How to register ubuntu hosts to foreman without subscription and puppet

Hello Folks,

Foreman version – 2.1.0

I have enabled ansible callback plugin in foreman server and registering hosts by running playbook on target hosts, playbook copies foreman SSH Key to target machines which can be used for remote execution.

Its been good so far, but now i have to register more than 30K hosts from different locations. Looking for a script to run it on target hosts to register into foreman instead of running from foreman server like subscription-manager. For Centos, In foreman + katello server we have subscription manager when we register to foreman repo using subscription-manager, hosts will be added to foreman GUI automatically. But here i am not running Katello in foreman server, how can i register ubuntu hosts to foreman without puppet and subscription manager as i require only remote execution via ssh? Could anyone share solution or share suggestions to onboard ubuntu hosts to foreman?

Also i am having target hosts in different locations, by default hosts are adding into “Default Organisation” and “Default Location” in foreman. How can i route target hosts to particular location and organisation instead of default one’s? So it could be helpful for me to avoid manual assignment of hosts to particular locations in foreman GUI.

Thanks in Advance!!!

You say, you have enabled the ansible callback plugin. There is a setting to create new hosts when facts are uploaded. Misleadingly it is found in the tab Puppet under Administer -> Settings, but it is valid for any facts’ origin.

So, each time you run an ansible playbook from your foreman the host will be registered if the callback plugin is configured correctly.

For the second part: you can do this kind of manually using API calls or maybe using the foreman ansible modules. The latter version would work with the original playbook, you could use your inventory to specify target organizations and locations and add tasks with delegate_to: localhost to update the host settings.

If there are applicable search patterns you can do the attribution to organizations and locations through the host overview as bulk actions. Manually.

1 Like

sounds like you could use Host Registration feature,
you can find it at Hosts > Register host.
It use provisioning templates so you can easily edit the process of the registration as you want.


1 Like

I apologize, I missed the version of your Foreman (2.1), so the Host Registration feature is not available for you, it have been released in 2.3 version [0]

My suggestion then would be to create OS, Organization & Locations manually in Foreman UI and then create hosts via simple API call, for example:

curl --user login:password -X POST \
     -H 'Content-Type: application/json' \
     -d '{"host": { "name": "'$(hostname --fqdn)'", "build": "false", "managed": "false", "organization_id": "0", "location_id": "0", "operatingsystem_id": "0"}}'

[0] Foreman :: Manual

1 Like

Or upgrade to the newer version if possible, the upcoming 2.5 has a great additions to the registration functionality. 2.1 is quite old, we typically support last two stable releases. So 2.3+ when 2.5 is out (we have rc2 atm)

@knoppi – Thanks for your time.

Ansible callback plugin is absolutely working for me, i can able to register hosts. but i am looking for a method to register a host by itself to foreman instead running playbook on foreman server. If it is a script i probably give to my site engineers working in different locations to run it on end machines to register them to foreman as i don’t want them to access foreman server for registering hosts.

@lstejskal – Thanks for your revert.

Hope this api call could help me to register the hosts, can i run this curl command on target hosts right? how can i upload the system facts into foreman?

@Marek_Hulan – Thanks, we will try to figure out solution, if not will upgrade to newer version.

Yes, as long as the target host has connectivity to Foreman. The curl hits the Foreman API saying “please create a host xyz”. It does not upload any additional information (e.g. facts)

Foreman only receives facts from machines it trusts, typically Smart Proxies with one of cfgmgmt features (Puppet, Ansible, Chef, Salt). There’s no good way to upload facts directy from “target hosts” AFAIK. I think @lzap was thinking about this at some point but I don’t think there’s a solution for this yet. The problem is, if we allowed to do this from arbitrary host, anyone could override someone’s host facts.

Perhaps if you target hosts run subscription-manager and are registered in your Foreman with Katello, you could at least receive those facts directly from hosts.

@Marek_Hulan – Thanks for the reply.

After registering host via api, if i run ansible-playbook on host from GUI on target hosts, will it upload facts to the foreman server where i have enabled ansible_callback plugin too? If it gets uploaded facts then it will update IP,Architecture,OS etc details of hosts automatically.

One more thing, is it possible to use organisation_name and location_name instead of id’s in api call? if yes please share me full curl api command.

Thanks in Advance!!!

If you enable the foreman callback in ansible.cfg, you’ll get facts uploaded. However your Foreman must trust the host where you run the Ansible on to update facts for hosts. And that means, there needs to be a foreman-proxy with Ansible feature on that very same host.

For the org and loc names, sadly not, API only accepts id. I think it worked at some point magically, but if it works, it is not intentional and can stop working at any point. Our Hammer CLI supports that, but it first finds the org by the name first and then uses it’s id.

@Marek_Hulan – Thanks a lot for clarification.

Apologize for asking too many questions.

I think by default api’s are enabled in foreman, if not enabled how to enable api’s?
suppose if we want to disable api’s, how could we do it and where to disable it?

Thanks in advance !!!

You’re right, the API is always enabled. There’s no way to disable the API, however nearly all endpoints require user credentials and such user needs to have relevant permissions.

EDIT: some endpoints also accept SSL certificate, which is what Foreman Proxy uses and you Ansible host callback would likely use.

@Marek_Hulan – Thanks for the information.

I would like to move /api url to /api_prod as i don’t want to expose to the people who are using foreman GUI. So i tried to move api folder in /usr/share/foreman/app/views/api folder to /usr/share/foreman/app/views/api_prod but it didn’t works. Could you please guide me on how to change the /api to /api_prod?

Thanks in advance!!!

Well, that could break a lot of things I’m afraid. Some UI pages are using the API endpoints too. Hammer also I believe hardcodes /api in the URL. If you’re really like to do something like this, you’d probably need to change ~foreman/config/routes.rb but I’d rather discourage from that. Perhaps it would be easier to put some additional apache config file filtering /api based on IP or something. But again, it may have impact on some UI pages.