Many months back I introduced work to run Foreman, Katello and a subset of plugins via containers running in Openshift. The previous work was captured in a deep dive. That work went quiet but has been revived and that revival is the subject of this email. Please note, this work is still in an alpha stage, presents a potential shift in how we think about Foreman and it’s deployment. Further, there is much testing and discussions to be had going forward around every aspect. We look forward to your help testing, contributions and feedback.
Getting Started
I am happy to announce a large chunk of this work has been merged to Forklift master and can be found in the containers directory. For those wishing to jump right in and play with it checkout the Quick Start Guide. Please take heed of the system requirements to avoid a failed installation.
Caveats
This work is by no means production ready at present. We have tested certain workflows and have to-dos related to testing a range of functionality. That being said, the application is usable and testable and we encourage everyone to do so!
The current setup requires Openshift and is built around using a Minishift instance to isolate the setup and make it easy to create and delete. Any Openshift cluster should work, but take note that you will need some escalated privileges on the cluster. Given we are currently using Openshift natives to make things like routing easier native Kubernetes cannot be used for the deployment.
A proof of concept has already been performed to migrate an existing Foreman instance’s data into an Openshift based one with as little downtime as possible. We look forward to sharing this work with you as we progress but for this first announcement the focus is on fresh deployment.
Testing
Please take this deployment for a test drive and try out your favorite features. Given the early nature of this work, we’ve not tested every path or even every major feature. If you find an issue this could be a real code issue or a deployment issue. Please file an issues here and label them containers and we will triage.
Contributors
There are many areas to contribute in with the largest area being testing. The current docs do not spell out how to setup an environment for contribution but this is forthcoming. Contributions can be made to docs, image builds, deployment or fixing existing or new issues.
Roadmap
There are many items left on the roadmap that will be captured as Github issues on Forklift. A highlight of those higher level items:
Updated deep dive showing deployment process and tour
Testing all major features and ensuring they work
Migrating an existing Foreman instance
Smart proxy architecture
Moving to Dockerfiles for image builds and deprecating ansible-container
Adding more continuous integration and delivery
Add contributing and development documentation
Liveness and readiness probes
Scale testing and Auto-scaling of pods based on load
That’s not high on the priority Roadmap given the features that need testing and fixes therein. There are some Openshift natives that we are using to enable the full stack and paths to work. So contributions are welcome in this area. The three biggest areas that we’ve tied into Openshift concepts:
Routing to provide a hostname by default and expose all the various services and paths
Pod lifecycle hooks to perform actions such as proxy registration and use of Openshift deployment configs
Openshift Security Context Constraints
I think #3 on Kubernetes may be not an issue since it should be more wide open. The first two would need investigation and a solution that works in a pure Kube environment.
We appreciate this feedback as it is an area we were interested to hear feedback from the community on.
On the Architecture, that is a good question and I should have included current resources in that area. There is an architecture document to describe each component here. There is also a diagram here that is a few iterations old and I will work on updating but it shows the general breakdown of services. Is there additional information and resources that you would find helpful in understanding the setup?
Can you expand on “separate” ? If you follow the quickstart guide, you’ll note in there minimum memory requirements the current setup recommends. If you the minishift setup you will get an isolated Openshift running on a VM that you can create, and destroy with ease for testing and looking at the setup. Beyond that I am happy to discuss further information that would help.
TBH: I didn’t try to run it on OKD and suspect that some base containers (e.g. the pg container) won’t work and need to be substituted with some SELinux friendly version etc… would you be interested in continuing this work?
Nice!. I have OCP 3.11 running, so I’ll see if I can get it going over the weekend. I’ll just deploy my own pg. That part wont be an issue.
I honestly didn’t even know the containers existed. So I’m not familiar with them at all. I assume they will create the DB schema in pgsql if I deploy my own?
edit: Never mind. I see how it all comes together. I’ll see how I go over the weekend. Would be cool to make this a common thing.
