Foreman is a free and open source tool for automating provisioning and configuration of Linux systems. Foreman can be integrated with configuration management tools such as Ansible, Chef, Salt and Puppet, available as plugins to deliver a complete Infrastructure lifecycle management. Foreman support various Virtualization and Cloud environments. In this blog post I’ll explain the steps that are used to install Foreman on CentOS 8|RHEL 8|Rocky Linux 8 Linux system.
Foreman System Architecture is as in this diagram.
Install Foreman on CentOS 8|RHEL 8|Rocky Linux 8
The standard features of Foreman are:
- Discover, provision and upgrade your entire bare-metal infrastructure
- Create and manage instances in virtualization environment and across private and public clouds
- Install operating systems via PXE, local media or from templates or images
- Control and gather reports from your configuration management software
- Group your hosts and manage them in bulk, regardless of location
- Review historical changes for auditing or troubleshooting
- Web user interface, JSON REST API and CLI for Linux
- Extend as needed via a robust plugin architecture
After installation of Foreman, the main task will be on installation of correct plugins that integrates with your Infrastructure. If you use RHEV as virtualization Infrastructure you’ll need a specific plugin which enables you provision and destroy resources in this infrastructure. The same model applies to all other core Infrastructure management softwares such as KVM, Xen, CloudStack, OpenStack and many others.
Without covering much theory which can be found in the official documentation pages, lets proceed to install and configure Foreman on CentOS 8 | RHEL 8 server.
Step 1: Configure hostname
You need a proper hostname configured for your machine that can be resolved to an IP address. Don’t use example.com. as domain for the hostname as shown in the example. Replace the hostname with one in your Infrastructure, as configured in your DNS server.
sudo hostnamectl set-hostname foreman.example.comSet IP address and DNS name in your /etc/hosts file. This is often important for environments without a working DNS server.
$ sudo vi /etc/hosts
192.168.100.21 foreman.example.comEnsure that the command below shows the real IP address, not 127.0.1.1.
$ ping -c 2 $(hostname -f)
PING foreman.example.com (192.168.100.21) 56(84) bytes of data.
64 bytes from foreman.example.com (192.168.100.21): icmp_seq=1 ttl=64 time=0.052 ms
64 bytes from foreman.example.com (192.168.100.21): icmp_seq=2 ttl=64 time=0.035 ms
--- foreman.example.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1023ms
rtt min/avg/max/mdev = 0.035/0.043/0.052/0.010 ms
If it returns 127.0.0.1, Change or remove this entry from /etc/hosts file if present.
The hostname configured can be confirmed if it returns a correct IP address using the Linux host command:
$ host foreman.example.comStep 2: Install and Configure NTP time synchronization
Install chrony package which an alternative NTP software package for CentOS and all other RHEL based Linux systems.
sudo dnf -y install chronyAfter the package is installed set correct timezone. This will ensure correct time is set for your machine when you run synchronization command.
sudo timedatectl set-timezone Africa/Nairobi
Start and enable chronyd service using systemctl comamnd.
sudo systemctl enable --now chronydSync time to get the correct date and time in your CentOS / RHEL system.
$ sudo chronyc sources
210 Number of sources = 4
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^- static.102.162.46.78.cli> 2 7 377 14 -3496us[-3496us] +/- 52ms
^- node2.eriomem.net 2 7 377 145 -5807us[-5831us] +/- 45ms
^* time.cloudflare.com 3 7 377 16 -27us[ -52us] +/- 15ms
^- ntp1.squareflow.net 2 7 377 15 -8346us[-8346us] +/- 61msConfirm current time settings.
$ timedatectl
Local time: Mon 2020-07-20 01:48:53 EAT
Universal time: Sun 2020-07-19 22:48:53 UTC
RTC time: Sun 2020-07-19 22:48:53
Time zone: Africa/Nairobi (EAT, +0300)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
If it returns wrong values please recheck the timezone if it was correctly set.
Step 3: Add Puppet and Foreman Repositories
Add the Puppet and Foreman repositories required for both dependencies and actual Foreman packages installation.
sudo dnf -y install https://yum.puppet.com/puppet6-release-el-8.noarch.rpmAlso add Foreman repository by pulling and installing the release rpm package using dnf package manager.
sudo dnf -y install https://yum.theforeman.org/releases/latest/el8/x86_64/foreman-release.rpmStep 4: Install Foreman Installer on CentOS 8|RHEL 8|Rocky Linux 8
Install Ruby on your system:
sudo dnf module reset ruby
sudo dnf -y module enable ruby:2.7
sudo dnf install ruby -yWith the two repositories added, install foreman installer in your CentOS 8|RHEL 8|Rocky Linux 8 system.
sudo dnf -y install foreman-installerStep 5: Run foreman installer on CentOS 8|RHEL 8|Rocky Linux 8
When the installation of foreman installer is complete, you need to run it to configure and prepare Foreman components. The Foreman installer is a collection of Puppet modules that installs everything required for a full working Foreman setup on CentOS 8 | RHEL 8.
By default it will configure:
- Apache HTTP with SSL (using a Puppet-signed certificate)
- Foreman running under mod_passenger
- Smart Proxy configured for Puppet, TFTP and SSL
- Puppet master running under mod_passenger
- Puppet agent configured
- TFTP server (under xinetd on Red Hat platforms)
Note that installation of foreman runs is a non-interactive mode by default, but the configuration can be customized by supplying any of the options listed in:
sudo foreman-installer --helpTo run foreman installation in interactive mode, use:
sudo foreman-installer -iTo run the installation in a non-interactive mode, use:
sudo foreman-installerIf Smart Proxy, Puppet master are installed along Foreman, the installer will output details about them after the installation.
Preparing installation Done
Executing: foreman-rake upgrade:run
foreman-rake upgrade:run finished successfully!
Success!
* Foreman is running at https://foreman.example.com
Initial credentials are admin / QAefJcYDnxQy2yEL
* Foreman Proxy is running at https://foreman.example.com:8443
The full log is at /var/log/foreman-installer/foreman.logOpen all required ports if you have an active firewalld service.
sudo firewall-cmd --add-port={22,53,80,443,3000,8140,3306,5432,8443,5910-5930}/tcp --permanent
sudo firewall-cmd --add-port=67-69/udp --permanent
sudo firewall-cmd --reloadUse the details given in the output to login to Foreman Dashboard.
Refer to the official Foreman and Katello documentation to get more useful information on administration.
Courses to Learn Ansible Automation:
- Dive Into Ansible – From Beginner to Expert in Ansible
- Ansible Essentials with Hands-on Labs
- Ansible for the Absolute Beginner – Hands-On – DevOps
- Mastering Ansible
Video Courses to Learn Linux System Administration:
- Linux Mastery: Master the Linux Command Line in 11.5 Hours
- Complete Linux Training Course to Get Your Dream IT Job
- Learn Linux in 5 Days and Level Up Your Career
- Linux Administration Bootcamp: Go from Beginner to Advanced
Some of the focus areas for new installations are:
- Provisioning Guide
- Administering Foreman Guide
- Managing Hosts Guide
- Content Management Guide
- Configuring Smart Proxies with a Load Balancer
Fore Debian checkout our guide: Install Foreman on Debian 10 Linux
