facilities including a web frontend, a command line interface, and a robust REST API.
INSTALLATION:-
Before installing Foreman, make sure you have setup a FQDN for your server.
Note: You should do this on both CentOS and Ubuntu.
vi /etc/hosts
192.168.2.10 server.hackthesec.local serverAlso, do not forget to setup the valid hostname for the above host entry.
vi /etc/hostname
server.hackthesec.localInstall Foreman on CentOS 7 / RHEL 7:
Configure EPEL, Puppet and Foreman repositories.
### CentOS 7 / RHEL7 ### rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm rpm -ivh http://yum.theforeman.org/releases/1.9/el7/x86_64/foreman-release.rpm ### Enable the RHEL Optional and RHSCL repos on RHEL 7 ### yum-config-manager --enable rhel-7-server-optional-rpms rhel-server-rhscl-7-rpmsRun the following command to download Foreman installer.
yum -y install foreman-installerNow, run the Foreman installer to start installing Foreman.
foreman-installerThe installation run is non-interactive, but the configuration can be customized by supplying any of the options listed in foreman-installer –help, or by running foreman-installer -i for interactive mode.
Once the installation is completed, you will see an output like below where you would find the initial username and password to access the Foreman.
Success! * Foreman is running at https://server.hackthesec.local Initial credentials are admin / M8GEY5BH4cffgbuheu * Foreman Proxy is running at https://server.hackthesec.local:8443 * Puppetmaster is running at port 8140 The full log is at /var/log/foreman-installer/foreman-installer.logFirewall Configuration:
The following ports are used by the components of Foreman, needs to be allowed in IP tables (FirewallD) / Hardware Firewall.
firewall-cmd --permanent --add-port=53/tcp firewall-cmd --permanent --add-port=67-69/udp firewall-cmd --permanent --add-port=80/tcp firewall-cmd --permanent --add-port=443/tcp firewall-cmd --permanent --add-port=3000/tcp firewall-cmd --permanent --add-port=3306/tcp firewall-cmd --permanent --add-port=5910-5930/tcp firewall-cmd --permanent --add-port=5432/tcp firewall-cmd --permanent --add-port=8140/tcp firewall-cmd --permanent --add-port=8443/tcp firewall-cmd --reloadInstall Foreman on Ubuntu 14.04:
Make sure you have setup a FQDN mentioned in prerequisites. Now, we will install Foreman on Ubuntu.Setup a puppet repository,
apt-get -y install ca-certificates wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb dpkg -i puppetlabs-release-trusty.debEnable the Foreman repo.
echo "deb http://deb.theforeman.org/ trusty nightly" > /etc/apt/sources.list.d/foreman.list echo "deb http://deb.theforeman.org/ trusty nightly" >> /etc/apt/sources.list.d/foreman.list wget -q http://deb.theforeman.org/pubkey.gpg -O- | apt-key add -Download the Foreman installer.
apt-get update && apt-get -y install foreman-installerRun the Foreman installer.
foreman-installerOnce the installation is completed, you will see an output like below,
Success! * Foreman is running at https://server.hackthesec.local Initial credentials are admin / M8GEY5BH4cffgbuheu * Foreman Proxy is running at https://server.hackthesec.local:8443 * Puppetmaster is running at port 8140 The full log is at /var/log/foreman-installer/foreman-installer.logNote down intial username and password, you need this for accessing Foreman’s dashboard.
Configure Foreman (Optional):
If your Foreman host is not visible in Hosts –> All Hosts tab, you should run below command which will send the first Puppet report to Foreman, automatically creating the host in Foreman’s database.
puppet agent --test Info: Retrieving pluginfacts Info: Retrieving plugin Info: Caching catalog for server.hackthesec.local Info: Applying configuration version '1445821177' Notice: Finished catalog run in 0.56 secondsPuppet 3+ will show a warning the first time that the node can’t be found, this can be ignored.
Access Foreman Web Console:
Open up your favourite web browser, navigate to https://your-ip-address or https://FQDN
You should get login page, enter your Foreman credentials.
Once you logged in, you will get an overview page. Like below.
To list down the available hosts, goto Hosts –> All Hosts from Menu. Since we do not have any puppet clients, All Hosts tab would only list your Foreman host, with an "O"status. This indicates its status is OK, with no changes made on the last Puppet run.
It is recommended to change the password of Admin user for security reasons. To do that, click UserName (Top right) –> My Account, you would end up with an option to change a password.
Download and Install NTP module:
One of the more important requirement of puppet is to have an accurate time-keeping, to do this, we will install Puppet NTP module for managing the NTP service.
If you have Puppet 2.7.14 or higher, install the module automatically from Puppet Forge to our “production” environment (the default).
Use following command to install NTP module on Foreman (Puppet master) host.
[root@hackthesec server ~]# puppet module install -i /etc/puppet/environments/production/modules saz/ntp Notice: Preparing to install into /etc/puppet/environments/production/modules ... Notice: Downloading from https://forgeapi.puppetlabs.com ... Notice: Installing -- do not interrupt ... /etc/puppet/environments/production/modules └── saz-ntp (v2.3.2)In Foreman's web console, go to Configure > Puppet Classes and click Import from hostname (server.hackthesec.local) to read the available Puppet classes from the puppet master and populate Foreman's database.
Select the NTP module and click the update button.
After clicking the update button, you will see something like below. The "ntp" class will appear in the Puppet class list if installed correctly. Click on NTP class on the left.
Now, Click the Smart Class Parameter and then select server list on the left side. Tick the Override checkbox so Foreman manages the "server list" parameter of the class, then click Submit.
Note: Change the default value if you want to use your own NTP servers.
Go to Hosts –> All Hosts, edit the Foreman host.
Go to Puppet Classes tab and expand the ntp module and click the + icon to add the ntp class to the host, then click submit.
This time, it will take you automatically to the host details page. Click on YAML, it will show the ntp class and the server list parameter, as passed to Puppet via the ENC (external node classifier) interface.
At last, run the following command on the Foreman host to see the NTP service automatically reconfigured by Puppet and the NTP module.
puppet agent --testVerify the installation of NTP module by going to Hosts –> All Hosts –> Select Foreman Host –> Reports –> Select latest report.
0 comments:
Post a Comment