Hey does anyone have any useful resources to register a host for existing Windows systems?
the Linux init_config is exceptional for existing Linux machines. It’s smooth and easy and I’d love to try and emulate this for Windows.
Better to ask if there’s something already out there before rolling up my sleeves and attempting to write a template up.
Any pointers would be appreciated!
~B
I’m not aware of any efforts. The people who’ve been working on this lacked Windows knowledge so while technically it should be straight forward to implement, we really need someone with Windows knowledge to contribute. This would be a great addition for other users and I think @lstejska can provide you pointers on how to get started.
Hi!
Better to ask if there’s something already out there before rolling up my sleeves and attempting to write a template up.
AFAIK nobody is working on windows support, any contributions to registration are more than welcomed!
Any pointers would be appreciated!
I would start with documentation [0] where you can find useful information about how the registration process works.
In quick summary it consists from two steps:
The first part is done with Global Registration template [1], the second part (host config) is done with host_init_config_default template[2].
These templates are shell scripts, so they can’t be used for registration of Windows hosts. So, thinking about the possible solutions, what you will need to do is:
windows for /register endpoint [3]. If param would be true, endpoint would render the Windows global registration templateWindows OS is created in Foreman, automatically assign the Windows version of host_init_config_default template, not the Linux oneThose are just ideas I came up with right now, maybe different approach that would be more suitable.
Feel free to ping me on IRC or DM me, we can meet up & discuss it.
[0] docs.theforeman.org
[1] Global registration template
[2] host_init_config_default
[3] registration_controller.rb
Appreciate the guidance @lstejska !
I’ll start researching the info given and see what I can clobber up for a script. (got enough powershell experience to be dangerous)
My work lab has both Linux and Windows systems. On-boarding both is a key goal of mine. (without reinstallation of every win every system)
I spun up the Windows Init Script.
Not fully done, but it’s looking ok.
Windows based curl (invoke-webexpression) doen’t play really nice with unsigned certs. I had to add a function to disable SSLverification and Re-enable it after.
It’s actually a LOT easier with curl.exe pulled from choco.
I’m wondering if a better way is capable… Registration command being a full Powershell set of instructions? the “curl blahblah | invoke-expression” is so much cleaner and easy to provide though…
Pulled some of the snippit items out for Remote Execution/Katello/etc that’s not used…
Though windows now supports OpenSSH server. that could be implemented in the Remote_Execution Template.
Will wrap up some script stuff up with this and start on Global Registration.
Anyway… If there’s any comments/feedback. I could use it.
Added Global Registration Template for windows as well. still need to fix the last Curl items.
For the registration_controller.rb item. I’m no good for this segment (not a ruby person)
Whatever I can do via Powershell scripting, I’m happy to contribute!
I’m thinking about the API side, what we need to do to make Windows registration possible. We could add new parameter called template_kind or script_type, which would define what templates would get rendered.
For example:
script_type=bash would render default bash templatesscript_type=powershell would render windows templateChange would be small & easy to test and we would be prepared for future when we might add another script type support.
I’ve been neglecting this… But am desiring to get this into fruition.
Powershell’s handling of headers and bearers differ. following the Template+Existing call to other scripts. variables and whatnot is one that I’m still looking at.
Ok, when you’ll have some update about the templates feel free to ping me & I can take care about the API side.
Seeing a few hurdles:
Windows version of wget/curl is pretty bad
The strings to pull differ and really do dislike insecure connections. where linux’s cure uses the easy “–insecure” switch, Windows requires a stop-gap of disabling ssl checks. See my GH line 66 and on for the disable/enable functions for Windows host_init_config default. Granted, if the foreman server has SSL, this isn’t an issue.
next item is the header auth bearer tokens for the site site API’s and how Windows treats them compared to Linux’s curl. Line 26 (which negated to translate in the github and will do later)
Puppet setup template for windows side is also busted it appears. not call to msi. I’ll set a request for that segment in the setup code snippit to call puppet-arch-latest.msi
In addition, I’ve got a windows ansible on-boarding script that harnesses ssh rather than WinRM. will see what I can do with developers to integrate if desired by community. (awaiting a fact but fix that I need to verify and behind on that)