Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Julien Pivotto

CentOS Dojo, Brussels
January 31, 2014
whoami
sysadmin @ inuits
• open-source defender for 7+ years
• devops believer
• @roidelapluie on twitter/github
•

Julien...
Introduction

Julien Pivotto

Foreman
Lifecycle management
• Provisioning
• Automation
• Reporting

Julien Pivotto

Foreman
We had tools!?
• Provisioning using Cobbler
• Automation using Puppet/Chef/. . .
• Puppet reporting with Puppet Dashboard
...
Then came virtualisation
• Cobbler was not enough
• Using virt-install to automate VM creation
• One shot command line, de...
Then came cloud
• Where is my machine?
• Bare-Metal? Bare-what?
• Dynamic environments
• Change quickly and often

Julien ...
Cobbler
• Not intuitive or reactive
• Support for Xen
• TFTP on the local machine
• Direct control of DHCP configuration
• ...
Puppet-dashboard
• Puppet web frontend
• It was the reference
• Until the arrival of Foreman
• Puppetlabs abandoned it for...
Provisioning
• Bare metal and virtual
• Multiple backends
• Decentralized (control remote TFTP, DNS, DHCP)

Julien Pivotto...
Automation
• (puppet) ENC
• Trigger puppet runs
• Advanced use: parameters,. . .
• History of changes
• ENC is optional

J...
Reporting
• Visualise changes
• See the full logs
• View the facts

Julien Pivotto

Foreman
Foreman

Julien Pivotto

Foreman
Foreman 101
• Foreman was used for one thing
• Viewing puppet reports
• Having cool statistics gathering, facts

Julien Pi...
Meanwhile
• More and more features
• More than a fact/reports viewer
• Interacts deeply with puppet

Julien Pivotto

Forem...
Foreman 201
• Puppet reports viewer
• Machine provisioning
• Puppet ENC
• Extendable with plugins

Julien Pivotto

Foreman
Architecture

Julien Pivotto

Foreman
Smart Proxies
• Provides Restful API
• Connect to Bind, DHCP, TFTP, . . .
• Also puppet-ca, mcollective, . . .
• Allow for...
From the Foreman documentation
Foreman installer
• kafo
• a rubygem
• Command line installer
• Using puppet modules
• Generic Project

Julien Pivotto

Fo...
Foreman installer
• a lot of options
• interactive installation: -i
• enables/disables stuff
• sets up git repositories
• c...
Provisioning

Julien Pivotto

Foreman
Provisioning
• Install any distribution
• Configure almost everything
• Generate snippets, kickstarts,. . .
• ERB Scripting...
Providers
• Libvirt
• EC2
• OpenStack
• Google Compute Engine
• oVirt
• VMWare

Julien Pivotto

Foreman
OS
• CentOS/RHEL
• Fedora
• Ubuntu/Debian
• Suse
• Solaris

Julien Pivotto

Foreman
Features of providers
• Depending on the provider
• Unattended installation
• Image-based install
• Power management
• Con...
Automation

Julien Pivotto

Foreman
Puppet ENC
• Support classes
• Parametrized classes
• Smart variables

Julien Pivotto

Foreman
Configuration
• Environments
• Host groups
• Classes + params
• Global parameters

Julien Pivotto

Foreman
Certificates
• Puppet-ca proxy
• Takes care of signing certificates
• Trigger first puppet run
• Run first puppet run in noop ...
Reporting

Julien Pivotto

Foreman
Puppet reports
• Very detailed
• History
• Time per ressource
• Overview of the last reports

Julien Pivotto

Foreman
Host groups
• Default provisioning parameters
• Puppet classes
• Network configuration

Julien Pivotto

Foreman
Integration

Julien Pivotto

Foreman
Queries
• Advanced queries
• Query by facts, by last report time
• Create custom shorcut in the ui

Julien Pivotto

Forema...
RESTful API
• Complete and well documented
• Everything is possible
• Integrate foreman with anything

Julien Pivotto

For...
Hammer
• Command line to foreman
• Scripting
• Automation
• Without browser (e.g no http(s) access)

Julien Pivotto

Forem...
Scale

Julien Pivotto

Foreman
Large infrastructure
• Fine-grained roles (ACL)
• LDAP authentication
• Organisation/location support

Julien Pivotto

For...
Scaling up
• Multiple Puppet Masters
• Multiple Smart Proxies
• Foreman talks with the CA
• Multiple compute resources

Ju...
Use cases

Julien Pivotto

Foreman
Puppet logs reader
• Why are my puppet runs taking so long?
• When does that node report the last time
• Quickly view fact...
Giving access
• Allow developers to create VM’s
• Easy, secure, less risks
• NoVNC access in browser
• Usage of ACL

Julie...
Phoenix tests
• Really easy to rebuild a VM
• Re-provisioning
• Puppet certs managed across foreman
• Integrate with Jenki...
Conclusion

Julien Pivotto

Foreman
Conclusion
• From small labs to larger environments
• Interactions with RESTful API
• Complete puppet management
• Bare Me...
Foreman meetings in the next days
• Configuration management devroom at FOSDEM
• Config Management Camp in Ghent (no tickets...
Thank you
Any question?

Julien Pivotto

Foreman
Contact
Julien Pivotto
julien@inuits.eu
@roidelapluie

INUITS bvba
INUITS bvba
Belgium
Belgium
+32 473 441 636
+32 473 441...
Lifecycle Management with Foreman
Lifecycle Management with Foreman
Lifecycle Management with Foreman
Lifecycle Management with Foreman
Lifecycle Management with Foreman
Lifecycle Management with Foreman
Lifecycle Management with Foreman
Lifecycle Management with Foreman
Lifecycle Management with Foreman
Lifecycle Management with Foreman
Upcoming SlideShare
Loading in …5
×

Lifecycle Management with Foreman

11,533 views

Published on

Slides from my conference at CentOS Dojo Brussels 2014 at IBM

Published in: Technology, Spiritual

Lifecycle Management with Foreman

  1. 1. Julien Pivotto CentOS Dojo, Brussels January 31, 2014
  2. 2. whoami sysadmin @ inuits • open-source defender for 7+ years • devops believer • @roidelapluie on twitter/github • Julien Pivotto Foreman
  3. 3. Introduction Julien Pivotto Foreman
  4. 4. Lifecycle management • Provisioning • Automation • Reporting Julien Pivotto Foreman
  5. 5. We had tools!? • Provisioning using Cobbler • Automation using Puppet/Chef/. . . • Puppet reporting with Puppet Dashboard Julien Pivotto Foreman
  6. 6. Then came virtualisation • Cobbler was not enough • Using virt-install to automate VM creation • One shot command line, decentralized • Cobbler does not cluster Julien Pivotto Foreman
  7. 7. Then came cloud • Where is my machine? • Bare-Metal? Bare-what? • Dynamic environments • Change quickly and often Julien Pivotto Foreman
  8. 8. Cobbler • Not intuitive or reactive • Support for Xen • TFTP on the local machine • Direct control of DHCP configuration • Basic yumrepo support Julien Pivotto Foreman
  9. 9. Puppet-dashboard • Puppet web frontend • It was the reference • Until the arrival of Foreman • Puppetlabs abandoned it for PuppetDB Julien Pivotto Foreman
  10. 10. Provisioning • Bare metal and virtual • Multiple backends • Decentralized (control remote TFTP, DNS, DHCP) Julien Pivotto Foreman
  11. 11. Automation • (puppet) ENC • Trigger puppet runs • Advanced use: parameters,. . . • History of changes • ENC is optional Julien Pivotto Foreman
  12. 12. Reporting • Visualise changes • See the full logs • View the facts Julien Pivotto Foreman
  13. 13. Foreman Julien Pivotto Foreman
  14. 14. Foreman 101 • Foreman was used for one thing • Viewing puppet reports • Having cool statistics gathering, facts Julien Pivotto Foreman
  15. 15. Meanwhile • More and more features • More than a fact/reports viewer • Interacts deeply with puppet Julien Pivotto Foreman
  16. 16. Foreman 201 • Puppet reports viewer • Machine provisioning • Puppet ENC • Extendable with plugins Julien Pivotto Foreman
  17. 17. Architecture Julien Pivotto Foreman
  18. 18. Smart Proxies • Provides Restful API • Connect to Bind, DHCP, TFTP, . . . • Also puppet-ca, mcollective, . . . • Allow foreman to talk with services Julien Pivotto Foreman
  19. 19. From the Foreman documentation
  20. 20. Foreman installer • kafo • a rubygem • Command line installer • Using puppet modules • Generic Project Julien Pivotto Foreman
  21. 21. Foreman installer • a lot of options • interactive installation: -i • enables/disables stuff • sets up git repositories • creates a puppet tree skeleton Julien Pivotto Foreman
  22. 22. Provisioning Julien Pivotto Foreman
  23. 23. Provisioning • Install any distribution • Configure almost everything • Generate snippets, kickstarts,. . . • ERB Scripting Julien Pivotto Foreman
  24. 24. Providers • Libvirt • EC2 • OpenStack • Google Compute Engine • oVirt • VMWare Julien Pivotto Foreman
  25. 25. OS • CentOS/RHEL • Fedora • Ubuntu/Debian • Suse • Solaris Julien Pivotto Foreman
  26. 26. Features of providers • Depending on the provider • Unattended installation • Image-based install • Power management • Console (noVNC) Julien Pivotto Foreman
  27. 27. Automation Julien Pivotto Foreman
  28. 28. Puppet ENC • Support classes • Parametrized classes • Smart variables Julien Pivotto Foreman
  29. 29. Configuration • Environments • Host groups • Classes + params • Global parameters Julien Pivotto Foreman
  30. 30. Certificates • Puppet-ca proxy • Takes care of signing certificates • Trigger first puppet run • Run first puppet run in noop mode (before reboot). Julien Pivotto Foreman
  31. 31. Reporting Julien Pivotto Foreman
  32. 32. Puppet reports • Very detailed • History • Time per ressource • Overview of the last reports Julien Pivotto Foreman
  33. 33. Host groups • Default provisioning parameters • Puppet classes • Network configuration Julien Pivotto Foreman
  34. 34. Integration Julien Pivotto Foreman
  35. 35. Queries • Advanced queries • Query by facts, by last report time • Create custom shorcut in the ui Julien Pivotto Foreman
  36. 36. RESTful API • Complete and well documented • Everything is possible • Integrate foreman with anything Julien Pivotto Foreman
  37. 37. Hammer • Command line to foreman • Scripting • Automation • Without browser (e.g no http(s) access) Julien Pivotto Foreman
  38. 38. Scale Julien Pivotto Foreman
  39. 39. Large infrastructure • Fine-grained roles (ACL) • LDAP authentication • Organisation/location support Julien Pivotto Foreman
  40. 40. Scaling up • Multiple Puppet Masters • Multiple Smart Proxies • Foreman talks with the CA • Multiple compute resources Julien Pivotto Foreman
  41. 41. Use cases Julien Pivotto Foreman
  42. 42. Puppet logs reader • Why are my puppet runs taking so long? • When does that node report the last time • Quickly view facter facts • Just ignoring the provision part of foreman Julien Pivotto Foreman
  43. 43. Giving access • Allow developers to create VM’s • Easy, secure, less risks • NoVNC access in browser • Usage of ACL Julien Pivotto Foreman
  44. 44. Phoenix tests • Really easy to rebuild a VM • Re-provisioning • Puppet certs managed across foreman • Integrate with Jenkins (REST) Julien Pivotto Foreman
  45. 45. Conclusion Julien Pivotto Foreman
  46. 46. Conclusion • From small labs to larger environments • Interactions with RESTful API • Complete puppet management • Bare Metal and virtual machines Julien Pivotto Foreman
  47. 47. Foreman meetings in the next days • Configuration management devroom at FOSDEM • Config Management Camp in Ghent (no tickets left) Julien Pivotto Foreman
  48. 48. Thank you Any question? Julien Pivotto Foreman
  49. 49. Contact Julien Pivotto julien@inuits.eu @roidelapluie INUITS bvba INUITS bvba Belgium Belgium +32 473 441 636 +32 473 441 636 https://inuits.eu https://inuits.eu Julien Pivotto Foreman

×