foreman概述
Foreman是一个集成的数据中心生命周期管理工具,提供了服务开通,配置管理以及报告 功能,和Puppet Dahboard一样,Foreman也是一个Ruby on Rails程序.Foreman和 Dashboard不同的地方是在于,Foreman更多的关注服务开通和管理数据中心的能力,例如和引导工具,PXE启动服务器,DHCP服务器及服务 器开通工具进行集成.
Foreman 机器统一管理平台
- Foreman可以与Puppet集成使用,通常是作为puppet的前端接入.
- Foreman takes care of provisioning until the point puppet is running, allowing Puppet to do what it does best.(太难翻了 -_-!!)
- Foreman能够通过Facter组件显示系统目录信息,并且可以从Puppet主机报表中提供实时信息
- Foreman能够准备你管理新机器的所有工作.它的设计目标是能够自动化的完成所有手工管理的工作,通过Foreman可以重新配置机器.
- Foreman能够管理大规模(当然也包括小规模)的,企业级的的网络,可能有很多域,子网和很多puppet master节点.Foreman也可以实现配置版本的回溯.
- 上述内容引自oschina
- foreman架构
安装配置过程
一,操作系统环境
- Centos6.3_X64
- 主机名的配置
- [root@test puppet]#cat /etc/hosts
- puppet.test.com 192.168.1.89
- [root@test puppet]#hostname
- puppet.test.com
- 注意:此处的主机名必须要设置,且可以解析,至于是用DNS解析,还是hosts解析,可以自己选择
- 由于puppet采用证书验证,所以主机名不要轻易改动,否则会造成一些麻烦,证书存储目录为/var/lib/puppet/ssl/
- 如果你想重新生成证书,可以删除此目录下面的文件,服务端重启puppetmaster进程会重新生成证书,客户端如重新获取
- 证书,删除此目录下文件,会重新从客户端获取。证书不成功会报N多错误,此处不列举了。
- 2.配置yum源 【epel源,puppet官方源】
- rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
- rpm -ivh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-6.noarch.rpm
- 注意:
- 由于epel目前只提供了2.X的源,而此处想采用最新的3.X版本,所以下面指定了安装版本
- 3.安装puppet-server
- yum install puppet-3.1.0-1 puppet-server-3.1.0-1
- 注意:
- 本文只会讲解基本的foreman,不涉及整合passenger,在玩会基本的功能后,再去研究passenger就比较容易了
- 4.安装foreman foreman-proxy
- yum -y install http://yum.theforeman.org/releases/1.1/el6/x86_64/foreman-release-1.1stable-3.el6.noarch.rpm
- yum -y install foreman-installer
- ruby /usr/share/foreman-installer/generate_answers.rb
- [root@test puppet]# ruby /usr/share/foreman-installer/generate_answers.rb
- Welcome to the Foreman Installer!
- ---------------------------------
- This installer will help you set up Foreman and the associated extra
- configuration necessary to get you up and running. There is an interactive shell
- which will ask you questions, but if you just want to get up and running as fast
- as possible, answer 'yes' to the all-in-one install at the beginning
- Ready to start? (y/n)
- y 输入y
- Do you want to use the default all-in-one setup?
- This will configure Foreman, Foreman-Proxy, Puppet (including a puppetmaster),
- several puppet environments, TFTP (for provisioning) and sudo (for puppet
- certificate management) (y/n)
- y 输入y
- Do you want to run Puppet now with these settings? (y/n)
- y 输入y
- [root@test ~]# ls /usr/share/ |grep fore
- foreman-installer
- [root@test ~]# rpm -qa|grep foreman
- foreman-installer-1.1.1-1.noarch
- ==========================================================
- yum install ruby-mysql
- yum -y install foreman foreman-proxy
- ********************************************************************************
- chown foreman.foreman -R /usr/share/foreman
- chown foreman.foreman -R /usr/share/foreman/db/schema.rb
- su - foreman -s /bin/bash -c /usr/share/foreman/extras/dbmigrate
- ********************************************************************************
- vim /usr/share/foreman/config/database.yml
- 原文件为sqllite的配置,此处改为mysql作为数据库存储
- =================================================
- production:
- adapter: mysql
- database: puppet
- username: puppet
- password: puppet
- host: localhost
- socket: "/var/lib/mysql/mysql.sock"
- =================================================
- mysql> create database puppet CHARACTER SET utf8;
- mysql> grant all privileges on puppet.* to puppet@'localhost' identified by 'puppet';
- mysql> flush privileges;
- cd /usr/share/foreman/
- RAILS_ENV=production rake db:migrate
- rake puppet:migrate:populate_hosts RAILS_ENV=production
- chown foreman.foreman /usr/share/foreman/tmp/secret_token
- vim /etc/foreman-proxy/settings.yml
- ==========================================================
- :trusted_hosts:
- - puppet.test.com
- :puppetca: true
- :puppet: true
- :puppet_conf: /etc/puppet/puppet.conf
- ===========================================================
- /etc/init.d/puppetmaster restart
- /etc/init.d/foreman restart
- /etc/init.d/foreman-proxy restart
- http://192.168.1.89:3000/users/login登陆
- 用户admin 密码changeme
- 进入之后配置more-configureation-smart proxies----
- name 名称
- proxy的地址 http://puppet.test.com:8443
- 注意:此处必须要foreman-proxy服务器上面可以解析的地址
- 可以在本机添加hosts
- 导入puppet存在的模板
- RAILS_ENV=production rake puppet:import:puppet_classes
- rake puppet:migrate:populate_hosts RAILS_ENV=production
- 请注意此处的顺序,当时我配置的时候,在网上上参考2.X的方法,结果一直提示proxy功能没有打开
- #vim /etc/puppet/node.rb
- :url => "http://puppet.test.com:3000",
- 【注意:此处也可以采用https】
- 打开报告功能
- 服务器端#cp /usr/share/foreman-installer/foreman/templates/foreman-report.rb.erb /usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb
- 客户端需修改
- agent配置如下
- [agent]
- classfile = $vardir/classes.txt
- localconfig = $vardir/localconfig
- report = true
- pluginsync = true
- masterport = 8140
- environment = production
- certname = puppet.test.com
- server = puppet.test.com
- listen = true
- #vim /usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb
- $foreman_url='http://puppet.test.com:3000'
- chown foreman.foreman -R /usr/share/foreman/
- /etc/init.d/puppetmaster restart
- /etc/init.d/foreman restart
- /etc/init.d/foreman-proxy restart
- 在客户端测试
- #puppet agent --verbose --test
后续的web界面管理和功能使用不再介绍,参考官方文档
- 默认用户 admin
- 默认密码 changeme
界面如下
官方文档为http://theforeman.org/manuals/1.1/index.html
总结一下:
虽然用yum安装,但是会遇到各种问题,官方手册也没有详细的说明,以上细节为本人安装配置过程的简单总结,各位可能会遇到其他问题。
foreman功能并没有想象中的强大,无法代替命令行编辑的功能,很多底层的功能还是要用命令行完成。不过其web界面功能提供了很好的交互式操作,让puppet展示的具体,一目了然。
注意:本文只是一个简单的安装应用概述,更多功能请大家阅读官方原文。
================================================================================
更正一下:由于之前文档的步骤是在安装成功后写的,存在顺序问题
今天重新整理并截图,文档为install_foreman_on_centos6.4_X64.pdf,见附件
本文转自it你好 51CTO博客,原文链接:http://blog.51cto.com/itnihao/1143208,如需转载请自行联系原作者