foreman fosdem

8/6/2019 Foreman Fosdem

1/26

The Foreman

FOSDEM 2011Ohad Levy


2/26

02/06/11 The Foreman - Ohad Levy - FOSDEM 2011

Why is your infrastructure special?


3/26


Automate as many processes as possible,

using best practice where available, and actas the glue between the gaps


4/26


The Foreman Realm

Provisioning

Configuration Management Puppet

Inventory and Activity Reporting

One (simple) interface/console/API for yourinfrastructure


5/26


Segmented Network

Foreman Architecture

Foreman

DB LDAP / ADINTERNAL

PuppetPuppetPuppet

SmartProxy

ISCDHCP

SmartProxy

MSDNSTFTP

SmartProxy

PupetCA

SmartProxy

DNSDHCPTFTP

..

Restful APIHTTP(s)

LibvirtRHEV-M

EC2

Virtualization

SmartProxy

DNSDHCPTFTP

..

SmartProxy

ISCDHCP

SmartProxy

MSDNSTFTP

SmartProxy

PuppetCA

Reports

/Facts

/ENC

Web UsersAPI


6/26


Provisioning


7/26


JeOSJust Enough OS


8/26


Template Engine

Kickstart, Preseed, Jumpstart

Managed per group of hosts (role, environmentand OS)

Snippets, (g)PXE, PXE Menus, grub..

We don't really care what we render but we doit safely


9/26


Smart Proxies

DHCP, DNS, TFTP, Puppet(CA)...

Restful interface to network services

Easily extended

Runs on Linux/Windows

Allows each service to run on a different host

One(Foreman) to Many(Proxies) relationship Uses SSL for Encryption and Authentication

Could be used as a standalone service


10/26


Virtualization Integration

One process to create virtual machinesregardless if its in your private or publiccloud

We currently support libvirt RHEV-M, EC2... is in the works


11/26


Configuration Management withPuppet


12/26


Inventory

Automatically collects your Puppet basedinventory (including your custom facts)

Easy to browse and search though your

inventory Facts can be used as a permission filter to your

hosts


13/26



14/26


Node Classifier

Simple UI to associate hosts with puppetclasses

Multiple Puppet Environment support

Allows you to group your hosts

Variable inheritance (split the variables from themanifests)

Update many hosts at once


15/26



16/26



17/26


Reporting

Dashboard for all of your puppet hosts

Detailed Log for what Puppet did

Simple Search though the logs (show me all

hosts/reports with yum related activities)

Audit Log

Summary Emails

Alerting (API, Email etc)


18/26



19/26


More Puppet integrations

PuppetCA management

Trigger Puppet runs

Puppetdoc integration

Can work with your existing storeconfigs

Support multiple Puppetmasters


20/26



21/26


Restful API

Simple API to collect hosts (and their associated data)

Can by used by scripts

Can by used within Puppet as an alternative to

storeconfigs CRUD operations on most objects


22/26


User Management

Internal and External (LDAP/AD) userauthentication

RBAC (Role Based Access Control)

Per host group, domain, fact etc Dynamic groups (AD like)

Can be used to CRUD and restrict to "your" set

of hosts self service


23/26


Too many options?

You're not required to use every feature

Foreman has 3 modes of operation

Provisioning + Puppet

Puppet

Provisioning


24/26


Final words

About 1.5 years old

20+ Contributors

Largest installation =~ 4000 active hosts

Homepage http://theforeman.org

Irc - #theforeman on freenode

Usergroup -http://groups.google.com/group/foreman-users (&dev)
http://theforeman.org/http://groups.google.com/group/foreman-usershttp://groups.google.com/group/foreman-usershttp://theforeman.org/


25/26


Questions ?


26/26

foreman fosdem

Documents