Foreman is an open-source tool used to configure, provision, and manage the life cycle of physical and virtual servers. It helps one perform repetitive and configuration tasks with the deep integration to configuration tools such as Ansible, chef, salt, Puppet e.t.c. Foreman allows one to make provisions on bare-metal(using DHCP, DNS, TFTP), virtual, and cloud platforms. Foreman offers 3 comprehensive interaction facilities i.e the Commandline interface, a web-based UI, and a robust REST API
Foreman was developed in July 2009, bearing a different project name, and was later released in 2009 by Ohad Levy. It was produced targeting the Linux system although successful installations have been reported for other Operating systems such as macOS, Windows, and BSD systems. The officially supported platforms are:
- Fedora
- Red Hat Enterprise Linux (and its derivatives such as CentOS)
- Debian
- Ubuntu
The amazing features associated with Foreman include:
- It allows one group hosts and manage them in bulk, regardless of location
- Allows one discover, provision and upgrade your entire bare-metal infrastructure
- Create and manage instances across private and public clouds
- It has a vast plugin architecture with which you can extend Foreman as needed
- Automatically build images (on each platform) per system definition to optimize deployment
- It allows one to review historical changes for auditing or troubleshooting
By following this guide to the end, you should be able to install Foreman 3.x on CentOS 7 / RHEL 7. We additionally perform an ansible configuration for repetitive tasks.
Install Foreman 3.x on CentOS 7 / RHEL 7
Foreman 3.x installation can be done using the Foreman installer. This is a collection of Puppet modules that installs all the required components for Foreman. These components include; Smart Proxy, a Puppet server, the Foreman web U and additional TFTP, DNS, and DHCP servers.
Step 1 – Set the system Hostname
A hostname is required when running the Foreman installation and configuration. Set the system hostname as below.
sudo hostnamectl set-hostname foreman.neveropen.techAdd the hostname to the hosts file.
$ sudo vi /etc/hosts
192.168.205.20 foreman.neveropen.techStep 2 – Add the Foreman 3.x Installer Repository
On RHEL 7, begin by enabling the SCL repositories:
sudo yum -y install yum-utils
sudo yum-config-manager --enable rhel-7-server-optional-rpms rhel-server-rhscl-7-rpms
On CentOS 7 enable extras.
sudo yum -y install yum-utils
sudo yum-config-manager --enable extrasNow enable the Puppet 6.x repository on CentOS 7 / RHEL 7.
sudo yum -y install https://yum.puppet.com/puppet6-release-el-7.noarch.rpmProceed and enable the EPEL repositories on your CentOS 7 / RHEL 7 system.
##On RHEL 7
sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
##On CentOS 7
sudo yum -y install epel-release centos-release-scl-rhNow add the Foreman 3.x repository to the system. Here we are adding Foreman repository which is the latest version.
sudo yum -y install https://yum.theforeman.org/releases/latest/el7/x86_64/foreman-release.rpmStep 3 – Run the Foreman 3.x Installer
Once the repository has been added, you need to download the Foreman 3.x Installer using the command below:
sudo yum -y install foreman-installerThis script will install all the required packages including the rubygem-kafo, puppet e.t.c
Now run the installer. You can as well make configurations using options in the foreman-installer --help.
sudo foreman-installerSample Output:
Step 3 – Allow Foreman Firewall ports
There are several ports that need to be allowed through the firewall for Foreman to run. These ports can be allowed as below.
sudo firewall-cmd --permanent --add-port=53/tcp
sudo firewall-cmd --permanent --add-port=67-69/udp
sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --permanent --add-port=443/tcp
sudo firewall-cmd --permanent --add-port=3000/tcp
sudo firewall-cmd --permanent --add-port=3306/tcp
sudo firewall-cmd --permanent --add-port=5910-5930/tcp
sudo firewall-cmd --permanent --add-port=5432/tcp
sudo firewall-cmd --permanent --add-port=8140/tcp
sudo firewall-cmd --permanent --add-port=8443/tcp
Now reload the daemon for the changes above to apply.
sudo firewall-cmd --reloadAccess the Foreman Web UI
As said before, one of the tools you can use to interact with Foreman is the Web UI. This can be accessed using the URL https://IP_address or https://domain_name
Login by providing the credentials created during the installation and proceed to the Foreman dashboard.
Create an Operating System
Foreman allows one to create a host to be managed. Begin by creating Operating systems for installation under Hosts > Operating systems. Create a new operating system for the required distribution.
Provide the partition table details and create an installation media for the Operating system
Create a host.
With an operating system created, you can create a host using it under Hosts > Create Host. Provide the required details here.
Proceed and link the created Operating system and installation media.
Set the network interface.
Submit for the changes to apply.
Now under Hosts > All hosts, you should have the new host added.
Getting Started with Ansible in Foreman
Now we will configure Ansible for repetitive tasks on Foreman. Begin by enabling the Ansible Plugin on Foreman as below.
sudo foreman-installer --enable-foreman-plugin-ansible \
--enable-foreman-proxy-plugin-ansibleProceed and add roles to the /etc/ansible/roles directory. For example, a sample ansible role to install vim, check system uptime can be created as below.
sudo vi /etc/ansible/roles/playbook.yamlIn the file, add the content:
---
- hosts: foreman.geeksforgeeks.org
tasks:
- name: Install latest version of vim on CentOS Linux Node
yum: name=vim state=latest
- name: start nginx
service:
name: nginx
state: started
- name: Check uptime of the remote host
shell: uptime
register: command_output
- debug:
var: command_output.stdout_lineSave the file, head to the Foreman Web UI, and import the role under Configure > Ansible > Roles
Once imported, the role can be assigned to a given under Hosts > All hosts. Edit the host and add the Ansible role to it.
Submit the changes made and the role will be added to the host. Verify if the repetitive task has been configured.
That is it!
You are set to use the Foreman 3.x on CentOS 7 / RHEL 7 to manage hosts and perform several repetitive tasks using Ansible or whichever tool you desire. I hope this was helpful.
See more:
