Hello everyone, welcome to our today's article on Foreman to manage your Puppet Nodes on Ubuntu 16. Foreman is an open source tool that helps system administrators to manage servers throughout their life cycle, from provisioning and configuration to orchestration and monitoring. You can easily automate repetitive tasks, quickly deploy applications, and proactively manage change, both on-premise with VMs and bare-metal or in the cloud by using Puppet, Chef, Salt, Ansible and Foreman’s smart proxy architecture. Foreman provides comprehensive, interaction facilities including a web frontend, CLI and RESTful API which enables you to build higher level business logic on top of a solid foundation.
Using Foreman you can discover, provision and upgrade your entire bare-metal infrastructure, create and manage instances across private and public clouds. You can use it in a group of your hosts and manage them in bulk, regardless of location then review historical changes for auditing or troubleshooting.
There are some basic requirements that must be assured before moving to the installation of Foreman. The first thing is to create a fresh VM on which you have root privileges, configure its FQDN and hostname which can be setu using below commands.
# hostnamectl set-hostname ksh-u16
Then edit the 'hosts' file with your FQDN before the hostname .
# vi /ete/hosts 127.0.0.1 ksh-u16.domain.com ksh-u16
Save and close the file and run below command to check if your FQDN has been configured.
# hostname -f
You will see your FQDN in the output. Now update your system with latest updates and security patches using by issuing the following command in your command line terminal.
# apt-get update
# apt-get upgrade
Select 'Y' key for confirmation and to start your system updates. Once all the updates are complete, we are good to move towards Foreman installation.
Installing Foreman on Ubuntu 16
Now we are going to install Foreman using its installer, which will includes all of its required components necessary to run Foreman that is Puppet master and agent , Apache Web server with SSL and Passenger module.
First we will enable repository to use Puppet 4.x with Puppet Agent and Puppet Server using below commands.
# apt-get -y install ca-certificates
# wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
# dpkg -i puppetlabs-release-pc1-xenial.deb
Then use below commands to Enable the Foreman repo.
echo "deb http://deb.theforeman.org/ xenial 1.14" > /etc/apt/sources.list.d/foreman.list
echo "deb http://deb.theforeman.org/ plugins 1.14" >> /etc/apt/sources.list.d/foreman.list
apt-get -y install ca-certificates
wget -q https://deb.theforeman.org/pubkey.gpg -O- | apt-key add -
Download the Forman installer by using the following command.
# apt-get update && apt-get -y install foreman-installer
Now we will run the foreman installer but before running the installer, Ensure that ping $(hostname -f) shows the real IP address, not 127.0.1.1. Change or remove this entry from /etc/hosts if present.
The installation run is non-interactive, but the configuration can be customized by supplying any of the options listed in foreman-installer --help, or by running foreman-installer -i for interactive mode. Adding -v will disable the progress bar and display all changes.
To run the installer, execute below command.
Installing Done [100%] [...........................................................................] Success! * Foreman is running at https://ksh-u16.domain.com Initial credentials are admin / cwGbVjM2zGP5aDwm * Foreman Proxy is running at https://ksh-u16.domain.com:8443 * Puppetmaster is running at port 8140 The full log is at /var/log/foreman-installer/foreman.log
After completion, the installer will print some details as shown above where you will find Foreman, the Smart Proxy and Puppet master details.
Foreman Web Interface
Let's open your favorite browser along with Foreman web URL mentioned above and login with your provided credentials as shown.
After successful installation, the Foreman installer will have set up a puppet master on the host, fully integrated with Foreman. First run the Puppet agent on the Foreman host which will send the first Puppet report to Foreman, automatically creating the host in Foreman’s database.
# puppet agent --test
Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Caching catalog for ksh-u16.centricait.com Info: Applying configuration version '1485372953' Notice: Applied catalog in 0.23 seconds
Now in Foreman Web Interface, click on the Hosts tab and your Foreman host should be visible in the list with an “OK” status. This indicates its status is OK, with no changes made on the last Puppet run.
Downloading a Puppet module
Next, we’ll install a Puppet module for managing the NTP service from Puppet Forge to our default “production” environment by using below command.
# puppet module install puppetlabs/ntp
Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules ... Notice: Downloading from https://forgeapi.puppet.com ... Notice: Installing -- do not interrupt ... /etc/puppetlabs/code/environments/production/modules └─┬ puppetlabs-ntp (v6.0.0) └── puppetlabs-stdlib (v4.15.0)
In Foreman, go to Configure > Classes and click Import from hostname (top right) to read the available Puppet classes from the puppet master and populate Foreman’s database. The “ntp” class will appear in the Puppet class list if installed correctly as shown below.
Here you need to check the icon and click on the 'update' button. The ntp module is now imported into Foreman, and ready to be used with a host.
Using Puppet Module
Click on the “ntp” class in the list, change to the Smart Class Parameters tab and select the servers parameter on the left hand side. Tick the Override checkbox so Foreman manages the “servers” parameter of the class and change the default value if desired, before submitting the page.
Now change back to the Hosts tab and click Edit on the Foreman host. On the Puppet Classes tab, expand the ntp module and click the + icon to add the ntp class to the host, then save the host.
To view puppet configurations, clicking the YAML button when you get back on the host page, it will show the ntp class and the servers parameter, as passed to Puppet via the ENC (external node classifier) interface. Re-run 'puppet agent --test' on the Foreman host to see the NTP service automatically reconfigured by Puppet and the NTP module.
Once you click on the YAML, you get the following output on your web page.
--- classes: ntp: authprov: '' broadcastclient: '' config: '' config_dir: '' config_epp: '' config_file_mode: '' config_template: '' tos_minsane: '' udlc: '' udlc_stratum: '' parameters: puppetmaster: ksh-u16.domain.com domainname: domain.com root_pw: puppet_ca: ksh-u16.domain.com foreman_env: production owner_name: Admin User owner_email: firstname.lastname@example.org foreman_subnets:  foreman_config_groups:  environment: production
Adding more Puppet-managed hosts
Other hosts with Puppet agents installed can use this puppet master by setting server = ksh-u16.domain.com in puppet.conf. Sign their certificates in Foreman by going to Infrastructure > Smart Proxies > Certificates or using below commands on the puppet master.
# puppet cert list
# puppet cert sign
Puppet classes can be added to host groups in Foreman instead of individual hosts, enabling a standard configuration of many hosts simultaneously. Host groups are typically used to represent server roles.
In this article we learned about the installation of Foreman and to use and manage puppet nodes on Ubuntu 16. The Foreman can be a single source of truth for configuration information and help you create and provision systems faster so that when a new team member joins your team you just press a button and provision his new machine automatically. With Foreman you could set up a new testing environments with every single deployment run helping you test different characteristics of features very easily and keeping track of the evolution of the environment together with that of the code. In this way you have to do minimum struggle to setup your new test or production environment. I hope you find this article much help, thank you for reading.