Very green beginner questions about using foreman stand alone

Problem being I have been tasked with setting up a POC Foreman installation on Debian 10. The purpose of using Foreman is for patch management. We are building virtuals in another product and were hoping to use Foreman only for ugrades.
I have foreman installed on Debian 10, I could use 11 if there was a reason why I should, my company just has not made the jump yet. When I read the documentation not only is it heavily leaning on RedHat and Puppet, there is scant informaton on using Debian or even Debian 10. Right now I would just like to ask the community if this is possible i.e. can I register Debian 10 hosts and use Foreman only as a patch management tool? Does this require a plug in? If so which one? In my current installation I have registered two hosts, they didn’t fill in the data I was expecting. I was expecting Foreman to scrape the OS and IP at least. So that makes me think I am starting out all wrong. When I read available information it is all situated toward using plug-ins, mostly puppet, satellite etc. We use OpenStack for our cloud environment but I am not convinced I need to connect the two, my lead prefers I do not. Reading through the documentation, which is set-up for using Foreman for everything, it is hard to nail down what I actually need. Right now I have a few accounts in the web page tool, my team, that are set-up as Admins. However only my personal account (also Admin) can see the two servers I registered. I was confused because I was under the belief that registered hosts can be seen by any other admin. Please give me some guidance if you can. Any comments appreciated:

Expected outcome would be I have a better understanding of how and if I can use Foreman in our Debian 10 environment for patching services only --and – if not what is the minimum I need to install to make it work (if possible).:

Foreman and Proxy versions Version 3.3.0 © 2009-2022 Paul Kelly and Ohad Levy:

Foreman and Proxy plugin versions no proxy and I am not sure I have any Foreman plugins.:

Distribution and version
ansible-collection-theforeman-foreman/plugins,plugins 3.4.0 all
ansible-collection-theforeman-operations/plugins,plugins 1.0.2-1 all
foreman-assets/buster 3.3.0-1 amd64
foreman-cli/buster,now 3.3.0-1 all [installed]
foreman-console/buster,now 3.3.0-1 all [installed]
foreman-debug/buster,now 3.3.0-1 all [installed]
foreman-dynflow-sidekiq/buster,now 3.3.0-1 all [installed]
foreman-ec2/buster 3.3.0-1 all
foreman-gce/buster 3.3.0-1 all
foreman-installer/buster,now 3.3.0-1 all [installed]
foreman-journald/buster 3.3.0-1 all
foreman-libvirt/buster,now 3.3.0-1 all [installed]
foreman-nulldb/buster 3.3.0-1 all
foreman-openstack/buster,now 3.3.0-1 all [installed]
foreman-ovirt/buster 3.3.0-1 all
foreman-postgresql/buster,now 3.3.0-1 all [installed]
foreman-proxy-journald/buster 3.3.0-1 all
foreman-proxy/buster,now 3.3.0-1 all [installed]
foreman-redis/buster 3.3.0-1 all
foreman-service/buster,now 3.3.0-1 all [installed]
foreman-telemetry/buster 3.3.0-1 all
foreman-vmware/buster 3.3.0-1 all
foreman/buster,now 3.3.0-1 amd64 [installed]
foremancli/oldstable 1.0-3 all
ruby-foreman-ansible/plugins 8.0.1-1 all
ruby-foreman-azure-rm/plugins 2.2.6-3 all
ruby-foreman-bootdisk/plugins 19.0.5-1 all
ruby-foreman-chef/plugins,plugins 0.10.0-3 all
ruby-foreman-column-view/plugins,plugins 0.4.0-2 all
ruby-foreman-datacenter/plugins 2.3.0-3 all
ruby-foreman-deface/plugins 1.9.0-2 all
ruby-foreman-default-hostgroup/plugins 6.0.0-2 all
ruby-foreman-dhcp-browser/plugins 0.0.8-2 all
ruby-foreman-discovery/plugins 21.0.2-1 all
ruby-foreman-expire-hosts/plugins 7.0.4-3 all
ruby-foreman-fog-proxmox/plugins 0.14.0-4 all
ruby-foreman-google/plugins 0.0.1-1 all
ruby-foreman-graphite/plugins 0.0.3-2 all
ruby-foreman-hooks/plugins 0.3.17-2 all
ruby-foreman-host-reports/plugins,plugins 1.0.2-1 all
ruby-foreman-memcache/plugins 0.1.1-2 all
ruby-foreman-monitoring/plugins 2.1.0-4 all
ruby-foreman-omaha/plugins 5.0.1-1 all
ruby-foreman-puppet/plugins,now 4.0.2-1 all [installed]
ruby-foreman-remote-execution/plugins 7.1.1 all
ruby-foreman-rescue/plugins,plugins 3.0.0-1 all
ruby-foreman-salt/plugins 15.1.0-3 all
ruby-foreman-setup/plugins,plugins 8.0.1-1 all
ruby-foreman-statistics/plugins 2.0.1-3 all
ruby-foreman-tasks/plugins 7.0.0-2 all
ruby-foreman-templates/plugins 9.3.0-2 all
ruby-foreman-webhooks/plugins 3.0.3-2 all
ruby-foreman/oldstable 0.82.0-2 all
ruby-hammer-cli-foreman-ansible/buster 0.3.4-1 all
ruby-hammer-cli-foreman-bootdisk/buster 0.3.0-1 all
ruby-hammer-cli-foreman-discovery/buster 1.1.0-1 all
ruby-hammer-cli-foreman-docker/buster 0.0.4-1 all
ruby-hammer-cli-foreman-host-reports/buster 0.1.0-1 all
ruby-hammer-cli-foreman-puppet/buster,now 0.0.6-1 all [installed]
ruby-hammer-cli-foreman-remote-execution/buster 0.2.2-1 all
ruby-hammer-cli-foreman-salt/buster 0.1.0-1 all
ruby-hammer-cli-foreman-ssh/buster 0.0.3 all
ruby-hammer-cli-foreman-tasks/buster 0.0.17-1 all
ruby-hammer-cli-foreman-templates/buster 0.2.0-2 all
ruby-hammer-cli-foreman-webhooks/buster 0.0.2-1 all
ruby-hammer-cli-foreman/buster,now 3.3.0-1 all [installed]
ruby-puppetdb-foreman/plugins 5.0.0-4 all:

Other relevant data:

Hi, welcome!

You’ll need Katello for patch management. Katello must be installed at the same time as Foreman, so I’d recommend starting over and following the Katello installation instructions. And yes, you can register and manage Debian hosts but I’ll leave those details to the Debian experts. :slight_smile:

Thank you Jeremy, I used the foreman-installer to install foreman and I assumed (yup) that Katello was part of the install. I see now that it is not there. Thank you so much, I will go install it. I will scrub my current VM and reload it once I get the package and instructions. --Jen

Is Katello freeware? I am seeing costs associated and cannot tell for sure.

Also I cannot find a site to download Katello, is it provided by Foreman as a plug in? Which seems strange since it is required to load first.

Katello is free and open source!

The Katello installation instructions cover where to get the bits, particularly here:

I read that, but it only refers to RedHat and not Debian. Is there a link to the Debian bits?

Sorry to have been unclear before: Katello can manage Debian hosts, but Katello itself must be installed on RHEL8 or CentOS 8 Stream.

One more question because we are not opposed to running Foreman/Katello on CentOS Stream 8.

  • Will support exist for CentOS Stream 9 when it is released? Or is the 8 the end of the line for Foreman/Katello.

Yes, it will be supported on CentOS Stream 9, but the software must be ready for the newer version of Ruby, NPM, NodeJS, … before packages can be created.

Hi @jmead

If you do not have a license for RHEL 8, you could try installing Foreman and Katello on AlmaLinux 8 or Rocky Linux 8 which are binary compatible, meaning they should behave identical minus support.

To register hosts running Debian, you’ll need a packaged subscription-manager. Have a look at for the repositories and setup instructions. Once you have Foreman and Katello installed, also have a look at Debian in the orcharhino documentation. orcharhino is a downstream product based on Foreman and Katello with official support for managed hosts running Debian, Ubuntu, and more.

To provision/manage/patch hosts on OpenStack, you’ll need the foreman-openstack plugin which is part of the official Foreman repository.

1 Like

Okay, thank you Dirk. Our company does not want to build up a Foreman/Katello configuration, start using it and then lose support on CentOS Stream! This is great news. Just before I was hired they made the move from CentOS to Debian after the big blue bought out RedHat and announced retirement of CentOS. So we are more than glad to use CentOS Stream. This gives me a path forward. I have to say the demos I have watched on Foreman/Katello have convinced me this is what we should use. Plus a wonderful community of admin to work with! LOVE IT. Off to get CentOS Stream 8 and start installing!!!

1 Like

This is what we read that made us believe Katello was not an option. I wonder why it got posted?

Katello and katello-agent are two very different things!

katello-agent is the client you install on the host to run remote package actions. It is indeed deprecated, but not removed yet. It was supposed to be included in the EL9 tools and I think was left out due to an oversight which is now being rectified (cc @ehelms - does this also apply upstream?)

Katello itself is most definitely not deprecated. It will eventually run on EL9.

katello-agent is not currently available for EL9 in the upstream client repositories as it is deprecated and our intention is for users to use REX for all things; SSH, ansible or pull mode.

1 Like