Jump toUpdate content
How to Install and Configure Foreman on Ubuntu Focal
- Foreman
- puppet
- Ubuntu-Focal
- puppet
Foreman overview
Foreman is a tool that helps system administrators managing servers throughout their lifecycle, from provisioning and configuration to orchestration and monitoring. In short, it is a complete lifecycle management tool for physical and virtual servers. Foreman, available as open source software, becomes even more powerful when integrated with other open source projects such as Puppet, Chef, Salt, Ansible.
Foreman helps to automatize the OS installation. After that – through its very good integration with puppet – the new system will be configured towards the desired state. Finally Puppet will send facts about the system to Foreman which helps to monitor the whole system over its complete lifecycle. With a discovery plugin Foreman can also discover new machines in the network based on their mac address.
This tutorial assumes that Foreman is being installed on a fresh instance, which will also act as the Puppet primary server.
- You have an account and are logged into the Scaleway console
- You have configured your SSH key
- You have created an Instance which is running Ubuntu Focal Fossa (20.04) or later
- You have root access to all of the servers you want to manage
- Port 8140 on the Puppet primary Instance must be reachable
- It is recommended to run Foreman on a machine with at least 8GB of RAM for optimal performances
- Foreman requires a working Puppet installation to perform the configuration management of hosts
Creating your Foreman server
The installation tool is a collection of Puppet modules that installs everything required for a full working Foreman setup.
The Foreman installer uses Puppet (> 3.x required) to install the software.
Connect to the instance using SSH:
ssh root@SERVER_IP
To retrieve the Instances IP, list your exiting servers using
scw ps
(Scaleway CLI). For more information on the Scaleway CLI, refer to the tutorial on the Scaleway Command Line Interface.The Instances IP can also be retrieved from the Scaleway Console. Once logged in, check the IP Adresses in the Instances tab of the left menu.
Check your Instance’s full hostname to ensure the hostname is set to a valid FQDN.
hostname
You should see the complete hostname of your instance (e.g.
foreman.example.com
). If this is the case, skip the remaining steps and jump directly to the next section.(Optional) In case a short name is returned (e.g.
foreman
), configure the complete hostname. To do so, edit thehosts
file in a text editor:sudo nano /etc/hosts
(Optional) Add the FQDN before the short hostname.
foreman.example.com foreman
Save and exit nano.
Edit the hostname file:
sudo nano /etc/hostname
Change the entry in the file to the Instances FQDN, e.g.
foreman.example.com
. Then save and exit the editor.Run the following command to reconfigure the Instances hostname according to the changes made in the previous steps:
sudo hostname --file /etc/hostname
Installing Foreman on Ubuntu Focal
The fastest way to install Foreman is by using the installer, which installs and configures automatically all of the required components to run Foreman, these include:
- Foreman
- Puppet primary/agent
- The Apache Web Server with SSL and Passenger modules
Install Puppet 6.x from the Puppetlabs repository as following.
apt-get -y install ca-certificates
-O /tmp && wget https://apt.puppetlabs.com/puppet6-release-focal.deb
dpkg -i /tmp/puppet6-release-focal.debAdd the Foreman repository to the APT package manager sources list:
echo "deb http://deb.theforeman.org/ focal 3.1" | sudo tee /etc/apt/sources.list.d/foreman.list
echo "deb http://deb.theforeman.org/ plugins 3.1" | sudo tee -a /etc/apt/sources.list.d/foreman.list
sudo apt-get -y install ca-certificates
wget -q https://deb.theforeman.org/pubkey.gpg -O- | sudo apt-key add -Download the installer via APT:
sudo apt-get update && sudo apt-get -y install foreman-installer
Run the Foreman Installer by typing the following command:
foreman-installer
The command returns the following output:
Installing Done [100%] [..]
Success!
* Foreman is running at https://foreman.example.com
Initial credentials are admin / 6fHtmSWpqNbGo7nn
* Foreman Proxy is running at https://foreman.example.com:8443
* Puppetprimary is running at port 8140
The full log is at /var/log/foreman-installer/foreman.log
Managing Puppet
During installation, the installation wizard sets up a puppet primary on the host, which is fully integrated with Foreman. Run the Puppet agent on the Instance to send the first Puppet report to Foreman, This creates the host automatically in Foremans database.
Install
puppet-agent
with the following command:apt-get install puppet-agent
Add the host to Foreman’s database by running the puppet agent command
sudo puppet agent --test
This adds the local Foreman host as the first Puppet agent node, managed by Foreman.
The Foreman Web Interface
The web interface of Foreman can be accessed on the public IP address of your instance. By default, Foreman uses Puppets self-signed certificates, which are probably not trusted by your browser. Accept the notification about the certificate and proceed.
You can login to Foreman using the credentials that were returned once it was installed.
- Username: admin
- Password: random
Foreman Dashboard
After login, the Foreman dashboard displays an overview of your Puppet environment.
It displays a summary of “Host Configuration Status”, showing the number of Puppet agent nodes and their respective statuses. At the first connection, one signle instance should be visible in the “good host” section.
Changing the Admin Password
Before doing anything else, change the admin user password for security reasons.
Go to Admin User and select My Account
In the User section, fill in the current password and set a new password in the password and verify tabs.
Click Submit
Adding NTP Module To Foreman
Puppet requires accurate time-keeping, therefore the NTP service runs on the Foreman host (which acts also as Puppet primary).
Install NTP and Stdlib on the Puppet primary:
puppet module install -i /etc/puppet/environments/production/modules puppetlabs/ntp
The command returns
Notice: Created target directory /etc/puppet/environments/production/modules
Notice: Downloading from https://forgeapi.puppet.com ...
Notice: Installing -- do not interrupt ...
/etc/puppet/environments/production/modules
└─┬ puppetlabs-ntp (v7.2.0)
└── puppetlabs-stdlib (v4.25.1)The module requires to be added to Foreman before being usable.
When connected to the Foreman web UI, click Configure> Puppet> Classes:
Click the
Import environments from foreman.example.com
button.This imports the environment and displays the Changed environments panel.
Tick the ntp checkbox next to the item and click Update to import the ntp module.
Overriding Default NTP Pool
Update the settings and configure the NTP module to use the French NTP pool by default.
In the Puppet Classes screen, click ntp class to edit it.
Click the Smart Class Parameter tab.
Scroll down to find the servers item in the left sidebar, and select it
Tick the Override checkbox. In the Parameter type menu, choose array and change the Default value from the default NTP pool to the desired one:
["0.fr.pool.ntp.org","1.fr.pool.ntp.org","2.fr.pool.ntp.org","3.fr.pool.ntp.org"]
Click Submit to update the configuration and to use the French NTP pool as default.
Configuring Foreman Host to Use NTP Module
Configure the NTP module to manage NTP on the Foreman host.
Click Hosts on the side menu and select All hosts
Click Edit on the far right of your Foreman host.
Click the Puppet Classes tab. Within the Available Classes section, click the ntp class, then click the plus sign next to “ntp”:
The ntp class is being moved to the Included Classes section. The next time the Puppet agent checks in, it will have this module applied to it.
- Click Submit to activate the configuration.
Viewing Puppet Configuration
After editing Foreman host’s configuration, a redirection to Foreman host’s summary page applies.
Click the YAML button, to see the information provided to Puppet when an agent node checks in.
Running the Puppet Agent
Run the Puppet agent on the Foreman instance to apply all the changes that were made above
sudo puppet agent --test
The command returns the following output:
root@foreman:~# puppet agent --test
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Notice: /File[/opt/puppetlabs/puppet/cache/locales/ja/puppetlabs-ntp.po]/ensure: defined content as '{md5}7265ff57e178feb7a65835f7cf271e2c'
Info: Loading facts
Info: Caching catalog for foreman.example.com
Info: Applying configuration version '1533720851'
Notice: Applied catalog in 0.42 seconds
In the web UI, go back to the Foreman host and click the Reports button.
A new report entry indicates that some changes were applied and a service was restarted. Click the report. Several notices indicate that the NTP service was installed, configured, and restarted.