The purpose of this guide is to walk through necessary steps to install Foreman within the context of OPNFV. To read the full user guide please visit http://www.theforeman.org
Your provisioning server should have CentOS7 already installed (please use full install, not minimal). Before you install Foreman make sure you have some settings and packages:
Edit your yum.conf if your environment requires proxy:
sudo yum update
sudo yum -y install bind-utils
sudo yum -y install bind
sudo yum -y install dhcp
sudo yum -y install tftp-server
Disable firewalld, selinux:
sudo systemctl stop firewalld
sudo systemctl disable firewalld
edit SELINUX=permissive in /etc/selinux/config
Foreman requires your hostname and FQDN are set:
Edit the hostname and make the name of the host:
sudo vi /etc/hostname
and make it something like:
Also make an entry in /etc/hosts:
sudo vi /etc/hosts
And add both FQDN and hostname:
192.168.22.130 foreman.localdomain foreman
In case the name changes have not taken place restart named service:
sudo systemctl restart systemd-hostnamed
sudo rpm –httpproxy=your_proxy_server –httpport=your_proxy_port -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
Now you are ready to move on and add the foreman repository:
sudo yum -y install epel-release http://yum.theforeman.org/releases/1.7/el7/x86_64/foreman-release.rpm
and get the foreman installer:
sudo yum -y install foreman-installer
Now run the installer with the right arguments for your setup:
sudo foreman-installer \\ --enable-foreman-proxy \\ --foreman-proxy-tftp=true \\ --foreman-proxy-tftp-servername=192.168.122.130 \\ --foreman-proxy-dhcp=true \\ --foreman-proxy-dhcp-interface=eth2 \\ --foreman-proxy-dhcp-gateway=192.168.122.1 \\ --foreman-proxy-dhcp-range="192.168.122.21 192.168.122.51" \\ --foreman-proxy-dhcp-nameservers="192.168.122.1" \\ --foreman-proxy-dns=true \\ --foreman-proxy-dns-interface=eth2 \\ --foreman-proxy-dns-zone=localdomain \\ --foreman-proxy-dns-reverse=65.6.10.in-addr.arpa \\ --foreman-proxy-dns-forwarders=192.168.122.1 \\ --foreman-proxy-foreman-base-url=https://localhost \\ --foreman-proxy-oauth-consumer-key=ag9QcrzYTZQVhsnuEb8zYVc6taL4jmXj \\ --foreman-proxy-oauth-consumer-secret=CWieWvBUMrfsvSc88UcmNTtrGtSzUCCf
You should see the following
Success! * Foreman is running at https://foreman.localdomain Initial credentials are admin / N2cbeKHrMe9FNzdq * Foreman Proxy is running at https://foreman.localdomain:8443 * Puppetmaster is running at port 8140 The full log is at /var/log/foreman-installer/foreman-installer.log
Please notice the above message gives you the credentials to the Foreman GUI.
If you get a 401 Error, access the Foreman gui and go to Administer>Settings>Auth and copy the OAuth key and secrets and add them to the above foreman-installer command.
One thing that requires manual intervention is to go to Hosts→Installation Media and remove the minor version from the CentOS 7 entry as the minor version not only is not required but it also fail to access the http mirror for CentOS
Foreman is capable of building hosts (baremetal or virtual), applying Salt or Puppet modules to hosts, and serving as DHCP, TFTP, DNS servers. The following steps show what's necessary to setup Foreman for OPNFV purposes:
If you are behind a firewall and need to use a proxy, then you need to add some extra global parameters in Foreman. Global paremeters are just global variables that Foreman will use along with make them available to puppet. See the Global Parameters section below for more info.
Once you add these global parameters, hosts will be kickstarted using that proxy address and repos required during puppet installation will also reference that proxy.
First make sure that your host is in a trusted puppet master, go to Administer in the top right → Settings and search for "trusted_puppetmaster_hosts". Then edit the value (keeping in mind it needs to be an array, so maintain the square brackets) with the foreman.localdomain value for your foreman server. To stop Foreman from modifying your configured network settings for each host, you should configure this setting. From the Foreman GUI, go to Administer in the top right → Settings → Provisioning Tab → ignore_puppet_facts_for_provisioning = true.
The "Kickstart default" provisioning template will only bring up your first/management interface. For BGS we are using 3 separate networks (admin, public, private). For that reason we want the kickstart to bring up these interfaces and DHCP their addresses. To accomplish this we add the following ERB code to the kickstart template:
<% @host.interfaces.each do |interface| %> <% if interface.identifier != "" %> network --bootproto=dhcp --device=<%= interface.identifier %> --onboot=yes <% end %> <% end %>
As you can see from the above as long as the interface name is not null we configure it to be dhcp and onboot. Therefore we set the interface name of our BMC interface (we do not want Foreman to configure this) as null. See the "Using Foreman to Control Hardware" section below.
We need to have Foreman aware of the OPNFV classes. This section assumes you using Foreman to apply OPNFV puppet modules to your nodes and completed the Puppet modules install guide. These will invoke QuickStack and OpenStack puppet modules accordingly. Follow these steps:
Global parameters are variables that are used by Foreman as well as for the OPNFV puppet class. They can be found by going to Configure → Global Parameters. Please reference the variables listed in the puppet modules guide if you wish to use the OPNFV puppet module to deploy ODL + OpenStack.
HostGroups are used to classify different types of hosts we want to provision. For OPNFV purposes we classify a node as compute or controller+networker. It is supported to create three separate nodes (compute, control, network) but for hte purposes of OPNFV we are consolodating controller+networker into one node. To configure HostGroups in Foreman:
Now that HostGroups are created you can create a host as a child of that HostGroup:
This section is applicable if using Global Parameters. It goes over what variable needs to be overriden if using the OPNFV puppet modules.
If using the same server hardware or VMs throughout your environment then you can get away with just setting the private interface name as the global value for ovs_tunnel_if (since they will all be the same name). However if you use different model servers or different NIC interfaces you need to override this parameter per host. To do this in Foreman Web GUI:
Go to your Host→Edit Click Parameters and find ovs_tunnel_if Click override, and enter the name of the private subnet interface for this host. Do this for all hosts that will run OVS (network and compute nodes).
If you are interested in allowing Foreman to control power, setting PXE boot, etc with your server's BMC/OOB management interface follow the steps below: