AWS EC2 with Foreman

Hi all,
Is there a good tutorial on how to provisioning EC2/VM on AWS using
Foreman.
I have try the Foreman Documentation and some Google results, but all i get
some error for unfinished template " Failed to save: No finish templates
were found for this host, make sure you define at least one in your
CentOS_7 settings"

> Hi all,
> Is there a good tutorial on how to provisioning EC2/VM on AWS using
> Foreman.

No need to restrict to AWS, provisioning is largely the same in Foreman
regardless of the platform - that consistency is part of the attraction
of Foreman for many people.

> I have try the Foreman Documentation and some Google results, but all
> i get some error for unfinished template " Failed to save: No finish
> templates were found for this host, make sure you define at least one
> in your CentOS_7 settings"

The OS setup is indeed fiddly. Start by going to the finish template
you want to use (Hosts > Provisioning templates), and on the
Associations tab, make sure the CentOS 7 OS has been added. Save that,
then go to the Operating Systems page, edit CentOS 7, and on the
Templates tab, select the finish template as the default for this OS.
Save the OS.

When you provision a new host, you can click the Resolve Templates
button to check it's picked up the right template before you hit Save.

HTH,
Greg

Hi Greg,

What i have done till now is the following:

1. Infrastructure > Computer Resources > Create Computer Resource (here i
   have add AWS info etc)

2. Host > Provisioning templates, here i have create new Template or add
   the following templates.
   http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/sample-templates-services-us-west-2.html
   https://s3-us-west-2.amazonaws.com/cloudformation-templates-us-west-2/EIP_With_Association.template
   Also i have try with one of the default one "Kickstart default"

3. Create OS Host > Operating Systems

• Partition table = Kickstart default
• Installation media > default CentOS mirror
• Templates ( i have try as i say the one that i have created and the
  default one Kickstart default )

4. After that i have create a new image from Infrastructure > Computer
   resource and > create Image.

5. Host > create host

• Name -(random generate)
• Deploy on AWS
• Environment - default ones
• Puppet master - default
• puppet CA default etc.
  Interface tab
• add the - default subnet
  Operating System
  In this part i have just one choice
  -Architecture - 64
• OS - the one that i have created
• Image - the one that i have created
• Root password - password
  and when i press resolve i got this message
  Also when i try to press submit i get the same error.

There is no finish template anywhere as options on the way. I have try to
lock the template but again same results.

Hi all, Greg,

Any info about this ? Can someone point me what im doing wrong ?

What version of Foreman are you on? There was a bug with the Resolve
Templates button in recent Foreman versions (1.14 & 1.15, I think), but
that was fixed in 1.15.4.

Greg

Hi Greg,

I'm using Version 1.15.4. The newest one.

I was seeing this on 1.15.4 and upgraded to 1.15.6 with the same results.

For some reason image based deployments that have userdata enabled also
require a finish template associated.

This leads to 1 of 2 outcomes:

1. as Ivan stated, the host creation UI throws this error and a cannot
   proceed
2. as a workaround, a finish template is associated, but if VM is being
   deployed with a non-root user (ie 'centos' for Centos instances) the
   provisioning cannot be completed via SSH as the wrong user is trying to
   login to run the finish script. This happens even if the image is
   configured with user 'centos':

logs:
2017-10-25 15:31:45 1c049de5 [sql] [I] About to start post launch script on
test28.ipadomain.com
2017-10-25 15:31:45 1c049de5 [sql] [I] generating template to upload to
test28.ipadomain.com
2017-10-25 15:32:25 1c049de5 [sql] [I] Remove puppet certificate for
test28.ipadomain.com
2017-10-25 15:32:27 1c049de5 [sql] [I] Adding autosign entry for
test28.ipadomain.com
2017-10-25 15:32:37 1c049de5 [app] [W] Failed to launch script on
test28.ipadomain.com: Please login as the user "centos" rather than the
user "
root".
2017-10-25 15:32:37 1c049de5 [sql] [W] Rolling back due to a problem:
[#<Orchestration::Task:0x00000006e35e30 @name="Configure instance test
28.ipadomain.com via SSH", @status="failed", @priority=2003,
@action=[#<Host::Managed id: 104, name: "test28.ipadomain.com",
last_compile: nil, last
_report: nil, updated_at: "2017-10-25 22:31:45", created_at: "2017-10-25
22:31:45", root_pass: "<snip>", architecture_id: 1, operatingsystem_id: 3,
environment_id: 4, ptable_id: nil, medium_id: nil, build: true, comment:
"", disk: ""
, installed_at: nil, model_id: nil, hostgroup_id: 4, owner_id: 5,
owner_type: "User", enabled: true, puppet_ca_proxy_id: 1, managed: true, u
se_image: nil, image_file: nil, uuid: "i-06d131076cfee4de4",
compute_resource_id: 2, puppet_proxy_id: 1, certname: nil, image_id: 2,
organiz
ation_id: 1, location_id: 3, type: "Host::Managed", otp:
"0Jk(/vE83}OY%cib>,+a.k", realm_id: 1, compute_profile_id: 6,
provision_method: "im
age", grub_pass: "<snip>", content_view_id: nil, lifecycle_environment_id:
nil, global_status
: 0, lookup_value_matcher: "fqdn=test28.ipadomain.com", pxe_loader: "",
discovery_rule_id: nil>, :setSSHProvision], @timestamp=2017-10-25 22:32:
37 UTC>]
2017-10-25 15:32:37 1c049de5 [sql] [I] Remove puppet certificate for
test28.ipadomain.com
2017-10-25 15:32:39 1c049de5 [sql] [I] Delete the autosign entry for
test28.ipadomain.com
2017-10-25 15:32:39 1c049de5 [sql] [E] Task Prepare post installation
script for test28.ipadomain.com rollbacked
2017-10-25 15:32:39 1c049de5 [sql] [E] Task Wait for test28.ipadomain.com
to come online rollbacked
2017-10-25 15:32:39 1c049de5 [sql] [E] Task Enable certificate generation
for test28.ipadomain.com rollbacked
2017-10-25 15:32:39 1c049de5 [sql] [E] Task Configure instance
test28.ipadomain.com via SSH failed

> I was seeing this on 1.15.4 and upgraded to 1.15.6 with the same
> results.
>
> For some reason image based deployments that have userdata enabled
> also require a finish template associated.

That's a bug if it's reproducible, as Foreman cannot use both for a VM
creation anyway - they're mutually exclusive. If the user-data flag is
set on the Image then it can only use that template.

> This leads to 1 of 2 outcomes:
>
> 1. as Ivan stated, the host creation UI throws this error and a
> cannot proceed

> 2. as a workaround, a finish template is associated, but if VM is
> being deployed with a non-root user (ie 'centos' for Centos
> instances) the provisioning cannot be completed via SSH as the wrong
> user is trying to login to run the finish script. This happens even
> if the image is configured with user 'centos':

There's two things here. That it is attempting to use the finish
template suggests the user-data flag is not set on the Image, or not
working. The choice of user & password for an SSH-based image, though,
is configurable in the Image (in the edit page).

Note when I say Image, I'm talking about the object in the Foreman UI
that is linked to the AMI, not the AMI itself.

Greg