Sunday, August 18, 2013

My first taste of Foreman

I installed The Foreman on one of my test systems to configure other nodes in my
toy cluster. I used the following quick start video:


What follows are my notes on doing what's in the video above on a CentOS 6.4 box and following the documentation.

* EPEL

wget https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum localinstall epel-release-6-8.noarch.rpm

* Puppet
Added the following to /etc/yum.repos.d/puppet.repo

[Puppet]
name=Puppet
baseurl=http://yum.puppetlabs.com/el/6Server/products/x86_64/
gpgcheck=0

[Puppet_Deps]
name=Puppet Dependencies
baseurl=http://yum.puppetlabs.com/el/6Server/dependencies/x86_64/
gpgcheck=0
Verified that puppet 3.2.x would be installed from Puppet's repo
yum install puppet
...
=================================================================================
 Package              Arch        Version                 Repository        Size
=================================================================================
Installing:
 facter               x86_64      1:1.7.2-1.el6           Puppet            83 k
 puppet               noarch      3.2.4-1.el6             Puppet           1.0 M
Installing for dependencies:
 augeas-libs          x86_64      0.9.0-4.el6             base             317 k
 hiera                noarch      1.2.1-1.el6             Puppet            21 k
 libselinux-ruby      x86_64      2.0.94-5.3.el6_4.1      updates           99 k
 ruby                 x86_64      1.8.7.352-12.el6_4      updates          534 k
 ruby-augeas          x86_64      0.4.1-1.el6             Puppet_Deps       21 k
 ruby-irb             x86_64      1.8.7.352-12.el6_4      updates          313 k
 ruby-libs            x86_64      1.8.7.352-12.el6_4      updates          1.6 M
 ruby-rdoc            x86_64      1.8.7.352-12.el6_4      updates          376 k
 ruby-rgen            noarch      0.6.5-1.el6             Puppet_Deps       87 k
 ruby-shadow          x86_64      1.4.1-13.el6            Puppet_Deps       11 k
 rubygem-json         x86_64      1.5.5-1.el6             Puppet_Deps      763 k
 rubygems             noarch      1.3.7-1.el6             base             206 k

Transaction Summary
=================================================================================

* Foreman Installer

yum -y install http://yum.theforeman.org/releases/1.1/el6/x86_64/foreman-release.rpm
yum -y install foreman-installer
Answer yes to all defaults. Saw...
...
Notice: Finished catalog run in 294.38 seconds

 Okay, you're all set! Check
/usr/share/foreman-installer/foreman_installer/answers.yaml for your
config.

 You can apply it in the future as root with:
  echo include foreman_installer | puppet apply --modulepath
/usr/share/foreman-installer -v
# 
Update iptables:
# tail /etc/sysconfig/iptables
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8140 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# 

* Configure Foreman with a smartproxy

GUI > Gear > Configuration > Smart Proxies
If you are doing this at home you might need to tweak your /etc/hosts to have the FQDN in your cert as defined in /etc/foreman-proxy/settings.yml.

* configure your host with puppet

puppet agent --test

Admin GUI > Hosts > See yourself

* Install a module from puppet forge
[root@james ~]# cd /usr/share/puppet/modules
[root@james modules]# ls
[root@james modules]# puppet module install puppetlabs/ntp -i common
Notice: Preparing to install into /etc/puppet/modules/common ...
Notice: Created target directory /etc/puppet/modules/common
Notice: Downloading from https://forge.puppetlabs.com ...
Notice: Installing -- do not interrupt ...
/etc/puppet/modules/common
└─┬ puppetlabs-ntp (v2.0.0-rc1)
  └── puppetlabs-stdlib (v4.1.0)
[root@james modules]# 

Admin GUI > Gear > Configuration > Puppet Classes > Import from $host > Update

I now see my class name of "ntp" with 19 keys. I click ntp and I could over ride settings; e.g. add the address of my NTP server.

* Apply the puppet module to my server

Admin GUI > Menu (lines) > Hosts > select your host > Edit > Puppet Classes

The select one of the available classes like NTP and make it an included class and click submit. After you click submit you can have your host check in with "puppet agent --test".

You can then view your host and see a report about it. If you click the yaml button, then you can see the config file that was applied to that host.

I think my next step is to read about Provisioning with foreman.

No comments: