How to enable Remote Execution (Run Job) option in Foreman / Katello Dashboard

From the Foreman dashboard we can execute Linux commands on the registered host but for that we have to install remote execution plugin in your Foreman or Katello Server.With the help of ‘foreman-installer’ command we can install remote execution plugin to the existing and new installation of Foreman or Katello server.

Run Job option in Foreman dashboard allows us to run Linux commands on the register hosts immediately. This option becomes useful whenever we want to update or execute commands on all or group of hosts on the fly.

In this tutorial i am assuming that either the Foreman or Katello Server is already installed and clients are registered to it. Please refer the beneath urls for the followings

In my case i have a already installed katello Server which is up and running and one client is registered to it. Refer the following steps to install remote execution plugin and run commands on registered host with ‘Run a Job’ option from Foreman or Katello Dashboard.

Step:1 Install Remote Execution plugin

Below command will install and enable remote execution option(Run Job) in your Foreman or Katello Server.

[[email protected] ~]# foreman-installer --enable-foreman-plugin-remote-execution --enable-foreman-proxy-plugin-remote-execution-ssh

Once the above command is executed successfully we will get the output something like below :

Remote-Execution-plugin-foreman-installer

Step:2 Configure SSH Keys for Target or Registered Hosts

SSH mechanism is used to run commands on the Registered or target hosts with Run job option in foreman server. Whenever we install the remote execution plugin, smart proxy configure default ssh keys under the folder “/usr/share/foreman-proxy/.ssh“. We can create our own ssh keys by referring the following steps:

[[email protected] ~]# cd /usr/share/foreman-proxy/.ssh
[[email protected] .ssh]# sudo -u foreman-proxy ssh-keygen -f ~foreman-proxy/.ssh/id_rsa_foreman_proxy -N ''

SSH-Keys-Remote-Execution-Foreman

In Case SELinux is running on your foreman server then execute the below command.

[[email protected] ~]# restorecon -RvF ~foreman-proxy/.ssh

Now restart the httpd, foreman-tasks and foreman-proxy service.

[[email protected] ~]# systemctl restart httpd
[[email protected] ~]# systemctl restart foreman-tasks
[[email protected] ~]# systemctl restart foreman-proxy

Step:3 Copy Foreman server’s ssh public key to registered host or target servers.

Use the ssh-copy-id command to copy or distribute ssh public key to registered hosts. In my case i have CentOS 7 Server registered on my foreman server with the name “web.example.com”

[[email protected] ~]# ssh-copy-id -i ~foreman-proxy/.ssh/id_rsa_foreman_proxy.pub [email protected]

Also make sure the folder  “/var/tmp/foreman-proxy/” has the file owner and group ownership permissions are set as “foreman-proxy

[[email protected] ~]# ls -ld /var/tmp/foreman-proxy/
drwxr-xr-x 3 foreman-proxy foreman-proxy 65 Mar 12 22:36 /var/tmp/foreman-proxy/
[[email protected] ~]#

Step:4 Now Run Commands on Registered host with Run Job option

Login to the foreman Dashboard and first verify whether Dynflow and ssh feature is available in smart proxy.

From the infrastructure Tab –> click on Smart Proxies

Smart-Proxies-dynflow-ssh-feature-foreman

In case Dynflow and SSH feature is not visible in smart proxies then click on Edit and verify whether your organizations and locations are updated and then click on Submit

Now Let’s run the commands on register hosts. From the Hosts Tab–> Select All hosts

Hosts-Edit-Foreman-Dashboard

Select and Click on the host on which you want to run commands

Run-Job-option-Foreman-Dashboard

click on “Run Job” option

Let’s assume i want to run three commands (uptime, uname -r and hostname) on the host. Specify the commands in commands field separated by semi colon (;) example is shown below:

Run-commands-Hosts-Foreman-Dashboard

Click in Submit

Once the commands are executed successfully we will get success message on the Dashboard as shown below

Commands-Executed-Succeeded-Foreman

To view the output of commands, click on the Hosts option in the above window and then Click on the Host(In my case web.example.com)

Select-Hosts-view-command-output-foreman-dashboard

Detail-of-Commands-run-Foreman-Dashboard

That’s all from this tutorial, Hope you guys understand how to enable remote execution plugin and run Linux commands from Foreman Dashboard. Please share your valuable feedback and comments 🙂

3 Responses

  1. moonie says:

    So you are suggesting using keys with no passphrase? My company does not allow this, how can this be accomplished using a passphrase

  2. Kumar says:

    This works for me but the problem is I have to enable PermitrootLogin should be “Yes” otherwise the remote execution will not work. Any solution to change the user from root to some other user?

  3. Arvind GK says:

    Did you try role based access control (RBAC), you can assign execution rights for that particular application

Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest