Foreman
@ohadlevy
ohadlevy@gmail.com
Foreman's Realm
A typical system life cycle
Installation
Initial 
configuration
Updates and drift 
management
Foreman is
A complete life cycle management tool
 for physical and virtual servers
Provisioning
Configuration
Monitoring
Provisioning
Provision on bare metal
private or public cloud
all from one interface
with one process
Configuration
A complete configuration management 
solution including 
Puppet ENC with built-in 
support for parameterized classes
and hierarchical parameter store 
Monitoring
Inventory and activity 
based on Puppet or Chef 
reports and facts
Including configuration status
distribution and trends
Foreman architecture
Configuration
 management
Smart-Proxy
Compute
Environments
UI , API and CLI
Smart Proxies
Smart proxy help Foreman orchestrate
the process of commissioning a new host.
It is located on the network segment of the
server that perform the specific  function.  
Smart Proxies can control
DNS, DHCP, TFTP, Puppet CA and BMC
Config Management
Reports, facts, classes and environments are 
imported from the Puppet Master / Chef Server.
Foreman serves as a node classifier and
parameter store for the puppet master.
Foreman can manage multiple Puppet masters
and Puppet environments.
Compute Resources
Foreman manages bare metal systems
as well as RHEV-M, oVirt, EC2, VMware,
OpenStack,  RackSpace, Google Compute
Engine and libvirt.
Compute Resources
Foreman offers a unified interface to all the major
compute providers 
  • Using Fog to abstract the communication details
  • Compute profiles to abstract hardware flavors
  • Host-groups to describe the OS & puppet config
Host groups
  • Operating System
  • Puppet configuration
  • Compute profile
A host-group is hierarchical system definition.
Foreman can provision systems or images from a
host-group on each of the compute resources.
A host-group contains definition of: 
Image Creation
Foreman can create images from host-groups
on each compute provider.
Automate image creation based on policies:
If package updates takes too long, it's probably
a good time to create an upto-date image.
  • Bare metal, Private or Public clouds
  • PXE or Image based, USB, ISO, iPXE
  • User-data or SSH to run initialization scripts
  • DNS, DHCP and TFTP management via smart proxy
  • Support all major operating systems:
  • PXE based Discovery
RHEL
CentOS
Fedora
Debian
Ubuntu
OpenSUSE
Solaris
FreeBSD
Provisioning
Orchestration
  • DNS, DHCP
  • Certificate signing
  • Virtual machine setup
  • Support Rollbacks!
  • Handle conflicts (IP already in use)
  • Extendable - add your own using hooks

Enterprise ready
User Management:
  • Internal or LDAP/AD/Kerb/SSO authentication
  • Role based access control (RBAC)
  • Audit Logs
Organizations and Locations:
  • Categories users and resources
  • Restrict access to resources

Plugin Infrastructure

  • katello
  • discovery
  • hooks
  • radiator
  • hubot_notify
  • bootdisk
  • memcache
  • resources
  • and many more see upto date list in

List of plugins in the wiki page

Restful API

  • Most of the UI actions are available in the API
  • Automatic Documentation
  • Current stable version is V1. V2 is experimental version.
  • Powerful search API

Hammer CLI

  • A new pluggable CLI tool for Foreman and its plugins (e.g. Katello)
  • Full CRUD, Uses API V2
  • Modeled on git with sub-commands
  • In development, available since Foreman 1.3

Deploying Openstack

  • Customized plugin to help deploying Openstack
  • Uses the upstream stackforge puppet modules

Example Using RDO

Community

  • 4+ years old
  • 260 IRC users on #theforeman
  • 60 IRC developers on #theforeman-dev
  • 145+ code contributers, Thanks!
  • 15+ translators for 6+ languages
  • ~850 users on foreman-users list
  • ~270 developers on foreman-dev list

Some of Foreman's users

  • CERN
  • SpaceX
  • BBC
  • Mozilla
  • Citrix
  • Ericson
  • Symantec
  • DHL

Get Started!

  • Quick-start guide on theforeman.org
  • Quick-start video series
  • foreman-users on googlegroups.com
  • #theforeman on FreeNode

Questions?

THANK YOU

Node Classifier (ENC)

  • Simple UI to associate hosts with recipes
  • Multiple Puppet environment support
  • Allows grouping hosts
  • Parameterized classes with built-in hierarchical data store
  • Update multiple hosts at once