User Tools

Site Tools


foreman_guide

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
foreman_guide [2015/03/09 19:46]
Tim Rozet created
foreman_guide [2015/04/07 22:26] (current)
Daniel Farrell [Install Foreman] Better formatting for complex Foreman install command
Line 18: Line 18:
  
 ''​sudo yum update''​ ''​sudo yum update''​
 +
 ''​sudo yum -y install bind-utils''​ ''​sudo yum -y install bind-utils''​
 +
 ''​sudo yum -y install bind''​ ''​sudo yum -y install bind''​
 +
 ''​sudo yum -y install dhcp''​ ''​sudo yum -y install dhcp''​
 +
 ''​sudo yum -y install tftp-server''​ ''​sudo yum -y install tftp-server''​
  
 Disable firewalld, selinux: Disable firewalld, selinux:
 +
 ''​sudo systemctl stop firewalld''​ ''​sudo systemctl stop firewalld''​
 +
 ''​sudo systemctl disable firewalld''​ ''​sudo systemctl disable firewalld''​
 +
 ''​setenforce 0''​ ''​setenforce 0''​
-edit SELINUX=permissive in/​etc/​selinux/​config+ 
 +''​edit SELINUX=permissive in /​etc/​selinux/​config''​
  
 Foreman requires your hostname and FQDN are set: Foreman requires your hostname and FQDN are set:
Line 67: Line 75:
 Now run the installer with the right arguments for your setup: Now run the installer with the right arguments for your setup:
  
-''​sudo foreman-installer \\+<​code>​ 
 +sudo foreman-installer \\
    ​--enable-foreman-proxy \\    ​--enable-foreman-proxy \\
    ​--foreman-proxy-tftp=true \\    ​--foreman-proxy-tftp=true \\
Line 83: Line 92:
    ​--foreman-proxy-foreman-base-url=https://​localhost \\    ​--foreman-proxy-foreman-base-url=https://​localhost \\
    ​--foreman-proxy-oauth-consumer-key=ag9QcrzYTZQVhsnuEb8zYVc6taL4jmXj \\    ​--foreman-proxy-oauth-consumer-key=ag9QcrzYTZQVhsnuEb8zYVc6taL4jmXj \\
-   ​--foreman-proxy-oauth-consumer-secret=CWieWvBUMrfsvSc88UcmNTtrGtSzUCCf'' ​+   ​--foreman-proxy-oauth-consumer-secret=CWieWvBUMrfsvSc88UcmNTtrGtSzUCCf 
 +</​code>​
  
 You should see the following You should see the following
  
-Installing ​            ​Done ​                                              ​[100%] [...........................................................................................]+<​code>​
   Success!   Success!
   * Foreman is running at https://​foreman.localdomain   * Foreman is running at https://​foreman.localdomain
Line 94: Line 104:
   * Puppetmaster is running at port 8140   * Puppetmaster is running at port 8140
   The full log is at /​var/​log/​foreman-installer/​foreman-installer.log   The full log is at /​var/​log/​foreman-installer/​foreman-installer.log
 +</​code>​
  
 Please notice the above message gives you the credentials to the Foreman GUI. Please notice the above message gives you the credentials to the Foreman GUI.
Line 104: Line 114:
  
 ---- ----
 +====Configuring and Using Foreman====
 +Foreman is capable of building hosts (baremetal or virtual), applying Salt or Puppet modules to hosts, and serving as DHCP, TFTP, DNS servers. ​ The following steps show what's necessary to setup Foreman for OPNFV purposes:
 +  - Import puppet classes into Foreman to make Foreman aware of which to apply.
 +  - Create HostGroups to manage host types (compute, network, control)
 +  - Create/​Configure Hosts.
 +  - Optional: Setup Foreman to control hardware reboots, boot device, etc.
 +
 +===Using a Proxy?===
 +If you are behind a firewall and need to use a proxy, then you need to add some extra global parameters in Foreman. ​ Global paremeters are just global variables that Foreman will use along with make them available to puppet. ​ See the Global Parameters section below for more info.  ​
 +  * http-proxy -proxy ip address or host (ex: "​proxy.example.com"​)
 +  * http-proxy-port -proxy port to use (ex: "​8080"​)
 +  * proxy_address -full proxy address (ex: "​http://​proxy.example.com:​8080"​)
 +
 +Once you add these global parameters, hosts will be kickstarted using that proxy address and repos required during puppet installation will also reference that proxy.
 +
 +===Adminstrator Settings===
 +First make sure that your host is in a trusted puppet master, go to Administer in the top right -> Settings and search for "​trusted_puppetmaster_hosts"​. Then edit the value (keeping in mind it needs to be an array, so maintain the square brackets) with the foreman.localdomain value for your foreman server.
 +To stop Foreman from modifying your configured network settings for each host, you should configure this setting. ​ From the Foreman GUI, go to Administer in the top right -> Settings -> Provisioning Tab -> ignore_puppet_facts_for_provisioning = true.
 +
 +===Kickstart Changes===
 +The "​Kickstart default"​ provisioning template will only bring up your first/​management interface. ​ For BGS we are using 3 separate networks (admin, public, private). ​ For that reason we want the kickstart to bring up these interfaces and DHCP their addresses. ​ To accomplish this we add the following ERB code to the kickstart template:
 +<​code>​
 +<% @host.interfaces.each do |interface| %>
 +<% if interface.identifier != ""​ %>
 +network --bootproto=dhcp --device=<​%= interface.identifier %> --onboot=yes
 +<% end %>
 +<% end %>
 +</​code>​
 +
 +As you can see from the above as long as the interface name is not null we configure it to be dhcp and onboot. ​ Therefore we set the interface name of our BMC interface (we do not want Foreman to configure this) as null.  See the "Using Foreman to Control Hardware"​ section below.
 +
 +===Using Puppet with Foreman===
 +We need to have Foreman aware of the OPNFV classes. ​ This section assumes you using Foreman to apply OPNFV puppet modules to your nodes and completed the Puppet modules install guide. ​ These will invoke QuickStack and OpenStack puppet modules accordingly. ​ Follow these steps:
 +
 +  - In Foreman go to Configure->​Puppet classes
 +  - Click Import from foreman.example.com in top right.
 +  - Foreman will prompt you asking which environments to import. ​ Choose Add for all in production.
 +  - Now go back to Configure->​ Puppet classes and search for trystack. You should see trystack, trystack::​compute,​ etc.
 +
 +===Global Parameters===
 +Global parameters are variables that are used by Foreman as well as for the OPNFV puppet class. ​ They can be found by going to Configure -> Global Parameters. ​ Please reference the variables listed in the [[https://​wiki.opnfv.org/​quickstack_opnfv_puppet_guide#​running_puppet_modules | puppet modules guide]] if you wish to use the OPNFV puppet module to deploy ODL + OpenStack.
 +
 +===Create HostGroups in Foreman===
 +HostGroups are used to classify different types of hosts we want to provision. ​ For OPNFV purposes we classify a node as compute or controller+networker. ​ It is supported to create three separate nodes (compute, control, network) but for hte purposes of OPNFV we are consolodating controller+networker into one node.  To configure HostGroups in Foreman:
 +
 +  - Configure -> HostGroup
 +  - Set "​Name"​=OpenStack Compute, Environment=production,​ Puppet CA/​Master=foreman.example.com
 +  - Puppet Classes tab -> add trystack and trystack::​compute
 +  - Network tab-> select the management subnet you created
 +  - Operating System tab -> Operating System = CentOS7 you defined, Media = CentOS mirror, Partition table= Kickstart default
 +  - Submit, repeat for trystack::​controller_networker (control+network node).
 +
 +===Create Host in Foreman===
 +Now that HostGroups are created you can create a host as a child of that HostGroup:
 +  - Hosts ->New Host
 +  - Name= OSCompute1, select HostGroup you created, Environment=production
 +  - Network tab -> Set the MAC address for the NIC attached to the management network. Set the IP it should use.
 +  - Operating System tab -> Select OS, enable Build Mode, etc.
 +  - Submit and now your host will show up.
 +  - You can now click on your host and click Build (B).  On the servers next pxe boot it will build off of foreman using kickstart default. ​ Interested in using Foreman to control your hardware? See below.
 +
 +===Host Global Parameter Overriding===
 +This section is applicable if using Global Parameters. ​ It goes over what variable needs to be overriden if using the OPNFV puppet modules.
 +
 +If using the same server hardware or VMs throughout your environment then you can get away with just setting the private interface name as the global value for ovs_tunnel_if (since they will all be the same name). However if you use different model servers or different NIC interfaces you need to override this parameter per host. To do this in Foreman Web GUI:
  
 +Go to your Host→Edit
 +Click Parameters and find ovs_tunnel_if
 +Click override, and enter the name of the private subnet interface for this host.
 +Do this for all hosts that will run OVS (network and compute nodes).
  
 +===Using Foreman to Control Hardware===
 +If you are interested in allowing Foreman to control power, setting PXE boot, etc with your server'​s BMC/OOB management interface follow the steps below:
 +  - Enable foreman-proxy to run BMC service. ​ Modify /​etc/​foreman-proxy/​settings.d,​ :enabled: true, :​bmc_default_provider:​ ipmitool.
 +  - Restart foreman-proxy and httpd.
 +  - Go back to Foreman web browser, Infrastructure->​Smartproxies.
 +  - Click the drop down next to Certificates and select "​Refresh Features"​
 +  - BMC should now show up in the feature list.
 +  - Now go to your host, Network tab.
 +  - Add an interface, select Type as BMC.
 +  - Add the MAC address and IP, along with credentials and select IPMI as provider.
 +  - Make sure you enabled IPMI on your hardware server'​s BMC configuration.
 +  - Now go back to the host status page, next to "​Start"​ you can drop down and pick Status.
 +  - Now on the left pane, BMC should show up. Click it and you should see hte Chassis Power state.
 +  - You now have the option when you "​Build"​ to tell Foreman to reboot the server now.
foreman_guide.1425930400.txt.gz · Last modified: 2015/03/09 19:46 by Tim Rozet