Ansible integration - first steps?

Hi foreman users,

I started a thread on foreman-dev to discuss possible ways to start
Ansible integration in Foreman.
https://groups.google.com/forum/#!topic/foreman-dev/cjj2g3bS8ho

As a developer, I don't spend most of my time configuring systems, and
I don't have any experience with Ansible professionally. However, I
think the plugin would be an awesome way to bring Ansible users to use
Foreman and benefit from the plethora of other features we have.

If you have any kind of feedback, it'd be very appreciated.

Best, thank you,

Great!

As an admin I spend most of my time configuring systems and have
preferred ansible over puppet for a while now.

So we are willing to spend the time for testing this, let me know when
you have some kind of release.

Met vriendelijke groet, With kind regards,

Jorick Astrego

Netbulae Virtualization Experts

Tel: 053 20 30 270 	info@netbulae.eu 	Staalsteden 4-3A 	KvK 08198180
Fax: 053 20 30 271 	www.netbulae.eu 	7547 TA Enschede 	BTW NL821234584B01

If you're waiting to test this - I added support for simple reports
today and fixed a bug with fact imports where the 'reported_at' date
would not show up.

See https://github.com/dlobatog/foreman_ansible and feel free to ask
any questions you might have.

>
>
> As an admin I spend most of my time configuring systems and have
> preferred ansible over puppet for a while now.
>
> So we are willing to spend the time for testing this, let me know when
> you have some kind of release.
>

Not exactly a release - but I wrote a plugin for Foreman / callback
plugin for Ansible (based on Ivan Necas callback for reports) that
allows you to import Ansible facts.

It's still rudimentary but I hope it can be of some use to you.

How much does Foreman actually rely on Puppet? I know it's an ENC and uses
the Hostgroups. The integration is pretty tight.

What room is there for actually using Ansible as a complete replacement for
Puppet?

At my last place, we grew a bit tired of the Puppetlabs guys trying to push
our configurations in a way that was clearly against our wishes of wanting
to ensure a smooth transition to Satellite 6. There's a clear competitor
attitude from Puppetlabs towards Satellite 6.

D

> How much does Foreman actually rely on Puppet? I know it's an ENC and uses
> the Hostgroups. The integration is pretty tight.

It doesn't rely on it for anything but the installer. However there are
a number of things like Settings, some options on Hosts, Smart variables
and so forth, that should be moved to a plugin to actually provide a
full-replacement.

> What room is there for actually using Ansible as a complete replacement for
> Puppet?

For the moment the plugin does not support importing playbooks and so
forth, so it's mostly hosts inventory, facts, and reporting from
Ansible. Once these last 2 are a bit more polished I will get started
with remote execution. It'd still be not as good an integration as the one
we have with Puppet. Suggestions on things you'd like to see would
help me greatly at this stage.

Hi Daniel

I just got a question i would like to start testing the ansible plugin but
just my concert is for the instructions is say setup a new hosts to send
the facts to foreman but what happen if the machine is already registered
with puppet is going to make twice registrations ?

Hi Daniel,

I was start playing with foreman_ansible under katello2.4rc3, hope its ok
to bother you…

With Ansible 1.9.4: I´m getting the below error under the production.log,
do you have maybe any idea whats wrong?
With Ansible 2.0.0 RC1: nothing is send to Foreman over TCP 80 or 443, do
you have maybe any idea whats wrong?

BTW you ementioned that Facts must contain "a '_type' and '_timestamp'
keys", how can I add them, I dont see them in the Ansible Output, could
this be the reason?

HTTP Connection

2015-11-26 08:32:47 [app] [I]
>
> Started POST "/api/v2/hosts/facts" for 10.161.0.203 at 2015-11-26 08:32:
47 +0100
2015-11-26 08:32:47 [app] [I] Processing by Api::V2::HostsController#facts
as JSON
2015-11-26 08:32:47 [app] [I] Parameters: {"name"=>"test6.cesystems.at",
"facts"=>"[FILTERED]", "apiv"=>"v2", :host=>{"name"=>"test6.cesystems.at"}}
2015-11-26 08:32:47 [app] [I] Completed 201 Created in 136ms (Views: 11.8ms
> ActiveRecord: 0.4ms)
2015-11-26 08:32:47 [app] [I]
>
> Started POST "/api/v2/reports" for 10.161.0.203 at 2015-11-26 08:32:47 +
0100
2015-11-26 08:32:47 [app] [I] Processing by Api::V2::ReportsController#create
as JSON
2015-11-26 08:32:47 [app] [I] Parameters: {"report"=>"[FILTERED]", "apiv"
=>"v2"}
2015-11-26 08:32:47 [app] [I] processing report for test6.cesystems.at
2015-11-26 08:32:48 [app] [I] Imported report for test6.cesystems.at in 0.23
seconds
2015-11-26 08:32:48 [app] [I] Rendered api/v2/reports/create.json.rabl (
621.4ms)
2015-11-26 08:32:48 [app] [I] Completed 201 Created in 963ms (Views: 672.5ms
> ActiveRecord: 93.1ms)

HTTPS Connection

2015-11-26 08:35:38 [app] [I]
>
> Started POST "/api/v2/hosts/facts" for 10.161.0.203 at 2015-11-26 08:35:
38 +0100
2015-11-26 08:35:38 [app] [I] Processing by Api::V2::HostsController#facts
as JSON
2015-11-26 08:35:38 [app] [I] Parameters: {"name"=>"test6.cesystems.at",
"facts"=>"[FILTERED]", "apiv"=>"v2", :host=>{"name"=>"test6.cesystems.at"}}
2015-11-26 08:35:38 [app] [W] No SSL cert with CN supplied - request from
10.161.0.203,
2015-11-26 08:35:38 [app] [I] Rendered api/v2/errors/access_denied.json.rabl
within api/v2/layouts/error_layout (0.7ms)
2015-11-26 08:35:38 [app] [I] Filter chain halted as #<Proc:0x00000008132880@/usr/share/foreman/app/controllers/concerns/foreman/controller/smart_proxy_auth.rb:14>
rendered or redirected
2015-11-26 08:35:38 [app] [I] Completed 403 Forbidden in 10ms (Views: 1.8ms
> ActiveRecord: 0.7ms)
2015-11-26 08:35:38 [app] [I]
>
> Started POST "/api/v2/reports" for 10.161.0.203 at 2015-11-26 08:35:38 +
0100
2015-11-26 08:35:38 [app] [I] Processing by Api::V2::ReportsController#create
as JSON
2015-11-26 08:35:38 [app] [I] Parameters: {"report"=>"[FILTERED]", "apiv"
=>"v2"}
2015-11-26 08:35:38 [app] [W] No SSL cert with CN supplied - request from
10.161.0.203,
2015-11-26 08:35:38 [app] [I] Rendered api/v2/errors/access_denied.json.rabl
within api/v2/layouts/error_layout (1.7ms)
2015-11-26 08:35:38 [app] [I] Filter chain halted as #<Proc:0x0000000d6691a0@/usr/share/foreman/app/controllers/concerns/foreman/controller/smart_proxy_auth.rb:14>
rendered or redirected
2015-11-26 08:35:38 [app] [I] Completed 403 Forbidden in 92ms (Views: 6.3ms
> ActiveRecord: 0.0ms)

Thanks,
Christian

> Hi Daniel
>
> I just got a question i would like to start testing the ansible plugin but
> just my concert is for the instructions is say setup a new hosts to send
> the facts to foreman but what happen if the machine is already registered
> with puppet is going to make twice registrations ?

No, if you run ansible on an fqdn that's already registered in Foreman
as a host, it'll submit more reports and facts to that host.

HTTP Connection

2015-11-26 08:59:42 [app] [I]
>
> Started POST "/api/v2/hosts/facts" for 10.161.0.203 at 2015-11-26 08:59:
42 +0100
2015-11-26 08:59:42 [app] [I] Processing by Api::V2::HostsController#facts
as JSON
2015-11-26 08:59:42 [app] [I] Parameters: {"name"=>"test6.cesystems.at",
"facts"=>"[FILTERED]", "apiv"=>"v2", :host=>{"name"=>"test6.cesystems.at"}}
2015-11-26 08:59:42 [app] [I] Import facts for 'test6.cesystems.at'
completed. Added: 0, Updated: 2, Deleted 0 facts
2015-11-26 08:59:42 [app] [I] Completed 422 Unprocessable Entity in 41ms (
Views: 0.3ms | ActiveRecord: 13.1ms)
2015-11-26 08:59:42 [app] [I]
>
> Started POST "/api/v2/reports" for 10.161.0.203 at 2015-11-26 08:59:42 +
0100
2015-11-26 08:59:42 [app] [I] Processing by Api::V2::ReportsController#create
as JSON
2015-11-26 08:59:42 [app] [I] Parameters: {"report"=>"[FILTERED]", "apiv"
=>"v2"}
2015-11-26 08:59:42 [app] [I] processing report for test6.cesystems.at
2015-11-26 08:59:42 [app] [I] Imported report for test6.cesystems.at in 0.29
seconds
2015-11-26 08:59:42 [app] [I] Rendered api/v2/reports/create.json.rabl (
26.1ms)
2015-11-26 08:59:42 [app] [I] Completed 201 Created in 337ms (Views: 26.0ms

> > Hi Daniel
> >
> > I just got a question i would like to start testing the ansible plugin
> but
> > just my concert is for the instructions is say setup a new hosts to send
> > the facts to foreman but what happen if the machine is already registered
> > with puppet is going to make twice registrations ?
>
> No, if you run ansible on an fqdn that's already registered in Foreman
> as a host, it'll submit more reports and facts to that host.
>

but won't each puppet / ansible run will delete the custom / ansible facts?
or rather is it a different type of facts?

Ohad

Hi Daniel,

maybe you can help, any feedback is more then welcome…

*Remote Server on same VLAN = okRemote Server on different VLAN = failed
(see Attachment)*PS: I added also the Subnet/Domain from this Host to
Foreman, but it did not help…

Thanks,
Christian

Ansible.log (14.7 KB)