How to Install and Configure Foreman 1.11 on CentOS 7.x

Foreman is a free and open source configuration management and provisioning tool for physical and virtual servers. Foreman performs the repetitive and other configuration tasks using the tools like puppet, chef and Ansible. For provisioning, Foreman make the use of DHCP, DNS, TFTP and kickstart file.Though in this article we are going to use puppet tool with Foreman.

Foreman provides a dashboard from where system administrator can perform all configuration and audit task, we can also get the reports like how many nodes are managed by foreman and what configuration has been pushed on the nodes.

In this post i am going to demonstrate how to install and configure foreman 1.11 with puppet on CentOS 7.x

Below are details of my server on which i will install and configure Foreman.

  • OS(Operating System)  = CentOS 7.x
  • IP  Address = 192.168.1.5
  • Hostname = foreman.example.com
  • SeLinux = Disabled
  • Firewall = Enabled

I have my own local DNS server for the domain example.com, in case you don’t have the DNS server then you have to put entries in the ‘/etc/hosts‘ file for name to ip resolution.

Step:1 Enable puppetlabs repo and install foreman installer

Open the terminal and run the following commands one after the other.

[[email protected] ~]# rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
[[email protected] ~]# yum -y install epel-release http://yum.theforeman.org/releases/1.11/el7/x86_64/foreman-release.rpm
[[email protected] ~]# yum -y install foreman-installer

Step:2 Start the Installation using foreman installer

To start the foreman installation , run the command “foreman-installer” , it will be non-interactive installation. In case you want the interactive installation use ‘-i‘ option in the command like “foreman-installer -i”

[[email protected] ~]# foreman-installer

Once the foreman installation is completed we  will get the output like below :

foreman-successful-installation-message

We can see that initial credentials have been created for the foreman dashboard and moreover puppetmaster is also installed which is running in 8140 port.

Before Accessing the dashboard, it is recommended  to open the required ports in the OS firewall. Execute the beneath commands one after the other.

[[email protected] ~]# firewall-cmd --permanent --add-port=53/tcp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=67-69/udp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=80/tcp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=443/tcp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=3000/tcp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=3306/tcp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=5910-5930/tcp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=5432/tcp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=8140/tcp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=8443/tcp
success
[[email protected] ~]# firewall-cmd --reload
success
[[email protected] ~]#

Step:3 Access Foreman Dashboard

To access foreman dashboard , type “https://<Hostname_OR_IP_Foreman_Server>”

In My Case dashboard can be accessed from the url :  https://foreman.example.com

Use the initial credentials which is created during foreman installation

Login-foreman-dashboard

Foreman-Dashboard-overview

By default foreman server itself is registered in foreman dashboard. To check the host information,

click on Hosts options —> then all hosts.

Managed-Hosts-foreman-dashboard

Let’s install ntp module on the foreman server and import it from dashboard. NTP is very much required for puppet to work smoothly. Use the below command to download ntp module.

[[email protected] ~]# puppet module install puppetlabs-ntp

Now import the NTP module from dashboard. Click on Configure —-> Classes

foreman-class-option-in-dashbaord

Import-Puppet-classes-NTP-foreman-dashboard

Click on Import option, it will import the NTP module in foreman dashboard, example is shown below :

Update-NTP-Module-foreman-dashboard

Select the Module and click on Update.

Puppet -NTP-class-foreman-dashboard

Click on  ‘ntp’ class name and the select ‘Smart Class Parameter’

Edit-Puppet-Class-ntp

Select the override option in case you want to specify your own NTP  Servers. Change the Key type Value from “String” to “Array” and Specify the NTP Server’s name in the Default value Box and then click on Submit. Example is shown below.

NTP-Server-list-Foreman-Dashboard

Now it’s time to add ntp class to the host, for that go to Hosts options and Select the host (foreman.example.com), Click on Edit. Go to the ‘Puppet Classes‘ Tab and Click on ‘+‘ option to add ntp class on the host and then click on submit

Add-NTP-Class-to-host-foreman

Now Run the following puppet command from the foreman server to configure the NTP Service automatically.

[[email protected] ~]# puppet agent --test

Now Check the reports from the Dashboard for the host.

Go To Hosts—> Click on hosts{foreman.example.com}—> Click on Reports.

Reports-Foreman-dashboard

As we know that puppet makes the use of SSL Certificates to set up the secure communication between puppet server and its nodes. Once Puppet Server sign the certificates of its node, then only communication can occur.

Let’s create a autosign entry for puppet nodes which are on the domain “example.com

In the Forman Dashboard , Go To Infrastructure —> Select Smart Proxies —> Select Autosign  under Action Tab

Click on New to create new ‘autosign’ entry. Specify the domain name and then click on Save.

Smart-Proxy-autosign-entry-foreman-Dashboard

At this point, now we can say that our foreman server is ready to manage servers.

Step:4 Add New hosts to Foreman Dashboard.

To add new hosts or servers in the foreman dashboard we have to install puppet agent on the hosts and execute the following puppet command from the host.

Let’s suppose we want to add Ubuntu server { ubuntu-server.example.com – 192.168.1.14 }

[email protected]:~$ sudo apt install puppet
[email protected]:~$ puppet agent -td --server=foreman.example.com

Now verify the host in dashboard.

Hosts -Details-Foreman-Dashboard

Now Add puppet Classes to this host in the same way  that we do for the host “foreman.example.com” in the above steps.

Note : Command to remove puppet module.
[[email protected] ~]#  puppet module uninstall --environment=production puppetlabs-ntp
Notice: Preparing to uninstall 'puppetlabs-ntp' ...
Removed 'puppetlabs-ntp' (v4.2.0) from /etc/puppet/environments/production/modules
[[email protected] ~]#

That’s conclude the article, Please share your feedback and Comments

Reference : http://theforeman.org/manuals/1.11/index.html#2.Quickstart

6 Responses

  1. UDay says:

    Hey Pradeep,

    I dont find the default host foreman.example.com registered to my foreman after it comes up, can you point me to some debugging options ?

    Again, thanks a lot for all the great work.

    – Uday

    • Hi Uday,

      Whenever Foreman is installed successfully, then under the hosts tab your foreman server with its hostname should register automatically.

      Can you tell me on which OS you have installed Foreman …? Did you get any error during foreman installation ..?

  2. UDay says:

    Hey Pradeep,

    I have installed it on a Centos 7 box. I see the host registered now after writing the hostname to the /etc/hosts /etc/hostname and running the hostname command. Again, thanks for the response.

    I have a new problem now, where I have been trying to create a kickstart file that makes use of and the kickstart process is not able to resolve foreman.example.com and any other dns domain. Any suggestions on how I can work around this ? I am using virtualbox as my setup.

    Thanks,
    Uday

  3. zubing says:

    Hey Pradeep,

    I have installed foreman ,when i executed the step3, I always failed, could you tell me what is the problem,thanks.

    centos7

  4. Krishna Verma says:

    Hi Pradeep,

    I am getting errors when running puppet agent on host after adding ntp module by following your steps.
    Something like below :
    parameter ‘interfaces’ expects an Array value, got String
    parameter ‘interfaces_ignore’ expects an Array value, got String
    parameter ‘service_enable’ expects a Boolean value, got String
    parameter ‘service_ensure’ expects a match for Enum[‘running’, ‘stopped’], got ”
    parameter ‘service_manage’ expects a Boolean value, got String
    parameter ‘slewalways’ expects an undef value or a match for Enum[‘no’, ‘yes’], got ”
    parameter ‘statistics’ expects a value of type Undef or Array, got String
    parameter ‘statsdir’ expects a Stdlib::Absolutepath = Variant[Stdlib::Windowspath = Pattern[/^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/], Stdlib::Unixpath = Pattern[/^\/([^\/\0]+\/*)*$/]] value, got String
    parameter ‘stepout’ expects a value of type Undef or Integer, got String
    parameter ‘step_tickers_file’ expects a Stdlib::Absolutepath = Variant[Stdlib::Windowspath = Pattern[/^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/], Stdlib::Unixpath = Pattern[/^\/([^\/\0]+\/*)*$/]] value, got String
    parameter ‘tinker’ expects a value of type Undef or Boolean, got String
    parameter ‘tos’ expects a Boolean value, got String
    parameter ‘tos_maxclock’ expects a value of type Undef or Integer, got String
    parameter ‘tos_minclock’ expects a value of type Undef or Integer, got String
    parameter ‘tos_minsane’ expects a value of type Undef or Integer, got String
    parameter ‘tos_floor’ expects a value of type Undef or Integer, got String
    parameter ‘tos_ceiling’ expects a value of type Undef or Integer, got String
    parameter ‘tos_cohort’ expects a value of type Boolean or Integer, got String
    parameter ‘udlc’ expects a Boolean value, got String
    parameter ‘udlc_stratum’ expects a value of type Undef or Integer, got String
    parameter ‘ntpsigndsocket’ expects a Stdlib::Absolutepath = Variant[Stdlib::Windowspath = Pattern[/^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/], Stdlib::Unixpath = Pattern[/^\/([^\/\0]+\/*)*$/]] value, got String on node noi-dcdevops.cadence.com
    Warning: Not using cache on failed catalog
    Error: Could not retrieve catalog; skipping run

    Could you please let mem know what need to do done?

Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest