Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Foreman presentation at NYC puppet users
1. Foreman
Puppet NYC User Group
Apr 2012
1 Ohad Levy
2. The Foreman Realm
Provisioning
Configuration Management – Puppet
Inventory and Activity Reporting
One (simple) interface/console/API for your
infrastructure
2 Ohad Levy
3. Typical System Lifecycle
Pre/ Installation Initial Configuration Updates
Drift Management
Audits
3 Ohad Levy
4. Foreman Architecture
DNS
Smart DHCP Smart ISC Smart MS
DNS
Smart Puppet
DNS
Smart
Proxy TFTP
DHCP Proxy
Smart
DHCP
ISC Proxy
Smart MS Proxy
Smart
CA
Pupet
.. DNS
Proxy TFTP
..
Proxy DHCP
Proxy TFTP Proxy CA
Restful API
Segmented Network
HTTP(s)
Puppet
Puppet
Puppet
ENC
ac ts /
s/F
Report
Web Users
Foreman
API
Co
mp
ute Libvirt
RHEV-M
EC2
VMWare
DB LDAP / AD
INTERNAL
4 Ohad Levy
6. Inventory
Automatically collects your Puppet based inventory
(including your custom facts)
Easy to browse and search though your inventory
Facts can be used as a permission filter to your hosts
6 Ohad Levy
7. Node Classifier
Simple UI to associate hosts with puppet classes
Multiple Puppet Environment support
Allows you to group your hosts
Variable inheritance (split the variables from the
manifests)
Update many hosts at once
7 Ohad Levy
8. Reporting
Dashboard for all of your puppet hosts
Detailed Log for what Puppet did
Simple Search though the logs (show me all
hosts/reports with yum related activities)
Audit Log
Summary Emails
Alerting (API, Email etc)
8 Ohad Levy
9. More Puppet integrations
PuppetCA management
Trigger Puppet runs
Puppetdoc integration
Can work with your existing storeconfigs
Support multiple Puppetmasters and CA
9 Ohad Levy
10. Restful API
All UI actions can be used via API
Powerful search API
Can by used within Puppet as an alternative to
storeconfigs
Foreman CLI
RemoteAdmin
10 Ohad Levy
11. User Management
Internal and External (LDAP/AD) user authentication
RBAC (Role Based Access Control)
Per host group, domain, fact etc
Dynamic groups (AD like)
Can be used to CRUD and restrict to "your" set of hosts
– self service
11 Ohad Levy
12. Foreman Installer
Automate installation of
Foreman
Foreman Proxy
Puppet master
Apache
Passenger
Git
...
http://github.com/theforeman/foreman-installer
12 Ohad Levy
13. About the project
Almost 3 years old
50+ Contributors
Largest installation =~ 5000 active hosts
Homepage – http://theforeman.org
Overall Projects http://github.com/theforeman
13 Ohad Levy
14. Some of Foreman users
CERN, Switzerland
Citrix Online
DHL
Norton Data Services, Symantec
BBC
Belgian National Pensions Office
Rocky Mountain College
Georgia Institute of Technology College of Computing
Yakaz
iBahn
14 Ohad Levy
15. Community
Friendly
Irc - #theforeman on freenode
Usergroup -
http://groups.google.com/group/foreman-users (&dev)
15 Ohad Levy
17. Now is a good time to ask more
questions
17 Ohad Levy
18. Things I should have mentioned during the talk :)
Console Dual mode
enc/provisioning/reporting
Fog
Installation
Orchestration layer
Under the hood
Provisioning templates
Code overview
Search
Plugable db
Smartvars
18 Ohad Levy
20. A possible Open Source Stack
Foreman is aimed to be a Single Address For All
Machines Life Cycle Management.
Puppet, an automated administrative engine for your
*nix systems, performs administrative tasks (such as
adding users, installing packages, and updating server
configurations) based on a centralized specification.
Fog provides an accessible entry point and facilitates
cross service compatibility for the Cloud.
rbovirt – Ruby API binding
oVirt a virtual datacenter management platform
20 Ohad Levy
21. noVNC
VNC client using HTML5 (WebSockets, Canvas) with
encryption (wss://) support.
Requires web socket enabled vnc server, or a proxy for
each vnc connection.
QEMU does not include support for WS.
21 Ohad Levy