Menu

Install Foreman on CentOS 7 / RHEL 7 / Ubuntu 14.04.3
Foreman (also known as The Foreman) is an open source complete life cycle systems management tool for provisioning, configuring and monitoring of physical and virtual servers. Foreman has deep integration to configuration management software, with Puppet, Chef, Salt and other solutions through plugins, which allows you to automate repetitive tasks, deploy applications and manage change to deployed servers.


Foreman provides provisioning on bare-metal (through managed DHCP, DNS, TFTP, and PXE-based unattended installations), virtualization and cloud. Foreman provides comprehensive, auditable interaction facilities including a web frontend, a command line interface, and a robust REST API.


INSTALLATION:-
Before installing Foreman, make sure you have setup a FQDN for your server.

Note: You should do this on both CentOS and Ubuntu.
vi /etc/hosts
192.168.2.10 server.hackthesec.local server
Also, do not forget to setup the valid hostname for the above host entry.
vi /etc/hostname
server.hackthesec.local
Install Foreman on CentOS 7 / RHEL 7:
Configure EPEL, Puppet and Foreman repositories.
### CentOS 7 / RHEL7 ###

rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm

rpm -ivh http://yum.theforeman.org/releases/1.9/el7/x86_64/foreman-release.rpm

### Enable the RHEL Optional and RHSCL repos on RHEL 7 ###

yum-config-manager --enable rhel-7-server-optional-rpms rhel-server-rhscl-7-rpms
Run the following command to download Foreman installer.
yum -y install foreman-installer
Now, run the Foreman installer to start installing Foreman.
foreman-installer
The installation run is non-interactive, but the configuration can be customized by supplying any of the options listed in foreman-installer –help, or by running foreman-installer -i for interactive mode.


Once the installation is completed, you will see an output like below where you would find the initial username and password to access the Foreman.
Success!
  * Foreman is running at https://server.hackthesec.local
      Initial credentials are admin / M8GEY5BH4cffgbuheu
  * Foreman Proxy is running at https://server.hackthesec.local:8443
  * Puppetmaster is running at port 8140
  The full log is at /var/log/foreman-installer/foreman-installer.log
Firewall Configuration:
The following ports are used by the components of Foreman, needs to be allowed in IP tables (FirewallD) / Hardware Firewall.
firewall-cmd --permanent --add-port=53/tcp
firewall-cmd --permanent --add-port=67-69/udp
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --permanent --add-port=3000/tcp
firewall-cmd --permanent --add-port=3306/tcp
firewall-cmd --permanent --add-port=5910-5930/tcp
firewall-cmd --permanent --add-port=5432/tcp
firewall-cmd --permanent --add-port=8140/tcp
firewall-cmd --permanent --add-port=8443/tcp
firewall-cmd --reload
Install Foreman on Ubuntu 14.04:
Make sure you have setup a FQDN mentioned in prerequisites. Now, we will install Foreman on Ubuntu.Setup a puppet repository,
apt-get -y install ca-certificates
wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb
dpkg -i puppetlabs-release-trusty.deb
Enable the Foreman repo.
echo "deb http://deb.theforeman.org/ trusty nightly" > /etc/apt/sources.list.d/foreman.list
echo "deb http://deb.theforeman.org/ trusty nightly" >> /etc/apt/sources.list.d/foreman.list
wget -q http://deb.theforeman.org/pubkey.gpg -O- | apt-key add -
Download the Foreman installer.
apt-get update && apt-get -y install foreman-installer
Run the Foreman installer.
foreman-installer
Once the installation is completed, you will see an output like below,
Success!
  * Foreman is running at https://server.hackthesec.local
      Initial credentials are admin / M8GEY5BH4cffgbuheu
  * Foreman Proxy is running at https://server.hackthesec.local:8443
  * Puppetmaster is running at port 8140
  The full log is at /var/log/foreman-installer/foreman-installer.log
Note down intial username and password, you need this for accessing Foreman’s dashboard.
Configure Foreman (Optional):
If your Foreman host is not visible in Hosts –> All Hosts tab, you should run below command which will send the first Puppet report to Foreman, automatically creating the host in Foreman’s database.
puppet agent --test

Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for server.hackthesec.local
Info: Applying configuration version '1445821177'
Notice: Finished catalog run in 0.56 seconds
Puppet 3+ will show a warning the first time that the node can’t be found, this can be ignored.
Access Foreman Web Console:
Open up your favourite web browser, navigate to https://your-ip-address or https://FQDN

You should get login page, enter your Foreman credentials.
Once you logged in, you will get an overview page. Like below.
To list down the available hosts, goto Hosts –> All Hosts from Menu. Since we do not have any puppet clients, All Hosts tab would only list your Foreman host, with an "O"status. This indicates its status is OK, with no changes made on the last Puppet run.

It is recommended to change the password of Admin user for security reasons. To do that, click UserName (Top right)  –> My Account, you would end up with an option to change a password.
Download and Install NTP module:
One of the more important requirement of puppet is to have an accurate time-keeping, to do this, we will install Puppet NTP module for managing the NTP service.

If you have Puppet 2.7.14 or higher, install the module automatically from Puppet Forge to our “production” environment (the default).


Use following command to install NTP module on Foreman (Puppet master) host.
[root@hackthesec server ~]# puppet module install -i /etc/puppet/environments/production/modules saz/ntp

Notice: Preparing to install into /etc/puppet/environments/production/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Notice: Installing -- do not interrupt ...
/etc/puppet/environments/production/modules
└── saz-ntp (v2.3.2)
In Foreman's web console, go to Configure > Puppet Classes and click Import from hostname (server.hackthesec.local) to read the available Puppet classes from the puppet master and populate Foreman's database.
Select the NTP module and click the update button.
After clicking the update button, you will see something like below. The "ntp" class will appear in the Puppet class list if installed correctly. Click on NTP class on the left.
Now, Click the Smart Class Parameter and then select server list on the left side. Tick the Override checkbox so Foreman manages the "server list" parameter of the class, then click Submit.

Note: Change the default value if you want to use your own NTP servers.
Go to Hosts –> All Hosts, edit the Foreman host.
Go to Puppet Classes tab and expand the ntp module and click the + icon to add the ntp class to the host, then click submit.
This time, it will take you automatically to the host details page. Click on YAML, it will show the ntp class and the server list parameter, as passed to Puppet via the ENC (external node classifier) interface.
At last, run the following command on the Foreman host to see the NTP service automatically reconfigured by Puppet and the NTP module.
puppet agent --test
Verify the installation of NTP module by going to Hosts –> All Hosts –> Select Foreman Host –> Reports –> Select latest report.


About Author:


I am a Linux Administrator and Security Expert with this site i can help lot's of people about linux knowladge and as per security expert i also intersted about hacking related news.TwitterFacebook

Next
Newer Post
Previous
Older Post

0 comments:

Post a Comment

 
Top