DC
Uploaded byDominic Cleal
PDF, PPTX6,445 views

Extending Foreman the easy way with foreman_hooks

The document discusses the use of foreman_hooks for orchestration in managing resources like DNS and DHCP through various hooks in the Foreman configuration. It covers ActiveRecord callbacks, how to implement hooks, the data available within those hooks, and provides troubleshooting tips and examples for extending Foreman functionality. Additionally, it includes links to further resources and guides for integrating with other systems like FreeIPA and AWS.

Embed presentation

Download as PDF, PPTX
Extending the easy way with foreman_hooks Dominic Cleal dcleal@redhat.com 3rd February 2014
Agenda ● Orchestration today ● ActiveRecord callbacks ● Where to hook ● Data in hooks ● Troubleshooting ● Cool examples foreman_hooks | 2 | Dominic Cleal
Orchestration today ● What does orchestration mean? – – ● ● or·ches·trate (verb) to arrange or manipulate, especially by means of clever or thorough planning or maneuvering: to orchestrate a profitable trade agreement (source: dictionary.com) Namely: DNS, DHCP, TFTP, Puppet CA, compute resources Implemented in hosts and network interfaces, on creation, update and destroy foreman_hooks | 3 | Dominic Cleal
ActiveRecord callbacks ● ● ActiveRecord is a database persistence layer in Ruby on Rails While mapping objects to tables, it provides a lifecycle of events: – validation (before, after) – before_save – before_create – after_create – after_save – after_commit foreman_hooks | 4 | Dominic Cleal
Where should you hook? ● Orchestration hooks have benefits: ordering, rollbacks and UI visibility ● ActiveRecord works on nearly any object ● Hooks are written into ~foreman/config/hooks/<object>/<event> ● ● Each is a directory of executable files, called with the event name, then the string representation of the object ~foreman/config/hooks/host/managed/create/50_register_syste m.sh create foo.example.com foreman_hooks | 5 | Dominic Cleal
Data in hooks ● $1 is the event name, e.g. create or destroy ● $2 is the object's label, e.g. foo.example.com ● stdin is the JSON representation of the object { "host": { "name": "puppet.example.com", "id": 82, "ip": "192.168.30.10", "environment_id": 1, "environment_name": "production", "last_report": "2014-01-27T22:25:34Z", "mac": "52:54:00:2c:93:07", "sp_mac": null, "sp_ip": null, "sp_name": null, "domain_id": 6, "domain_name": "example.com", ..... foreman_hooks | 6 | Dominic Cleal
Troubleshooting ● Do enable Foreman's debug logging – config.log_level = :debug in ~foreman/config/environments/production.rb Found hook to Host::Managed#update, filename 01_debug_log Finished registering 4 hooks for Host::Managed#update Observed update hook on test.example.com Queueing 1 hooks for Host::Managed#update Queuing hook 01_debug_log for Host::Managed#update at priority 01 Running hook: /home/dcleal/code/foreman/foreman/config/hooks/host/managed /update/01_debug_log update test.example.com foreman_hooks | 7 | Dominic Cleal
Hook examples (1/3) ● Extending Foreman quickly with hook scripts – http://bit.ly/1f8zVUZ # cat << EOF > ~foreman/config/hooks/host/destroy/70_deactivate_puppetdb #!/bin/bash # We can only deactivate data in PuppetDB, not add it [ "x$1" = xdestroy ] || exit 0 # Remove data in PuppetDB, supplying the FQDN # # assumes sudo rules set up as this runs as 'foreman': # foreman ALL = NOPASSWD : /usr/bin/puppet node deactivate * # Defaults:foreman !requiretty # sudo puppet node deactivate $2 EOF foreman_hooks | 8 | Dominic Cleal
Hook examples (2/3) ● FreeIPA Integration Guide (Stephen Benjamin) – ● http://bit.ly/19YBQhv Uses a “create” hook to run “ipa host-add”, then an after-commit hook to add the OTP parameter via the API foreman_hooks | 9 | Dominic Cleal
foreman_hooks | 10 | Dominic Cleal
Hook examples (3/3) ● AWS VPC rDNS creation (Brian Galura) – ● ● ● http://bit.ly/1e47F9J Uses “create” and “destroy” hook to run nsupdate, creating a PTR record in his local name server From the stdin data, the IP address and host name can be retrieved with $(hook_data host.ip) Works around bug #3166 foreman_hooks | 11 | Dominic Cleal
Questions? ● https://github.com/theforeman/foreman_hooks ● RPM users: – ● yum install foreman-plugin-hooks Debian users: – aptitude install ruby-foreman-hooks foreman_hooks | 12 | Dominic Cleal

More Related Content

PDF
Full Stack Automation with Katello & The Foreman
byWeston Bassler
 
PDF
Foreman and Chef integration at ChefConf 2014
byDominic Cleal
 
PDF
Deploying RDO OpenStack with a pair of plugins
byDominic Cleal
 
PPTX
Deploying Foreman in Enterprise Environments
byinovex GmbH
 
ODP
Managing your SaltStack Minions with Foreman
byStephen Benjamin
 
ODP
Linux host orchestration with Foreman, Puppet and Gitlab
byBen Tullis
 
ODP
Foreman in Your Data Center :OSDC 2015
byStephen Benjamin
 
PDF
OpenNebula, the foreman and CentOS play nice, too
byinovex GmbH
 
Full Stack Automation with Katello & The Foreman
byWeston Bassler
 
Foreman and Chef integration at ChefConf 2014
byDominic Cleal
 
Deploying RDO OpenStack with a pair of plugins
byDominic Cleal
 
Deploying Foreman in Enterprise Environments
byinovex GmbH
 
Managing your SaltStack Minions with Foreman
byStephen Benjamin
 
Linux host orchestration with Foreman, Puppet and Gitlab
byBen Tullis
 
Foreman in Your Data Center :OSDC 2015
byStephen Benjamin
 
OpenNebula, the foreman and CentOS play nice, too
byinovex GmbH
 

What's hot

ODP
Auto infra with_foreman_katello
bySachin Ghai
 
PDF
Foreman presentation
byGlen Ogilvie
 
ODP
PXEless Discovery with Foreman
byStephen Benjamin
 
ODP
Foreman in your datacenter
bylzap
 
PDF
Connecting AWS and Katello/The Foreman
byLukas Kallies
 
PDF
Openstack il2014 staypuft- your friendly foreman openstack installer
byArthur Berezin
 
PDF
Apache Provisionr (incubating) - Bucharest JUG 10
byAndrei Savu
 
PDF
OSDC 2015: Stephen Benjamin | Foreman in Your Data Center
byNETWAYS
 
ODP
SaltStack Integration with Foreman (2016)
byStephen Benjamin
 
PDF
Configuration and lifecycle in Mixed environments
byDmitry Kireev
 
ODP
CfgMgmtCamp 2015 - Managing the Content Lifecycle with Katello
byStephen Benjamin
 
PPTX
Using puppet, foreman and git to develop and operate a large scale internet s...
bytechblog
 
PDF
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
byPuppet
 
PPTX
Foreman-and-Puppet-for-Openstack-Audo-Deployment
byyating yang
 
PDF
A user's perspective on SaltStack and other configuration management tools
bySaltStack
 
PDF
PuppetCamp Sydney 2012 - Building a Multimaster Environment
byGreg Cockburn
 
PPTX
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
byPuppet
 
PDF
OSCamp 2019 | #3 Ansible: Foreman Discovery by Adam Ruzicka
byNETWAYS
 
PDF
Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
byNETWAYS
 
PDF
Red Hat Satellite 6 - Automation with Puppet
byMichael Lessard
 
Auto infra with_foreman_katello
bySachin Ghai
 
Foreman presentation
byGlen Ogilvie
 
PXEless Discovery with Foreman
byStephen Benjamin
 
Foreman in your datacenter
bylzap
 
Connecting AWS and Katello/The Foreman
byLukas Kallies
 
Openstack il2014 staypuft- your friendly foreman openstack installer
byArthur Berezin
 
Apache Provisionr (incubating) - Bucharest JUG 10
byAndrei Savu
 
OSDC 2015: Stephen Benjamin | Foreman in Your Data Center
byNETWAYS
 
SaltStack Integration with Foreman (2016)
byStephen Benjamin
 
Configuration and lifecycle in Mixed environments
byDmitry Kireev
 
CfgMgmtCamp 2015 - Managing the Content Lifecycle with Katello
byStephen Benjamin
 
Using puppet, foreman and git to develop and operate a large scale internet s...
bytechblog
 
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
byPuppet
 
Foreman-and-Puppet-for-Openstack-Audo-Deployment
byyating yang
 
A user's perspective on SaltStack and other configuration management tools
bySaltStack
 
PuppetCamp Sydney 2012 - Building a Multimaster Environment
byGreg Cockburn
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
byPuppet
 
OSCamp 2019 | #3 Ansible: Foreman Discovery by Adam Ruzicka
byNETWAYS
 
Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
byNETWAYS
 
Red Hat Satellite 6 - Automation with Puppet
byMichael Lessard
 

Viewers also liked

PDF
Improving Operations Efficiency with Puppet
byNicolas Brousse
 
PDF
How I hack on puppet modules
byKris Buytaert
 
PPS
A Presentation about Puppet that I've made at the OSSPAC conference
byohadlevy
 
PDF
KubeCon EU 2016: Heroku to Kubernetes
byKubeAcademy
 
PPTX
Docker Puppet Automatisation on Hidora
byOpen-IT
 
PPTX
Top 10 paramedical examiner interview questions and answers
bytonychoper7206
 
PDF
Beaker: Automated, Cloud-Based Acceptance Testing - PuppetConf 2014
byPuppet
 
PDF
Lifecycle Management mit Puppet und Foreman
byB1 Systems GmbH
 
PDF
Designing Puppet: Roles/Profiles Pattern
byPuppet
 
PDF
Introduction to Parameters in Foreman
byTomer Brisker
 
Improving Operations Efficiency with Puppet
byNicolas Brousse
 
How I hack on puppet modules
byKris Buytaert
 
A Presentation about Puppet that I've made at the OSSPAC conference
byohadlevy
 
KubeCon EU 2016: Heroku to Kubernetes
byKubeAcademy
 
Docker Puppet Automatisation on Hidora
byOpen-IT
 
Top 10 paramedical examiner interview questions and answers
bytonychoper7206
 
Beaker: Automated, Cloud-Based Acceptance Testing - PuppetConf 2014
byPuppet
 
Lifecycle Management mit Puppet und Foreman
byB1 Systems GmbH
 
Designing Puppet: Roles/Profiles Pattern
byPuppet
 
Introduction to Parameters in Foreman
byTomer Brisker
 

Recently uploaded

PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PDF
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 

Extending Foreman the easy way with foreman_hooks

  • 1.
    Extending the easyway with foreman_hooks Dominic Cleal dcleal@redhat.com 3rd February 2014
  • 2.
    Agenda ● Orchestration today ● ActiveRecord callbacks ● Whereto hook ● Data in hooks ● Troubleshooting ● Cool examples foreman_hooks | 2 | Dominic Cleal
  • 3.
    Orchestration today ● What doesorchestration mean? – – ● ● or·ches·trate (verb) to arrange or manipulate, especially by means of clever or thorough planning or maneuvering: to orchestrate a profitable trade agreement (source: dictionary.com) Namely: DNS, DHCP, TFTP, Puppet CA, compute resources Implemented in hosts and network interfaces, on creation, update and destroy foreman_hooks | 3 | Dominic Cleal
  • 4.
    ActiveRecord callbacks ● ● ActiveRecord isa database persistence layer in Ruby on Rails While mapping objects to tables, it provides a lifecycle of events: – validation (before, after) – before_save – before_create – after_create – after_save – after_commit foreman_hooks | 4 | Dominic Cleal
  • 5.
    Where should youhook? ● Orchestration hooks have benefits: ordering, rollbacks and UI visibility ● ActiveRecord works on nearly any object ● Hooks are written into ~foreman/config/hooks/<object>/<event> ● ● Each is a directory of executable files, called with the event name, then the string representation of the object ~foreman/config/hooks/host/managed/create/50_register_syste m.sh create foo.example.com foreman_hooks | 5 | Dominic Cleal
  • 6.
    Data in hooks ● $1is the event name, e.g. create or destroy ● $2 is the object's label, e.g. foo.example.com ● stdin is the JSON representation of the object { "host": { "name": "puppet.example.com", "id": 82, "ip": "192.168.30.10", "environment_id": 1, "environment_name": "production", "last_report": "2014-01-27T22:25:34Z", "mac": "52:54:00:2c:93:07", "sp_mac": null, "sp_ip": null, "sp_name": null, "domain_id": 6, "domain_name": "example.com", ..... foreman_hooks | 6 | Dominic Cleal
  • 7.
    Troubleshooting ● Do enable Foreman'sdebug logging – config.log_level = :debug in ~foreman/config/environments/production.rb Found hook to Host::Managed#update, filename 01_debug_log Finished registering 4 hooks for Host::Managed#update Observed update hook on test.example.com Queueing 1 hooks for Host::Managed#update Queuing hook 01_debug_log for Host::Managed#update at priority 01 Running hook: /home/dcleal/code/foreman/foreman/config/hooks/host/managed /update/01_debug_log update test.example.com foreman_hooks | 7 | Dominic Cleal
  • 8.
    Hook examples (1/3) ● ExtendingForeman quickly with hook scripts – http://bit.ly/1f8zVUZ # cat << EOF > ~foreman/config/hooks/host/destroy/70_deactivate_puppetdb #!/bin/bash # We can only deactivate data in PuppetDB, not add it [ "x$1" = xdestroy ] || exit 0 # Remove data in PuppetDB, supplying the FQDN # # assumes sudo rules set up as this runs as 'foreman': # foreman ALL = NOPASSWD : /usr/bin/puppet node deactivate * # Defaults:foreman !requiretty # sudo puppet node deactivate $2 EOF foreman_hooks | 8 | Dominic Cleal
  • 9.
    Hook examples (2/3) ● FreeIPAIntegration Guide (Stephen Benjamin) – ● http://bit.ly/19YBQhv Uses a “create” hook to run “ipa host-add”, then an after-commit hook to add the OTP parameter via the API foreman_hooks | 9 | Dominic Cleal
  • 10.
    foreman_hooks | 10| Dominic Cleal
  • 11.
    Hook examples (3/3) ● AWSVPC rDNS creation (Brian Galura) – ● ● ● http://bit.ly/1e47F9J Uses “create” and “destroy” hook to run nsupdate, creating a PTR record in his local name server From the stdin data, the IP address and host name can be retrieved with $(hook_data host.ip) Works around bug #3166 foreman_hooks | 11 | Dominic Cleal
  • 12.
    Questions? ● https://github.com/theforeman/foreman_hooks ● RPM users: – ● yum installforeman-plugin-hooks Debian users: – aptitude install ruby-foreman-hooks foreman_hooks | 12 | Dominic Cleal