Set up Foreman and manage it with Ansible

Managing Foreman for some time and got bored to configure it each time I set it up from scratch.

This blog post will cover initial foreman install on a CentOS 7 server and then manage it with ansible through the foreman ansible collections.

The repository used in this article is locate here.

Servers recommendations

Minimum Foreman server hardware recommendations to support CentOS 7 & 8.

  • CentOS 7
  • 4 CPUs
  • 8Gb RAM
  • 100 Gb HDD

Minimum ansible server recommendations:

  • CentOS 7
  • 1 CPU
  • 256 Mb RAM
  • 8 Gb HDD

Setting up the Foreman server

Configure the OS

Create a CentOS 7 server with the above hardware setting and make sure to have a working DNS for that server or edit its own /etc/hosts with that hostname. For simplicity I am using foreman.cloudalbania.com -> 192.168.0.180.

$ cat /etc/hosts

192.168.0.180 foreman.cloudalbania.com foreman

Reboot the server and make sure the new hostname is set.

Install Katello & Foreman

Next step is to install the foreman application with katello content management.

This is a pretty straightforward step:

Install repositories

yum -y localinstall https://yum.theforeman.org/releases/1.24/el7/x86_64/foreman-release.rpm
yum -y localinstall https://fedorapeople.org/groups/katello/releases/yum/3.14/katello/el7/x86_64/katello-repos-latest.rpm
yum -y localinstall https://yum.puppet.com/puppet6-release-el-7.noarch.rpm
yum -y localinstall https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum -y install foreman-release-scl

Then update the OS and restart if any kernel or glibc upgrade

yum -y update

Install katello packages to prepare for the installation step later. This might take some time

yum -y install katello

Finally install foreman with katello. change the variables accordingly:

$ foreman-installer -v \
  --scenario katello \ 
  --foreman-initial-organization 'CloudAlbania' \ 
  --foreman-initial-location 'YYZ' \ 
  --foreman-initial-admin-username 'admin' \ 
  --foreman-initial-admin-password 'password123' \
  --foreman-foreman-url 'https://foreman.cloudalbania.com' 

After 10-15 minutes the server should be up and running and reachable from your browser

Install and configure the ansible server

To manage the Foreman server you can already do all the configurations in the GUI. If you need to have a more documented and automated configuration then Ansible is the way.

In this guide I am using a CentOS 7 server.

$ yum -y install epel-release
$ yum -y install ansible git

Make sure the ansible host can connect to the foreman server without a password the sake of this guide. You can implement vaults or sudo users in a production environment for better security

Create your ansible workplace:

$ mkdir -p ~/git/foreman
$ cd ~/git/foreman

Install the foreman.ansible collections:

$ ansible-galaxy collection install theforeman.foreman

Install the ansible dependencies with pip:

$ pip install ipaddress rpm apypie PyYAML

Now your ansible server should be ready to configure the foreman server.

Collections Usage

Full documentation for each individual module can be obtained with the ansible-doc command as follows:

$ ansible-doc theforeman.foreman.foreman_architecture

Your first playbook

In order to start configuring the Foreman server we can start with a Day 1 configuration item which is the Organization name.

NOTE: The Foreman collections do not need to connect to the foreman server itself rather we will use the local connection and then ansible will reach to foreman on port 443 (the API).

The first playbook we can start with is the definition of the Organization itself. Even though we have defined it in the setup command above, it is a good practice to have it defined in a configuration management system for consistency.

The playbook content:

[root@ansible foreman]# cat foreman1.yml
- name: Day 1
hosts: localhost
tasks:
- name: "Create CI Organization"
theforeman.foreman.organization:
username: "admin"
password: "password123"
server_url: "https://foreman.cloudalbania.com"
name: "{{ item }}"
state: present
validate_certs: no
loop:
- "CloudAlbania"
- "Organization 2"

And when run we will see the below:

and in the foreman organizations list we will see:

If we run again the playbook there will be no changes

This will let you start configuring the Foreman server.

In the repository you will find more tasks and steps and also you will find ways to improve it. This is a learning repository and hope you will learn and get much more better at managing Foreman through Ansible

2 Likes

Thank you very much for your contribution @besmirzanaj

1 Like