User Tools

Site Tools


Sidebar

progetti:cloud-areapd:best_practices:add_an_existing_host_to_foreman
ATTENZIONE: Mercoledì 20 Ottobre, dalle 14:00 alle 14:30 sarà effettuato un intervento di manutenzione su wiki.infn.it. Tutte le modifiche effettuate ai contenuti, durante tale intervallo, potrebbero essere annullate alla fine dell'intervento. Si prega pertanto di anticipare o posticipare tali operazioni al di fuori dall'intervallo di manutenzione programmato.
ATTENTION: Wednesday October 20th, from 2:00pm to 2:30pm a maintenance intervention will be carried out on wiki.infn.it. All changes made to the contents, during this interval, could be canceled at the end of the intervention. Therefore, please anticipate or postpone these operations outside the scheduled maintenance interval.

Add an existing host to Foreman

on client node with centos7

In the existing host download this script: foreman_client_centos7.sh

PUPPETMASTER="cld-foreman.cloud.pd.infn.it"

# start with a subscribed RHEL7 box
rpm -Uvh https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-12.noarch.rpm
rpm -Uvh https://yum.puppetlabs.com/el/7/products/x86_64/puppetlabs-release-7-12.noarch.rpm
yum clean all

# install dependent packages
yum install -y augeas puppet git policycoreutils-python

# Set PuppetServer
augtool -s set /files/etc/puppet/puppet.conf/agent/server $PUPPETMASTER

# Set Environment
augtool -s set /files/etc/puppet/puppet.conf/agent/environment production

# Set ca cert
augtool -s set /files/etc/puppet/puppet.conf/agent/ca_server $PUPPETMASTER

# Set cert name
augtool -s set /files/etc/puppet/puppet.conf/agent/certname `hostname -f`

# Puppet Plugins
augtool -s set /files/etc/puppet/puppet.conf/main/pluginsync true

# Allow puppetrun from foreman/puppet master to work
augtool -s set /files/etc/puppet/puppet.conf/main/listen true

# Allow execution of puppetrun button from puppet master 
num=$(awk 'END { print NR }' /etc/puppet/auth.conf)
lunum=`expr $num - 4`
sed -i "$lunum i\ \n#added to allow execution of puppetrun button\npath /run\nauth any\nmethod save\nallow $PUPPETMASTER\n" /etc/puppet/auth.conf
# for older versions of puppet, also need to "touch /etc/puppet/namespace.auth"

# check in to foreman
puppet agent --test
sleep 1
puppet agent --test

systemctl start puppet

systemctl enable puppet

If some warnings or errors (like Exiting; no certificate found …) have been thrown, you can safely ignore them.

Remember to give the executable permission to the script and launch it as root user:

chmod +x foreman_client_centos7.sh
./foreman_client_centos7.sh

on client node with centos6

In the existing host download this script: foreman_client.sh

PUPPETMASTER="cld-foreman.cloud.pd.infn.it"

# start with a subscribed RHEL7 box
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -Uvh https://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-7.noarch.rpm
rpm -Uvh http://mirror3.mirror.garr.it/mirrors/scientific/6x/x86_64/os/Packages/yum-utils-1.1.30-14.el6.noarch.rpm
yum-config-manager --enable rhel-6-server-optional-rpms
yum clean all

# install dependent packages
yum install -y augeas puppet git policycoreutils-python

# Set PuppetServer
augtool -s set /files/etc/puppet/puppet.conf/agent/server $PUPPETMASTER

# Set Environment
augtool -s set /files/etc/puppet/puppet.conf/agent/environment production

# Set ca cert
augtool -s set /files/etc/puppet/puppet.conf/agent/ca_server $PUPPETMASTER

# Set cert name
augtool -s set /files/etc/puppet/puppet.conf/agent/certname `hostname -f`

# Puppet Plugins
augtool -s set /files/etc/puppet/puppet.conf/main/pluginsync true

# Allow puppetrun from foreman/puppet master to work
augtool -s set /files/etc/puppet/puppet.conf/main/listen true

# Allow execution of puppetrun button from puppet master 
num=$(awk 'END { print NR }' /etc/puppet/auth.conf)
lunum=`expr $num - 4`
sed -i "$lunum i\ \n#added to allow execution of puppetrun button\npath /run\nauth any\nmethod save\nallow $PUPPETMASTER\n" /etc/puppet/auth.conf
# for older versions of puppet, also need to "touch /etc/puppet/namespace.auth"

# check in to foreman
puppet agent --test
sleep 1
puppet agent --test

/etc/init.d/puppet start

chkconfig puppet on

If some warnings or errors (like Exiting; no certificate found …) have been thrown,you can safely ignore them.

Remember to give the executable permission to the script and launch it as root user:

chmod +x foreman_client.sh
./foreman_client.sh

on puppet server node

On the puppet master server you have to run these commands:

/opt/puppetlabs/bin/puppetserver ca sign --all
systemctl restart puppetserver
systemctl restart foreman-proxy

on foreman node

On the foreman node you have to run these commands (changing <hostname_with domain> with the name of the new host imported i.e. ceph-rgw-02.cloud.pd.infn.it):

/usr/bin/hammer host update --name <hostname_with domain> --hostgroup hosts_all --location "Default Location" --organization "Default Organization"

systemctl restart httpd

In our infrastructure the foreman and the puppet server node is the same host: cld-foreman.cloud.pd.infn.it

The new host should appear in the Host tab of the web application.

progetti/cloud-areapd/best_practices/add_an_existing_host_to_foreman.txt · Last modified: 2020/01/15 09:09 by sgaravat@infn.it