So, how do we do handle this process today At first, we need to input the server details in a few different locations (CMDB, DHCP, DNS etc)
Allows you to import your recipes Demo!
View you entire puppet service state Audit log – changes within foreman Summary emails – can be filtered Alerts snmp scripts etc
Puppetca currently is used within the provisioning system, but we'll add ui to manage your CA Multi puppetmastes and headless configuration
Easy to add more api (e.g. status per node/group etc)
How to help?
REST Pulp agent is using different protocol (AMQP).
Transcript of "Foreman presentation at NYC puppet users"
Foreman Puppet NYC User Group Apr 20121 Ohad Levy
The Foreman Realm Provisioning Configuration Management – Puppet Inventory and Activity Reporting One (simple) interface/console/API for your infrastructure2 Ohad Levy
Typical System Lifecycle Pre/ Installation Initial Configuration Updates Drift Management Audits3 Ohad Levy
Foreman Architecture DNS Smart DHCP Smart ISC Smart MS DNS Smart Puppet DNS Smart Proxy TFTP DHCP Proxy Smart DHCP ISC Proxy Smart MS Proxy Smart CA Pupet .. DNS Proxy TFTP .. Proxy DHCP Proxy TFTP Proxy CA Restful API Segmented Network HTTP(s) Puppet Puppet Puppet ENC ac ts / s/F Report Web Users Foreman API Co mp ute Libvirt RHEV-M EC2 VMWare DB LDAP / AD INTERNAL4 Ohad Levy
Inventory Automatically collects your Puppet based inventory (including your custom facts) Easy to browse and search though your inventory Facts can be used as a permission filter to your hosts6 Ohad Levy
Node Classifier Simple UI to associate hosts with puppet classes Multiple Puppet Environment support Allows you to group your hosts Variable inheritance (split the variables from the manifests) Update many hosts at once7 Ohad Levy
Reporting Dashboard for all of your puppet hosts Detailed Log for what Puppet did Simple Search though the logs (show me all hosts/reports with yum related activities) Audit Log Summary Emails Alerting (API, Email etc)8 Ohad Levy
More Puppet integrations PuppetCA management Trigger Puppet runs Puppetdoc integration Can work with your existing storeconfigs Support multiple Puppetmasters and CA9 Ohad Levy
Restful API All UI actions can be used via API Powerful search API Can by used within Puppet as an alternative to storeconfigs Foreman CLI RemoteAdmin10 Ohad Levy
User Management Internal and External (LDAP/AD) user authentication RBAC (Role Based Access Control) Per host group, domain, fact etc Dynamic groups (AD like) Can be used to CRUD and restrict to "your" set of hosts – self service11 Ohad Levy
Foreman Installer Automate installation of Foreman Foreman Proxy Puppet master Apache Passenger Git ... http://github.com/theforeman/foreman-installer12 Ohad Levy
About the project Almost 3 years old 50+ Contributors Largest installation =~ 5000 active hosts Homepage – http://theforeman.org Overall Projects http://github.com/theforeman13 Ohad Levy
Some of Foreman users CERN, Switzerland Citrix Online DHL Norton Data Services, Symantec BBC Belgian National Pensions Office Rocky Mountain College Georgia Institute of Technology College of Computing Yakaz iBahn14 Ohad Levy
Community Friendly Irc - #theforeman on freenode Usergroup - http://groups.google.com/group/foreman-users (&dev)15 Ohad Levy
Now is a good time to ask more questions17 Ohad Levy
Things I should have mentioned during the talk :) Console Dual mode enc/provisioning/reporting Fog Installation Orchestration layer Under the hood Provisioning templates Code overview Search Plugable db Smartvars18 Ohad Levy
A possible Open Source Stack Foreman is aimed to be a Single Address For All Machines Life Cycle Management. Puppet, an automated administrative engine for your *nix systems, performs administrative tasks (such as adding users, installing packages, and updating server configurations) based on a centralized specification. Fog provides an accessible entry point and facilitates cross service compatibility for the Cloud. rbovirt – Ruby API binding oVirt a virtual datacenter management platform20 Ohad Levy
noVNC VNC client using HTML5 (WebSockets, Canvas) with encryption (wss://) support. Requires web socket enabled vnc server, or a proxy for each vnc connection. QEMU does not include support for WS.21 Ohad Levy