How to Setup Foreman to Manage Puppet Nodes on Ubuntu 16.04

Hello everyone, welcome to our today's article on Foreman to manage your Puppet Nodes on Ubuntu 16. Foreman is an open source tool that helps system administrators to manage servers throughout their life cycle, from provisioning and configuration to orchestration and monitoring. You can easily automate repetitive tasks, quickly deploy applications, and proactively manage change, both on-premise with VMs and bare-metal or in the cloud by using Puppet, Chef, Salt, Ansible and Foreman’s smart proxy architecture. Foreman provides comprehensive, interaction facilities including a web frontend, CLI and RESTful API which enables you to build higher level business logic on top of a solid foundation.

Using Foreman you can discover, provision and upgrade your entire bare-metal infrastructure, create and manage instances across private and public clouds. You can use it in a group of your hosts and manage them in bulk, regardless of location then review historical changes for auditing or troubleshooting.

Prerequisites

There are some basic requirements that must be assured before moving to the installation of Foreman. The first thing is to create a fresh VM on which you have root privileges, configure its FQDN and hostname which can be setu using below commands.

# hostnamectl set-hostname ksh-u16

Then edit the 'hosts' file with your FQDN before the hostname .

# vi /ete/hosts
127.0.0.1 ksh-u16.domain.com ksh-u16

Save and close the file and run below command to check if your FQDN has been configured.

# hostname -f

You will see your FQDN in the output. Now update your system with latest updates and security patches using by issuing the following command in your command line terminal.

# apt-get update

# apt-get upgrade

Select 'Y' key for confirmation and to start your system updates. Once all the updates are complete, we are good to move towards Foreman installation.

Installing Foreman on Ubuntu 16

Now we are going to install Foreman using its installer, which will includes all of its required components necessary to run Foreman that is Puppet master and agent , Apache Web server with SSL and Passenger module.

First we will enable repository to use Puppet 4.x with Puppet Agent and Puppet Server using below commands.

# apt-get -y install ca-certificates

# wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb

# dpkg -i puppetlabs-release-pc1-xenial.deb

puppet setup

Then use below commands to Enable the Foreman repo.

echo "deb http://deb.theforeman.org/ xenial 1.14" > /etc/apt/sources.list.d/foreman.list

echo "deb http://deb.theforeman.org/ plugins 1.14" >> /etc/apt/sources.list.d/foreman.list

apt-get -y install ca-certificates

wget -q https://deb.theforeman.org/pubkey.gpg -O- | apt-key add -

Download the Forman installer by using the following command.

# apt-get update && apt-get -y install foreman-installer

Now we will run the foreman installer but before running the installer, Ensure that ping $(hostname -f) shows the real IP address, not 127.0.1.1. Change or remove this entry from /etc/hosts if present.

The installation run is non-interactive, but the configuration can be customized by supplying any of the options listed in foreman-installer --help, or by running foreman-installer -i for interactive mode. Adding -v will disable the progress bar and display all changes.

To run the installer, execute below command.

# foreman-installer

Installing Done [100%] [...........................................................................] Success!
* Foreman is running at https://ksh-u16.domain.com
Initial credentials are admin / cwGbVjM2zGP5aDwm
* Foreman Proxy is running at https://ksh-u16.domain.com:8443
* Puppetmaster is running at port 8140
The full log is at /var/log/foreman-installer/foreman.log

After completion, the installer will print some details as shown above where you will find Foreman, the Smart Proxy and Puppet master details.

Foreman Web Interface

Let's open your favorite browser along with Foreman web URL mentioned above and login with your provided credentials as shown.

https://ksh-u16.domain.com

foreman login page

Puppet Management

After successful installation, the Foreman installer will have set up a puppet master on the host, fully integrated with Foreman. First run the Puppet agent on the Foreman host which will send the first Puppet report to Foreman, automatically creating the host in Foreman’s database.

# puppet agent --test

Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for ksh-u16.centricait.com
Info: Applying configuration version '1485372953'
Notice: Applied catalog in 0.23 seconds

Now in Foreman Web Interface, click on the Hosts tab and your Foreman host should be visible in the list with an “OK” status. This indicates its status is OK, with no changes made on the last Puppet run.

foreman host status

Downloading a Puppet module

Next, we’ll install a Puppet module for managing the NTP service from Puppet Forge to our default “production” environment by using below command.

# puppet module install puppetlabs/ntp

Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules ...
Notice: Downloading from https://forgeapi.puppet.com ...
Notice: Installing -- do not interrupt ...
/etc/puppetlabs/code/environments/production/modules
└─┬ puppetlabs-ntp (v6.0.0)
└── puppetlabs-stdlib (v4.15.0)

In Foreman, go to Configure > Classes and click Import from hostname (top right) to read the available Puppet classes from the puppet master and populate Foreman’s database. The “ntp” class will appear in the Puppet class list if installed correctly as shown below.

puppet ntp module

Here you need to check the icon and click on the 'update' button. The ntp module is now imported into Foreman, and ready to be used with a host.

Using Puppet Module

Click on the “ntp” class in the list, change to the Smart Class Parameters tab and select the servers parameter on the left hand side. Tick the Override checkbox so Foreman manages the “servers” parameter of the class and change the default value if desired, before submitting the page.

puppet class

Now change back to the Hosts tab and click Edit on the Foreman host. On the Puppet Classes tab, expand the ntp module and click the + icon to add the ntp class to the host, then save the host.

adding ntp class

To view puppet configurations, clicking the YAML button when you get back on the host page, it will show the ntp class and the servers parameter, as passed to Puppet via the ENC (external node classifier) interface. Re-run 'puppet agent --test' on the Foreman host to see the NTP service automatically reconfigured by Puppet and the NTP module.

puppet dump YAML

Once you click on the YAML, you get the following output on your web page.

---
classes:
ntp:
authprov: ''
broadcastclient: ''
config: ''
config_dir: ''
config_epp: ''
config_file_mode: ''
config_template: ''
tos_minsane: ''
udlc: ''
udlc_stratum: ''
parameters:
puppetmaster: ksh-u16.domain.com
domainname: domain.com
root_pw:
puppet_ca: ksh-u16.domain.com
foreman_env: production
owner_name: Admin User
owner_email: root@domain.com
foreman_subnets: [] foreman_config_groups: [] environment: production

Adding more Puppet-managed hosts

Other hosts with Puppet agents installed can use this puppet master by setting server = ksh-u16.domain.com in puppet.conf. Sign their certificates in Foreman by going to Infrastructure > Smart Proxies > Certificates or using below commands on the puppet master.

# puppet cert list

# puppet cert sign

Puppet classes can be added to host groups in Foreman instead of individual hosts, enabling a standard configuration of many hosts simultaneously. Host groups are typically used to represent server roles.

Conclusion

In this article we learned about the installation of Foreman and to use and manage puppet nodes on Ubuntu 16. The Foreman can be a single source of truth for configuration information and help you create and provision systems faster so that when a new team member joins your team you just press a button and provision his new machine automatically. With Foreman you could set up a new testing environments with every single deployment run helping you test different characteristics of features very easily and keeping track of the evolution of the environment together with that of the code. In this way you have to do minimum struggle to setup your new test or production environment. I hope you find this article much help, thank you for reading.

About Kashif Siddique

Linux Systems and Security Engineer in Information and Communication Technology. Results-driven ICT Professional and Open Source Geek with technical specialties in the area of Open Source Operating systems and Applications.

Author Archive Page

Have anything to say?

Your email address will not be published. Required fields are marked *

All comments are subject to moderation.