Manage R&D Lab with Foreman

Managing a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with ForemanManaging a R&D Lab with Foreman
What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?
Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto

whoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoami
• Sysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.eu
• FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004
• Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011Foreman user since 2011
• DevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believer
• @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github

The Foreman
Provisioning Conﬁguration

The Foreman
Monitoring

The Foreman
Monitoring
Reporting

Foreman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choiceForeman: A good choice
• OOOOOOOOOOOOOOOOOpen-Source
• LLLLLLLLLLLLLLLLLarge, active community
• RRRRRRRRRRRRRRRRRest API and cli tools

Behind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenesBehind the scenes
Licensed under a Creative Commons Attribution 2.0 License
https://www.ﬂickr.com/photos/reuver/10105949326

Foreman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overviewForeman overview
Licensed under a Creative Commons Attribution-ShareAlike 3.0 License
http://theforeman.org

Technology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stackTechnology stack
• FFFFFFFFFFFFFFFFForeman-web: Ruby-on-Rails
• SSSSSSSSSSSSSSSSSmart Proxies: Ruby
• TTTTTTTTTTTTTTTTTLS everywhere

Supported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologiesSupported technologies
• PPPPPPPPPPPPPPPPPuppet (other CM are WIP)
• lllllllllllllllllibvirt (kvm), VMWare, ec2, openstack, ovirt
• DDDDDDDDDDDDDDDDDHCP, DNS, TFTP, IPMI
• VVVVVVVVVVVVVVVVVNC

PluginsPluginsPluginsPluginsPluginsPluginsPluginsPluginsPluginsPluginsPluginsPluginsPluginsPluginsPluginsPluginsPlugins
• KKKKKKKKKKKKKKKKKatello: Content management
• RRRRRRRRRRRRRRRRRemote Execution
• HHHHHHHHHHHHHHHHHubot
• CCCCCCCCCCCCCCCCCockpit

UsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecasesUsecases
https://www.ﬂickr.com/photos/aydun/14108842993

Puppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporingPuppet reporing
• 22222222222222222011-2013: Puppet reporting
• RRRRRRRRRRRRRRRRReplacement for Puppet Dashboard
• AAAAAAAAAAAAAAAAAlready had a API, hooked into icinga

2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management2013-now: Lab management
• PPPPPPPPPPPPPPPPProvisioning: libvirt/vmware
• CCCCCCCCCCCCCCCCConfig: Puppet Master+ENC
• RRRRRRRRRRRRRRRRReporting

Our ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur ScaleOur Scale
• 22222222222222222 countries
• 44444444444444444 datacenter
• 11111111111111111 Foreman
• 55555555555555555 Foreman Proxies
• 33333333333333333 Puppet env
• 99999999999999999 Compute Resource (hypervisor)
• 1111111111111111150 machines

What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?What can be hard?
https://www.ﬂickr.com/photos/130811041@N04/19114856463

foreman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installer
https://www.ﬂickr.com/photos/gabprr/8325699254

foreman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installerforeman-installer
• FFFFFFFFFFFFFFFFForeman Installer is a package
• UUUUUUUUUUUUUUUUUses Puppet behind the scene
• IIIIIIIIIIIIIIIIInstalls and configure *

How to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The ForemanHow to install The Foreman
• 11111111111111111. yum install foreman-installer
• 22222222222222222. run foreman-installer
• 33333333333333333. done

foreman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scopeforeman-installer scope
• FFFFFFFFFFFFFFFFForeman-web
• FFFFFFFFFFFFFFFFForeman-proxy
• PPPPPPPPPPPPPPPPPuppet master
• DDDDDDDDDDDDDDDDDHCP, DNS, TFTP services
• GGGGGGGGGGGGGGGGGit repositories
• LLLLLLLLLLLLLLLLLink between those

The chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problemThe chicken-and-egg problem

First foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman installFirst foreman install
• CCCCCCCCCCCCCCCCCreates everything needed to puppetize
• gggggggggggggggggit repo, puppetmaster
• bbbbbbbbbbbbbbbbbut not to puppetize itself

State is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforcedState is not enforced
• SSSSSSSSSSSSSSSSSystem is not up to date
• NNNNNNNNNNNNNNNNNo confidence that the state is still correct
• SSSSSSSSSSSSSSSSSolution A: integrate within the puppet tree
• SSSSSSSSSSSSSSSSSolution B: Re-run the foreman-installer

Importing the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your treeImporting the modules in your tree
• SSSSSSSSSSSSSSSSState is enforced
• OOOOOOOOOOOOOOOOOnly thing to care about: updating the
modules
• TTTTTTTTTTTTTTTTThey are linked to the foreman

Building and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuildingBuilding and rebuilding
https://www.ﬂickr.com/photos/artbystevejohnson/6405400351

Building a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a hostBuilding a host
• CCCCCCCCCCCCCCCCCreate/cycle VM
• CCCCCCCCCCCCCCCCCreate/change DNS Config
• CCCCCCCCCCCCCCCCCreate/change DHCP lease
• CCCCCCCCCCCCCCCCCreate/change TFTP files

An expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operationAn expensive operation
• IIIIIIIIIIIIIIIIIf something is wrong, it rollbacks
• SSSSSSSSSSSSSSSSSolution: Foreman 1.10 allows you to force
config rebuild
• HHHHHHHHHHHHHHHHHidden in the UI in the `All hosts' view

DNSDNSDNSDNSDNSDNSDNSDNSDNSDNSDNSDNSDNSDNSDNSDNSDNS
https://www.ﬂickr.com/photos/quinnanya/4464205726

Everything is a
Freaking DNS Problem
Kris Buytaert

Foreman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entriesForeman managing DNS entries
• KKKKKKKKKKKKKKKKKeeps the data consistent
• CCCCCCCCCCCCCCCCCreates only hostnames that exist
• AAAAAAAAAAAAAAAAAlso does the reverse entries

Adding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom recordsAdding custom records
• AAAAAAAAAAAAAAAAAt some point you want CNAME records
• ooooooooooooooooor change NS records

Manipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zonesManipulating zones
• FFFFFFFFFFFFFFFFForeman uses Dynamic Zones
• rrrrrrrrrrrrrrrrrndc freeze
• CCCCCCCCCCCCCCCCChange the zone (incr the serial)
• rrrrrrrrrrrrrrrrrndc thaw

Org-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNSOrg-level reverse DNS
• YYYYYYYYYYYYYYYYYou own DNS servers should forward the
unknown to your org
• WWWWWWWWWWWWWWWWWe could not make it work for PTR records
• NNNNNNNNNNNNNNNNNeed to set empty-zones-enable=no
• PPPPPPPPPPPPPPPPPR theforeman/puppet-dns#47

DMZDMZDMZDMZDMZDMZDMZDMZDMZDMZDMZDMZDMZDMZDMZDMZDMZ
https://www.ﬂickr.com/photos/ﬂintymcginty/9997879333

Managing hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the labManaging hosts outside the lab
• SSSSSSSSSSSSSSSSSecurity purpose
• RRRRRRRRRRRRRRRRRun Demos
• HHHHHHHHHHHHHHHHHandover to other teams

Foreman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutionsForeman-proxies solutions
• DDDDDDDDDDDDDDDDDNS Proxy, DHCP proxy, TFTP…
• KKKKKKKKKKKKKKKKKickstart proxying?
• DDDDDDDDDDDDDDDDDigging into the documentation
• FFFFFFFFFFFFFFFFFeature is there but not really visible
• IIIIIIIIIIIIIIIIImprove docs: PR
theforeman/theforeman.org#547

DocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentation
https://www.ﬂickr.com/photos/ﬂyingblogspot/15361704293

DocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentation
• TTTTTTTTTTTTTTTTThe Foreman documentation is huge
• HHHHHHHHHHHHHHHHHosted on theforeman.org
• IIIIIIIIIIIIIIIIImprove it so the next guy doesn't lose your
time again

A NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC StoryA NoVNC Story
• FFFFFFFFFFFFFFFFForeman embeds NoVNC
• AAAAAAAAAAAAAAAAAllows you to see VNC console in browser
• LLLLLLLLLLLLLLLLLots of problems with certificates

Details mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails mattersDetails matters
• IIIIIIIIIIIIIIIIIn the 1.7 docs: websockets_encrypt: true
• LLLLLLLLLLLLLLLLLet's change it to false
• PPPPPPPPPPPPPPPPProblem: true/false vs on/off
• EEEEEEEEEEEEEEEEExtra work: Updated the docs

Release NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease NotesRelease Notes
• RRRRRRRRRRRRRRRRRelease notes are part of Documentation
• WWWWWWWWWWWWWWWWWhen you change behaviour, think about
others
• LLLLLLLLLLLLLLLLLower update cost

ScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalabilityScalability

Scaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tipsScaling tips
• EEEEEEEEEEEEEEEEEnable organizations/locations
• UUUUUUUUUUUUUUUUUse one foreman for separated entities
• UUUUUUUUUUUUUUUUUse one foreman for separated countries
• UUUUUUUUUUUUUUUUUse foreman proxies where needed

AssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociation
• OOOOOOOOOOOOOOOOOne terrible thing in the Foreman
• AAAAAAAAAAAAAAAAAssigning things to each other

AssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociationAssociation
• OOOOOOOOOOOOOOOOOS -> Location and Org
• CCCCCCCCCCCCCCCCCompute Resource -> Location and Org
• TTTTTTTTTTTTTTTTTemplates -> Location and Org
• OOOOOOOOOOOOOOOOOS -> Installation Media
• IIIIIIIIIIIIIIIIInstallation media -> Location and Org

Scaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute ResourcesScaling Compute Resources
• CCCCCCCCCCCCCCCCCompute Resources = Virtualization or
Cloud Service
• EEEEEEEEEEEEEEEEEasy to create hosts in those CR
• lllllllllllllllllibvirt, ec2, gce, vmware…

Scaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling LibvirtScaling Libvirt
• WWWWWWWWWWWWWWWWWe have 8 libvirt servers
• TTTTTTTTTTTTTTTTTo create a VM, you chose CPU, RAM,
disks…
• AAAAAAAAAAAAAAAAAny change requires deletion and creation

Creating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hostsCreating consistent hosts
• HHHHHHHHHHHHHHHHHostgroups
• EEEEEEEEEEEEEEEEEnvironments
• CCCCCCCCCCCCCCCCCompute profiles?

Libvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute ProfilesLibvirt Compute Profiles
• CCCCCCCCCCCCCCCCCPU
• MMMMMMMMMMMMMMMMMemory
• NNNNNNNNNNNNNNNNNIC
• SSSSSSSSSSSSSSSSStorage
• MMMMMMMMMMMMMMMMMultiple profiles per hypervisor

What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?What's wrong then?
• LLLLLLLLLLLLLLLLLibvirt servers are not a group
• TTTTTTTTTTTTTTTTThey are separated Compute Resources
• AAAAAAAAAAAAAAAAA lot of work (UI and API)

Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?Is it libvirt specific?
• YYYYYYYYYYYYYYYYYes: other providers are `centralized'
• eeeeeeeeeeeeeeeeec2, gce, openstack…

VMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWareVMWare
• SSSSSSSSSSSSSSSSSome part of the lab runs VMWare
• GGGGGGGGGGGGGGGGGreat: Foreman supports VMWare
• (((((((((((((((((on paper)

VMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integrationVMWare integration
• MMMMMMMMMMMMMMMMMost of the settings, Foreman will take user
defaults
• FFFFFFFFFFFFFFFFForeman is not for VMWare Power users
• SSSSSSSSSSSSSSSSSounds like a lack of interest from
community

Logging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging mattersLogging matters
• FFFFFFFFFFFFFFFFForeman requires on Fog
• FFFFFFFFFFFFFFFFFog is a gem for the `clouds'
• FFFFFFFFFFFFFFFFFog for vmware is not as advances as we'd
like

Empowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the DevelopersEmpowering the Developers
https://www.ﬂickr.com/photos/julesdphotographie/8421289746

Distributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the powerDistributing the power
• RRRRRRRRRRRRRRRRRebuilding a host is simple
• OOOOOOOOOOOOOOOOOne clic operation
• FFFFFFFFFFFFFFFFForeman as a VM shop

The DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movement
• DDDDDDDDDDDDDDDDDevOps is a movement born in 2009
• CCCCCCCCCCCCCCCCCollaboration between Developers and
Operations
• NNNNNNNNNNNNNNNNNothing new, just common sense
• DDDDDDDDDDDDDDDDDevOpsDays, a serie of conferences all
around the world

#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS#DevOps CAMS
• CCCCCCCCCCCCCCCCCulture
• AAAAAAAAAAAAAAAAAutomation
• MMMMMMMMMMMMMMMMMeasurement
• SSSSSSSSSSSSSSSSSharing
John Willis and Damon Edwards

The C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMSThe C of CAMS
• DDDDDDDDDDDDDDDDDevOps is a Cultural change
• EEEEEEEEEEEEEEEEEveryone is in the team
• OOOOOOOOOOOOOOOOOps and Devs work together
• SSSSSSSSSSSSSSSSShare the responsibilities

Foreman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the pictureForeman in the picture
• FFFFFFFFFFFFFFFFForeman empowers the developers
• WWWWWWWWWWWWWWWWWhile still providing enough security
• OOOOOOOOOOOOOOOOOrganisations in Foreman

Developer ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACLDeveloper ACL
Screenshot

The Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer sideThe Developer side
• OOOOOOOOOOOOOOOOOne-clic rebuild (at will)
• AAAAAAAAAAAAAAAAAccess to build reports
• IIIIIIIIIIIIIIIIIn-browser access to VNC
• FFFFFFFFFFFFFFFFFresh vm in minutes

The Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops sideThe Ops side
• KKKKKKKKKKKKKKKKKeep everything under control
• AAAAAAAAAAAAAAAAAudit logs, reports
• IIIIIIIIIIIIIIIIInventory
• BBBBBBBBBBBBBBBBBring regular updates to VM's/developers

UpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdatesUpdates
https://www.ﬂickr.com/photos/inyucho/7866698878

Foreman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updatesForeman updates
• AAAAAAAAAAAAAAAAAs any software:
• TTTTTTTTTTTTTTTTTake a backup first
• TTTTTTTTTTTTTTTTTry on your dev environment
• FFFFFFFFFFFFFFFFFirst upgrade the main UI
• TTTTTTTTTTTTTTTTThen update the proxies (#12506)

Upgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problemsUpgrade problems
• 11111111111111111.5->1.6: DHCP config file not readable by
foreman proxy
WWWWWWWWWWWWWWWWWe did a DHCP upgrade at the same time
FFFFFFFFFFFFFFFFFile ownership was changed
rrrrrrrrrrrrrrrrre-run the foreman installer fixed it

• 11111111111111111.5->1.6: Puppet reports not coming into the
foreman
FFFFFFFFFFFFFFFFForeman report preprocessor has changed
NNNNNNNNNNNNNNNNNeed to update foreman.rb + config
nnnnnnnnnnnnnnnnnode.rb also needed an update

• 11111111111111111.7->1.8: Big stack trace on opening the UI
yyyyyyyyyyyyyyyyyum erase ruby193-rubygem-foreman_openstack_cluster
ruby193-rubygem-foreman_openstack_cluster-doc

• 11111111111111111.8->1.9: Yaml transformations in Puppet
parameters
FFFFFFFFFFFFFFFFFixed in 1.10, backported to 1.9

Community and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-SourceCommunity and Open-Source
Licensed under a Creative Commons Attribution-2.0 License
https://www.ﬂickr.com/photos/maicosnap/4393929855

Foreman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-SourceForeman is Open-Source
• GGGGGGGGGGGGGGGGGPLv3+
• WWWWWWWWWWWWWWWWWe've got around 20 patches integrated
• TTTTTTTTTTTTTTTTThey rely mostly on open-source tools
• CCCCCCCCCCCCCCCCCI, testing, bugtracker

Story: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global StatusStory: Foreman Global Status
• PPPPPPPPPPPPPPPPPut in build mode, go back home
• RRRRRRRRRRRRRRRRRestart on the next day
• LLLLLLLLLLLLLLLLLooping reboots

Foreman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global statusForeman global status
• FFFFFFFFFFFFFFFFForeman keeps several status for hosts
• PPPPPPPPPPPPPPPPPlugins can register a status
• BBBBBBBBBBBBBBBBBut reporting and provisioning also
• LLLLLLLLLLLLLLLLLet's use that for expired tokens (bug#5883)

SolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutionsSolutions
• WWWWWWWWWWWWWWWWWrite a patch, keep it
• WWWWWWWWWWWWWWWWWrite a plugin
• WWWWWWWWWWWWWWWWWrite and upstream a patch

Advantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreamingAdvantages of upstreaming
• FFFFFFFFFFFFFFFFFeature will be available in next releases
• WWWWWWWWWWWWWWWWWe won't patch in the future
• CCCCCCCCCCCCCCCCCalls in the patch will evolve as well
• PPPPPPPPPPPPPPPPPeer review with the Foreman team
• FFFFFFFFFFFFFFFFForced to write tests, doc, etc…

2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after2 weeks after
• PPPPPPPPPPPPPPPPPatch is accepted for 2 weeks
• AAAAAAAAAAAAAAAAA new bug is opened: performance problem
(bug#14050)
• SSSSSSSSSSSSSSSSSomeone else fixed the bug
• WWWWWWWWWWWWWWWWWe applied the second patch

ConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusion
https://www.ﬂickr.com/photos/trevor-king/12534585293

Where can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improveWhere can the Foreman improve
• PPPPPPPPPPPPPPPPPerformance
• SSSSSSSSSSSSSSSSSome features are missing from API
• DDDDDDDDDDDDDDDDDecoupling from Puppet
• ……………………………………………

Where did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improveWhere did the Foreman improve
• TTTTTTTTTTTTTTTTTests reliability
• TTTTTTTTTTTTTTTTTesting Infra
• CCCCCCCCCCCCCCCCCommunity
• SSSSSSSSSSSSSSSSStability

The ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe ForemanThe Foreman
• SSSSSSSSSSSSSSSSStability, Maturity, Flexibility
• MMMMMMMMMMMMMMMMMade out of bricks: complex but not
complicated
• IIIIIIIIIIIIIIIIIt meets our needs
• IIIIIIIIIIIIIIIIIt is very active
• PPPPPPPPPPPPPPPPPeople are welcoming

ContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContact
julien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eu
@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie
inuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuits
https://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.eu
info@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.eu
+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636

Manage R&D Lab with Foreman

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Manage R&D Lab with Foreman

Similar to Manage R&D Lab with Foreman (20)

More from Julien Pivotto

More from Julien Pivotto (20)

Recently uploaded

Recently uploaded (20)

Manage R&D Lab with Foreman