Looking though the community forums, I see some reference to running Foreman within a Docker container and see that all builds are published to quay.io.
Does anyone one here run Foreman within Docker for production ? Also what are thoughts on this as a production deployment method ?
We are running Ansible now and don’t see a robust Galaxy role/collection for installing the Foreman service, we would like to stay away from having Puppet on any nodes just to avoid issues with multiple CMs managing things.
I have been running (and maintaing) the dockerfile/compose/Kubernetes environment over the last year or so, but honestly, I don’t run foreman in a real production environment anymore.
the main difference is that if you want to have additional plugins, you would need to rebuild the images, while not a big deal, it is extra work that you would need to do, in some cases (e.g. katello) I would assume additional work is required.
in short, unless you are willing to experiment, and understand how containers work, I would not recommend you migrate a large production environments, as not many others do and you might hit issues, having said that, I’m not aware of anything that is not working and its (for me) a great / better experience.
Good news, I’m willing for a little experimentation and I’m familiar with K8S and building Docker images as needed. We don’t really use any plugins like Katello but will take that into consideration.
I do have questions about the upgrade process @ohadlevy have you upgraded from version to version+ with Foreman running in docker. Assuming the database container hasn’t changed and all settings/code are available ?
Upgrade works, you would need to pull a new version and run the migration /
seeding take tasks.
Sadly there is code today that won’t let the app run when there are pending
migration (which is good) however it requires a restart of the containers
(it check the status only once).
Nevertheless, you can have significant shorter downtimes for updates
I’m a little confused if the app won’t run with pending migrations wouldn’t this prevents running the migrations tasks ?
or would you do something like
docker exec -it app /bin/seedingtasks
Also looking at the notes from 2.0
Database migrations and seeding no longer run as part of package installation
This will speed up package installation and upgrades. Seeding will now occur on application startup if needed. Migrations will be executed by the installer when it runs. Both can still be manually executed if needed, by running
foreman-rake db:migrate or
foreman-rake db:seed respectively. (#28519)
Does this mean those steps really are not needed manually and it should be as simple as stop the old container and starting the new one ?
yeah something like that, pretty much whats written at https://github.com/theforeman/foreman/blob/develop/developer_docs/containers.asciidoc#updating-to-latest-images
Our current installer uses Puppet under the hood, so while we do have Ansible roles that install Foreman (https://github.com/theforeman/forklift/tree/master/roles), they just wrap the current installer and you’d end up with a Puppet binary on the system. That said, we don’t set up a Puppet agent or any other service – Puppet is only used during installation/upgrade, so you should not see any conflicts with your regular Ansible management.