Foreman is a powerful open-source tool that helps in managing the infrastructure, including the provisioning, configuration, and monitoring of servers. Puppet is a well-known configuration management tool that can be used in conjunction with Foreman to automate the configuration of servers. This blog post will cover the latest installation and integration of Foreman with Puppet on Ubuntu 20.04.
- A server running Ubuntu 20.04 or later
- A server running Puppet 6 or later
- A domain name or a static IP address for the Foreman server
- A DNS server configured with a DNS A record that resolves the hostname of the Foreman server to its IP address, or a hosts file entry on the client systems that will be managed by Foreman.
Please note that you will need to open the following TCP ports to access your server:
- TCP port 80 — for the configuration deployment service.
- TCP port 443 — to access the Foreman control panel.
- TCP port 8140 — for Puppet Agent to work.
- TCP port 5648 — for client and Smart Proxy operation.
- TCP port 9090 — for communication with Smart Proxy.
Installation of Foreman
Step 1: Add the Foreman repository to your system by running the following command:
echo "deb http://deb.theforeman.org/ focal 3.4" | sudo tee /etc/apt/sources.list.d/foreman.list echo "deb http://deb.theforeman.org/ plugins 3.4" | sudo tee -a /etc/apt/sources.list.d/foreman.list OR
Step 2: Import the repository GPG key by running the following command:
wget -q https://deb.theforeman.org/pubkey.gpg -O- | sudo apt-key add -
sudo wget https://deb.theforeman.org/foreman.asc -O /etc/apt/trusted.gpg.d/foreman.asc
Step 3: Update the package list and install the Foreman package by running the following command:
sudo apt update && sudo apt install foreman-installer
Step 4: Run the installer with the following command:
Step 5: The installer will guide you through the installation process, which includes configuring the database, web server, and other components. Make sure to configure the correct settings for your environment, such as the hostname, database settings and the SSL settings.
In the next step, you will receive the username and password of an account with Foreman administrator rights.
After it completes, the installer will print some details about where to find Foreman and the Smart Proxy. Output should be similar to this:
Installation of Puppet
Step 1: Add the Puppet repository to your system by running the following command:
wget https://apt.puppetlabs.com/puppet6-release-focal.deb sudo dpkg -i puppet6-release-focal.deb
Step 2: Update the package list and install the Puppet package by running the following command:
sudo apt update && sudo apt install puppet-agent
Integration of Foreman with Puppet
Step 1: Install the Foreman and Puppet modules by running the following command:
sudo apt install -y ruby-foreman-puppet
This command will install the necessary modules that allow Foreman to communicate with Puppet.
Step 2: Configure Puppet to use Foreman as its certificate authority by adding the following lines to the puppet.conf file:
cat >> /etc/puppetlabs/puppet/puppet.conf << EOL [main] server = foreman.example.com ca_server = foreman.example.com environment = production runinterval = 1800 configtimeout = 600 certname = foreman.example.com EOL
This step will configure the puppet agent to use the Foreman server as the certificate authority and set the environment, run interval and config timeout accordingly.
Step 3: Configure Foreman to use the Puppet CA by running the following command:
sudo foreman-rake puppet:ca:create sudo foreman-rake puppet:ca:import
This step will create and import the Puppet CA into Foreman, allowing it to manage the certificate signing process.
Step 4: Import the Puppet classes into Foreman by running the following command:
sudo puppet class list --all | sudo foreman-rake puppet:import:puppet_classes
This command will import all available Puppet classes into Foreman, allowing you to manage them through the Foreman web interface.
Step 5: Register your Puppet agent nodes with Foreman by running the following command on each agent node:
sudo puppet agent --test --waitforcert 60
This command will register the agent node with the Foreman server and request a certificate from the Foreman CA.
Puppet binaries are located in the “/opt/puppetlabs/bin/” directory, which is not in the “PATH” environment variable by default and in the “secure_path” variable that is used for “sudo” operations.
Note that the path to the executable files is irrelevant for the Puppet services since the start of the services does not depend on the “PATH” and “secure_path”.
By adding the path to executable files to variables, you can use:
sudo puppet agent -t
sudo /opt/puppetlabs/bin/puppet agent -t
With these steps, you must have successfully integrated Foreman with Puppet on Ubuntu 20.04. You can now use the Foreman web interface to manage your Puppet agents and apply configurations to them. Additionally, you can also use Foreman to monitor the state of your servers and troubleshoot any issues that may arise.