Notice:
This post is older than 5 years – the content might be outdated.
At inovex we use open source technology on a daily basis and try to give back to the community in return. One great example is the Foreman Provision project that was initially created by my co-worker Nils Domrose in co-operation with our customer Filiadata GmbH, the IT service provider for German company dm-drogerie markt GmbH + Co. KG. Foreman Provision is a comfortable wrapper that uses the Foreman REST API to create and manage resources in Foreman. Filiadata has published the Foreman Provision tool on Github under the terms and conditions of the MIT license which allows it to be enhanced and used by the public. Let’s take a look at the technical details of this project!
Getting Started with Foreman Provision
Foreman Provision is a Ruby Gem available on Github. One of its few dependencies is the official Foreman API Ruby Gem. After you’ve entered your Foreman user credentials you are ready to start using the Foreman Provision Gem in your Ruby project or creating configuration files that describe the resources you want to manage. At the time of writing Foreman 1.8.0 is the latest stable version. We will use it along with the latest Foreman Provision source code (master branch).
|
1 2 3 4 5 6 7 |
# yum install ruby-devel git gcc-c++ # git clone https://github.com/FILIADATAGmbH/foreman_provision.git # cd foreman_provision/ # gem install --verbose --no-document foreman_api |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
# ./bin/foreman-provision -h Usage: foreman-provision -c conf/config.yaml -a conf/foreman.yaml -v -d -c, --config_file FILE|DIR location of the configuration file or a directory containing *.YAML files -a, --auth_credentials FILE location of the foreman auth credentials YAML file -v, --[no-]verbose Run verbosely -l, --log_file FILE location of the log file -d, --[no-]debug Run in debug mode -t, --test Only show what whould have been executed in no-test mode |
Right now there are no hosts in Foreman. We’ll use Foreman Provision to add some automatically.
Set the Foreman Provision authentication credentials that will be used to log into Foreman. You can find the OAuth credentials in the Foreman Settings tab:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
# cp conf/auth.yaml.sample conf/foreman.yaml # cat conf/foreman.yaml --- :base_url: https://127.0.0.1 :oauth: :consumer_key: qdoDReaienP8396KVwUKRKCZ2HsafxVt :consumer_secret: 6SGE3MWh2oDq8PtfwWUC5CSpQsVpzBpW :headers: :foreman_user: admin :options: :verify_ssl: 0 |
Let’s get to the interesting part, the file that describes our services. You can find examples in the examples/ directory of your repository clone. We’ll use the following config:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 |
# cat conf/config.yaml --- :subnets: - :name: default :network: 10.10.30.0 :mask: 255.255.255.0 :gateway: 10.0.2.15 :from: 10.10.30.200 :to: 10.10.30.250 :dns_primary: 10.10.30.100 :dhcp_proxy: foreman.vagrant.inovex.de :tftp_proxy: foreman.vagrant.inovex.de :dns_proxy: foreman.vagrant.inovex.de :domain_names: - vagrant.inovex.de :domains: - :name: vagrant.inovex.de :dns_proxy: foreman.vagrant.inovex.de :fullname: Main Domain :hostgroups: - :name: Test-Hosts :architecture: x86_64 :operatingsystem: CentOS 7.0 :medium: CentOS mirror :ptable: Kickstart default :environment: production # Requires imported classes: #:puppetclasses: # - stdlib :subnet: default :domain: vagrant.inovex.de :puppet_proxy: foreman.vagrant.inovex.de :puppet_ca_proxy: foreman.vagrant.inovex.de :root_pass: $1$HBWWOy7F$BtZTzR5x1T.nikDzxLusu1 # PleaseChangeMeSoon! :hosts: - :name: test1.vagrant.inovex.de :hostgroup: Test-Hosts :mac: 06:10:9f:dc:aa:a1 - :name: test2.vagrant.inovex.de :hostgroup: Test-Hosts :mac: 06:10:9f:dc:aa:a2 - :name: test3.vagrant.inovex.de :hostgroup: Test-Hosts :mac: 06:10:9f:dc:aa:a3 - :name: test4.vagrant.inovex.de :hostgroup: Test-Hosts :mac: 06:10:9f:dc:aa:a4 - :name: test5.vagrant.inovex.de :hostgroup: Test-Hosts :mac: 06:10:9f:dc:aa:a5 - :name: test6.vagrant.inovex.de :hostgroup: Test-Hosts :mac: 06:10:9f:dc:aa:a6 - :name: test7.vagrant.inovex.de :hostgroup: Test-Hosts :mac: 06:10:9f:dc:aa:a7 - :name: test8.vagrant.inovex.de :hostgroup: Test-Hosts :mac: 06:10:9f:dc:aa:a8 |
Here we define four arrays: subnets, domains, hostgroups and hosts. Each of them expects a minimum list of attributes. Hosts for example make use of hostgroups that define attributes on a higher abstraction level. Hosts that are added to the hostgroup Test-Hosts run the operating system CentOS 7.0, have an IP address in the subnet named default, will be added to the production environment and much more.
Simply copy & paste this YAML-formatted data into the file conf/config.yaml. We’ll execute the tool in test mode first to see what it does.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
# ./bin/foreman-provision --auth_credentials=conf/foreman.yaml --config_file=conf/config.yaml --verbose --test I, [2015-04-30T14:19:45.548110 #7558] INFO -- : Running provision in test mode I, [2015-04-30T14:19:48.145201 #7558] INFO -- : Would have created ForemanProvision::Subnet {:dhcp_proxy=>"foreman.vagrant.inovex.de", :dns_primary=>"10.10.30.100", :dns_proxy=>"foreman.vagrant.inovex.de", :domain_names=>["vagrant.inovex.de"], :from=>"10.10.30.200", :gateway=>"10.0.2.15", :mask=>"255.255.255.0", :name=>"default", :network=>"10.10.30.0", :ensure=>"present", :tftp_proxy=>"foreman.vagrant.inovex.de", :to=>"10.10.30.250"} I, [2015-04-30T14:19:48.205820 #7558] INFO -- : Would have created ForemanProvision::Domain {:dns_proxy=>"foreman.vagrant.inovex.de", :name=>"vagrant.inovex.de", :ensure=>"present"} I, [2015-04-30T14:19:48.262722 #7558] INFO -- : Would have created ForemanProvision::Hostgroup {:architecture=>"x86_64", :domain=>"vagrant.inovex.de", :environment=>"production", :medium=>"CentOS mirror", :name=>"Test-Hosts", :operatingsystem=>"CentOS 7.0", :ptable=>"Kickstart default", :puppet_ca_proxy=>"foreman.vagrant.inovex.de", :puppet_proxy=>"foreman.vagrant.inovex.de", :ensure=>"present", :subnet=>"default", :root_pass=>"$1$HBWWOy7F$BtZTzR5x1T.nikDzxLusu1"} I, [2015-04-30T14:19:48.520832 #7558] INFO -- : Would have created ForemanProvision::Host {:build=>true, :hostgroup=>"Test-Hosts", :mac=>"06:10:9f:dc:aa:a1", :name=>"test1.vagrant.inovex.de", :ensure=>"present"} I, [2015-04-30T14:19:48.573815 #7558] INFO -- : Would have created ForemanProvision::Host {:build=>true, :hostgroup=>"Test-Hosts", :mac=>"06:10:9f:dc:aa:a2", :name=>"test2.vagrant.inovex.de", :ensure=>"present"} I, [2015-04-30T14:19:48.620808 #7558] INFO -- : Would have created ForemanProvision::Host {:build=>true, :hostgroup=>"Test-Hosts", :mac=>"06:10:9f:dc:aa:a3", :name=>"test3.vagrant.inovex.de", :ensure=>"present"} I, [2015-04-30T14:19:48.664718 #7558] INFO -- : Would have created ForemanProvision::Host {:build=>true, :hostgroup=>"Test-Hosts", :mac=>"06:10:9f:dc:aa:a4", :name=>"test4.vagrant.inovex.de", :ensure=>"present"} I, [2015-04-30T14:19:48.710835 #7558] INFO -- : Would have created ForemanProvision::Host {:build=>true, :hostgroup=>"Test-Hosts", :mac=>"06:10:9f:dc:aa:a5", :name=>"test5.vagrant.inovex.de", :ensure=>"present"} I, [2015-04-30T14:19:48.755936 #7558] INFO -- : Would have created ForemanProvision::Host {:build=>true, :hostgroup=>"Test-Hosts", :mac=>"06:10:9f:dc:aa:a6", :name=>"test6.vagrant.inovex.de", :ensure=>"present"} I, [2015-04-30T14:19:48.806524 #7558] INFO -- : Would have created ForemanProvision::Host {:build=>true, :hostgroup=>"Test-Hosts", :mac=>"06:10:9f:dc:aa:a7", :name=>"test7.vagrant.inovex.de", :ensure=>"present"} I, [2015-04-30T14:19:48.852077 #7558] INFO -- : Would have created ForemanProvision::Host {:build=>true, :hostgroup=>"Test-Hosts", :mac=>"06:10:9f:dc:aa:a8", :name=>"test8.vagrant.inovex.de", :ensure=>"present"} |
Looks great, now fire up those commands in god mode! 🙂
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
# ./bin/foreman-provision --auth_credentials=conf/foreman.yaml --config_file=conf/config.yaml --verbose I, [2015-04-30T14:31:26.803539 #8876] INFO -- : Creating ForemanProvision::Subnet "default" I, [2015-04-30T14:31:27.153563 #8876] INFO -- : Creating ForemanProvision::Domain "vagrant.inovex.de" I, [2015-04-30T14:31:27.346275 #8876] INFO -- : Creating ForemanProvision::Hostgroup "Test-Hosts" I, [2015-04-30T14:31:28.094002 #8876] INFO -- : Creating ForemanProvision::Host "test1" I, [2015-04-30T14:31:31.497792 #8876] INFO -- : Creating ForemanProvision::Host "test2" I, [2015-04-30T14:31:35.019888 #8876] INFO -- : Creating ForemanProvision::Host "test3" I, [2015-04-30T14:31:38.693246 #8876] INFO -- : Creating ForemanProvision::Host "test4" I, [2015-04-30T14:31:42.596104 #8876] INFO -- : Creating ForemanProvision::Host "test5" I, [2015-04-30T14:31:46.213550 #8876] INFO -- : Creating ForemanProvision::Host "test6" I, [2015-04-30T14:31:49.861588 #8876] INFO -- : Creating ForemanProvision::Host "test7" I, [2015-04-30T14:31:53.421355 #8876] INFO -- : Creating ForemanProvision::Host "test8" |
That was easy! What happens when we execute this again?
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
# ./bin/foreman-provision --auth_credentials=conf/foreman.yaml --config_file=conf/config.yaml --verbose I, [2015-04-30T14:35:23.659289 #22543] INFO -- : Skipping - ForemanProvision::Subnet "default" already exists! I, [2015-04-30T14:35:23.704458 #22543] INFO -- : Skipping - ForemanProvision::Domain "vagrant.inovex.de" already exists! I, [2015-04-30T14:35:23.761573 #22543] INFO -- : Skipping - ForemanProvision::Hostgroup "Test-Hosts" already exists! I, [2015-04-30T14:35:23.965082 #22543] INFO -- : Skipping - ForemanProvision::Host "test1.vagrant.inovex.de" already exists! I, [2015-04-30T14:35:24.037171 #22543] INFO -- : Skipping - ForemanProvision::Host "test2.vagrant.inovex.de" already exists! I, [2015-04-30T14:35:24.126529 #22543] INFO -- : Skipping - ForemanProvision::Host "test3.vagrant.inovex.de" already exists! I, [2015-04-30T14:35:24.202907 #22543] INFO -- : Skipping - ForemanProvision::Host "test4.vagrant.inovex.de" already exists! I, [2015-04-30T14:35:24.272970 #22543] INFO -- : Skipping - ForemanProvision::Host "test5.vagrant.inovex.de" already exists! I, [2015-04-30T14:35:24.346133 #22543] INFO -- : Skipping - ForemanProvision::Host "test6.vagrant.inovex.de" already exists! I, [2015-04-30T14:35:24.425876 #22543] INFO -- : Skipping - ForemanProvision::Host "test7.vagrant.inovex.de" already exists! I, [2015-04-30T14:35:24.494396 #22543] INFO -- : Skipping - ForemanProvision::Host "test8.vagrant.inovex.de" already exists! |
Right, the tool recognizes the existence of these resources and simply skips creation. Now we see that hosts appear in the Foreman UI:
Now these hosts will PXE boot over the network, install an operating system on hard disk and after booting for the first time tools like SaltStack, Rex or Puppet will take care of installing and configuring additional software that makes your new hosts ready to use in production.
You can also use compute resources like KVM/vsphere to deploy VMs in your virtual infrastructure. See the examples/ directory for some examples.
Want to learn more about Foreman? Take a look at our slides and videos of the talks we give at various events.
3 Kommentare