Foreman 구성 III
페이지 정보
작성자 꿈꾸는여행자 작성일 25-08-27 17:03 조회 768 댓글 0본문
안녕하세요.
꿈꾸는여행자입니다.
계속해서 Foreman 구성 내용에 대해서 진행하고자 합니다.
> 다음
1. Foreman 구성
- Quickstart guide for Foreman with Katello on Enterprise Linux
목차
III. Foreman - Katello
1. Quickstart guide for Foreman with Katello on Enterprise Linux
1.1. Supported operating systems
1.2. Configuring repositories
1.3. Installing Foreman server packages
1.4. Running the Foreman installer
1.5. Set Env
1.5.1. Enabling connections from a client to Foreman server
1.6. Login
상세 내역은 아래와 같습니다.
감사합니다.
> 아래
1. Quickstart guide for Foreman with Katello on Enterprise Linux
The Foreman installer is a collection of Puppet modules that installs everything required for a full working Foreman setup. It uses native operating system packaging (.rpm or .deb packages) and adds necessary configuration for the complete installation.
Components include the Foreman web UI, Smart Proxy, a Puppet server, TFTP, DNS and DHCP servers. It is configurable and the Puppet modules can be read or run in "no-op" mode to see what changes it will make.
1.1. Supported operating systems
The following operating systems are supported by the installer, have packages, and are tested for deploying Foreman:
Table 1. Operating systems supported by foreman-installer
Operating System
Architecture
Notes
Enterprise Linux 9
x86_64 only
EPEL is not supported.
Foreman community advises against using an existing system because the Foreman installer will affect the configuration of several components.
The installation requires 20 GB of memory. For more information, see System Requirements.
The Foreman installer uses Puppet to install Foreman. This guide assumes that you have a newly installed operating system, on which the installer will setup Foreman, a Puppet server, and the Smart Proxy by default.
1.2. Configuring repositories
Procedure
1. Clear any metadata:
* dnf clean all
[root@localhost ~]# dnf clean all
25 파일이 삭제되었습니다
[root@localhost ~]#
* 2. Install the foreman-release.rpm package:
* dnf -y install https://yum.theforeman.org/releases/3.14/el9/x86_64/foreman-release.rpm
[root@localhost ~]# dnf install https://yum.theforeman.org/releases/3.14/el9/x86_64/foreman-release.rpm
Rocky Linux 9 - BaseOS 2.4 MB/s | 2.3 MB 00:00
Rocky Linux 9 - AppStream 7.1 MB/s | 8.6 MB 00:01
Rocky Linux 9 - Extras 16 kB/s | 16 kB 00:01
foreman-release.rpm 50 kB/s | 10 kB 00:00
종속성이 해결되었습니다.
==========================================================================================================
꾸러미 구조 버전 저장소 크기
==========================================================================================================
설치 중:
foreman-release noarch 3.14.0-1.el9 @commandline 10 k
연결 요약
==========================================================================================================
설치 1 꾸러미
전체 크기: 10 k
설치된 크기 : 2.4 k
진행할까요? [y/N]: y
꾸러미 내려받기 중:
연결 확인 실행 중
연결 확인에 성공했습니다.
연결 시험 실행 중
연결 시험에 성공했습니다.
연결 실행 중
준비 중 : 1/1
설치 중 : foreman-release-3.14.0-1.el9.noarch 1/1
확인 중 : foreman-release-3.14.0-1.el9.noarch 1/1
설치되었습니다:
foreman-release-3.14.0-1.el9.noarch
완료되었습니다!
[root@localhost ~]#
* 3. Install the katello-repos-latest.rpm package:
* dnf -y install \
https://yum.theforeman.org/katello/4.16/katello/el9/x86_64/katello-repos-latest.rpm
[root@localhost ~]# dnf install \
https://yum.theforeman.org/katello/4.16/katello/el9/x86_64/katello-repos-latest.rpm
Foreman 3.14 2.4 MB/s | 1.5 MB 00:00
Foreman plugins 3.14 3.3 MB/s | 1.9 MB 00:00
katello-repos-latest.rpm 27 kB/s | 11 kB 00:00
종속성이 해결되었습니다.
==========================================================================================================
꾸러미 구조 버전 저장소 크기
==========================================================================================================
설치 중:
katello-repos noarch 4.16.0-1.el9 @commandline 11 k
연결 요약
==========================================================================================================
설치 1 꾸러미
전체 크기: 11 k
설치된 크기 : 3.0 k
진행할까요? [y/N]: y
꾸러미 내려받기 중:
연결 확인 실행 중
연결 확인에 성공했습니다.
연결 시험 실행 중
연결 시험에 성공했습니다.
연결 실행 중
준비 중 : 1/1
설치 중 : katello-repos-4.16.0-1.el9.noarch 1/1
확인 중 : katello-repos-4.16.0-1.el9.noarch 1/1
설치되었습니다:
katello-repos-4.16.0-1.el9.noarch
완료되었습니다!
[root@localhost ~]#
* 4. Install the puppet-release package.
* For Puppet 8:
1. Puppet 8 설치시 잘 동작하지 않음
dnf install https://yum.puppet.com/puppet8-release-el-9.noarch.rpm
dnf remove https://yum.puppet.com/puppet8-release-el-9.noarch.rpm
2. * For Puppet 7:
1. dnf -y install https://yum.puppet.com/puppet7-release-el-9.noarch.rpm
dnf install https://yum.puppet.com/puppet7-release-el-9.noarch.rpm --allowerasing
[root@localhost ~]# dnf install https://yum.puppet.com/puppet7-release-el-9.noarch.rpm --allowerasing
마지막 메타자료 만료확인(0:09:44 이전): 2025년 03월 27일 (목) 오후 03시 31분 40초.
puppet7-release-el-9.noarch.rpm 51 kB/s | 7.9 kB 00:00
종속성이 해결되었습니다.
==========================================================================================================
꾸러미 구조 버전 저장소 크기
==========================================================================================================
설치 중:
puppet7-release noarch 7.0.0-20.el9 @commandline 7.9 k
종속 꾸러미지 제거:
puppet8-release noarch 1.0.0-9.el9 @@commandline 1.9 k
연결 요약
==========================================================================================================
설치 1 꾸러미
삭제 1 꾸러미
전체 크기: 7.9 k
진행할까요? [y/N]: y
꾸러미 내려받기 중:
연결 확인 실행 중
연결 확인에 성공했습니다.
연결 시험 실행 중
연결 시험에 성공했습니다.
연결 실행 중
준비 중 : 1/1
설치 중 : puppet7-release-7.0.0-20.el9.noarch 1/2
삭제 중 : puppet8-release-1.0.0-9.el9.noarch 2/2
확인 중 : puppet7-release-7.0.0-20.el9.noarch 1/2
확인 중 : puppet8-release-1.0.0-9.el9.noarch 2/2
설치되었습니다:
puppet7-release-7.0.0-20.el9.noarch
제거되었습니다:
puppet8-release-1.0.0-9.el9.noarch
완료되었습니다!
[root@localhost ~]#
2.
Verification
* Verify that the required repositories are enabled:
* dnf repolist enabled
[root@localhost ~]# dnf repolist enabled
저장소 ID 저장소 이름
appstream Rocky Linux 9 - AppStream
baseos Rocky Linux 9 - BaseOS
candlepin Candlepin: an open source entitlement management system.
extras Rocky Linux 9 - Extras
foreman Foreman 3.14
foreman-plugins Foreman plugins 3.14
katello Katello 4.16
pulpcore pulpcore: Fetch, Upload, Organize, and Distribute Software Packages.
puppet7 Puppet 7 Repository el 9 - x86_64
[root@localhost ~]#
*
1.3. Installing Foreman server packages
Procedure
1. Update all packages:
1. dnf upgrade
2. 2. Install foreman-installer-katello:
1. dnf remove foreman-installer-katello
dnf -y install foreman-installer-katello
[root@localhost ~]# dnf install foreman-installer-katello
Puppet 7 Repository el 9 - x86_64 3.0 MB/s | 6.9 MB 00:02
마지막 메타자료 만료확인(0:00:02 이전): 2025년 03월 27일 (목) 오후 03시 42분 38초.
종속성이 해결되었습니다.
==========================================================================================================
꾸러미 구조 버전 저장소 크기
==========================================================================================================
설치 중:
foreman-installer-katello noarch 1:3.14.0-1.el9 foreman 85 k
연결 요약
==========================================================================================================
설치 50 꾸러미
전체 내려받기 크기: 35 M
설치된 크기 : 151 M
진행할까요? [y/N]: y
꾸러미 내려받기 중:
…
GPG키 0xFFA6EFE5 가져오는 중:
사용자 ID : "Foreman Automatic Signing Key (3.14) <packages@theforeman.org>"
지문: D4E7 7410 AC53 3C02 43BB 0C03 DDED 2703 FFA6 EFE5
출처 : /etc/pki/rpm-gpg/RPM-GPG-KEY-foreman
진행할까요? [y/N]: y
키 가져오기에 성공했습니다
Puppet 7 Repository el 9 - x86_64 1.6 MB/s | 1.7 kB 00:00
GPG키 0x9E61EF26 가져오는 중:
사용자 ID : "Puppet, Inc. Release Key (Puppet, Inc. Release Key) <release@puppet.com>"
지문: D681 1ED3 ADEE B844 1AF5 AA8F 4528 B6CD 9E61 EF26
출처 : /etc/pki/rpm-gpg/RPM-GPG-KEY-2025-04-06-puppet8-release
진행할까요? [y/N]: y
…
완료되었습니다!
[root@localhost ~]#
2. 1.4. Running the Foreman installer
The installation run is non-interactive, but the configuration can be customized by supplying any of the options listed in foreman-installer --help, or by running foreman-installer -i for interactive mode. More examples are described in the Installation Options section. The -v option disables the progress bar and displays all changes.
Procedure
* Run the following command:
* 설치 작업후 admin 계정 Password를 확인
foreman-installer --scenario katello
[root@localhost ~]# foreman-installer --scenario katello
2025-03-31 13:11:38 [NOTICE] [root] Loading installer configuration. This will take some time.
2025-03-31 13:11:43 [NOTICE] [root] Running installer with log based terminal output at level NOTICE.
2025-03-31 13:11:43 [NOTICE] [root] Use -l to set the terminal output log level to ERROR, WARN, NOTICE, INFO, or DEBUG. See --full-help for definitions.
2025-03-31 13:11:44 [NOTICE] [checks] System checks passed
2025-03-31 13:11:48 [NOTICE] [configure] Starting system configuration.
2025-03-31 13:14:42 [NOTICE] [configure] 250 configuration steps out of 1332 steps complete.
2025-03-31 13:15:25 [NOTICE] [configure] 500 configuration steps out of 1334 steps complete.
2025-03-31 13:16:05 [NOTICE] [configure] 750 configuration steps out of 1339 steps complete.
2025-03-31 13:16:09 [NOTICE] [configure] 1000 configuration steps out of 1362 steps complete.
2025-03-31 13:19:01 [NOTICE] [configure] 1250 configuration steps out of 1362 steps complete.
2025-03-31 13:20:06 [NOTICE] [configure] System configuration has finished.
Executing: foreman-rake upgrade:run
=============================================
Upgrade Step 1/11: katello:correct_repositories. This may take a long while.
=============================================
Upgrade Step 2/11: katello:clean_backend_objects. This may take a long while.
0 orphaned consumer id(s) found in candlepin.
Candlepin orphaned consumers: []
=============================================
Upgrade Step 3/11: katello:upgrades:4.0:remove_ostree_puppet_content. =============================================
Upgrade Step 4/11: katello:upgrades:4.1:sync_noarch_content. =============================================
Upgrade Step 5/11: katello:upgrades:4.1:fix_invalid_pools. I, [2025-03-31T13:20:15.785188 #11845] INFO -- : Corrected 0 invalid pools
I, [2025-03-31T13:20:15.785227 #11845] INFO -- : Removed 0 orphaned pools
=============================================
Upgrade Step 6/11: katello:upgrades:4.1:reupdate_content_import_export_perms. =============================================
Upgrade Step 7/11: katello:upgrades:4.2:remove_checksum_values. =============================================
Upgrade Step 8/11: katello:upgrades:4.4:publish_import_cvvs. =============================================
Upgrade Step 9/11: katello:upgrades:4.8:fix_incorrect_providers. Fixing incorrect providers
Fixed 0 incorrect providers
Cleaning Candlepin orphaned custom products for organization Default Organization
Deleted 0 Candlepin orphaned custom products for organization Default Organization
=============================================
Upgrade Step 10/11: katello:upgrades:4.8:regenerate_imported_repository_metadata. No repositories found for regeneration.
=============================================
Upgrade Step 11/11: katello:upgrades:4.12:update_content_access_modes. Checking Candlepin status
Setting content access modes
----------------------------------------
Set content access mode for 0 organizations
----------------------------------------
Success!
* Foreman is running at https://foreman.katello.lds.local
Initial credentials are admin / 6J83hpJNep7zaAyK
* To install an additional Foreman proxy on separate machine continue by running:
foreman-proxy-certs-generate --foreman-proxy-fqdn "$FOREMAN_PROXY" --certs-tar "/root/$FOREMAN_PROXY-certs.tar.gz"
* Foreman Proxy is running at https://foreman.katello.lds.local:9090
The full log is at /var/log/foreman-installer/katello.log
[root@localhost ~]#
*
The script displays its progress and writes logs to /var/log/foreman-installer/katello.log.
1.5. Set Env
1.5.1. Enabling connections from a client to Foreman server
Smart Proxies and Content Hosts that are clients of a Foreman server’s internal Smart Proxy require access through Foreman’s host-based firewall and any network-based firewalls.
Use this procedure to configure the host-based firewall on the system that Foreman is installed on, to enable incoming connections from Clients, and to make the configuration persistent across system reboots. For more information on the ports used, see Port and firewall requirements in Installing Foreman Server with Katello 4.16 plugin on Enterprise Linux.
If you do not use firewall-cmd to configure the Linux firewall, implement using the command of your choice.
Procedure
* Open the ports for clients on Foreman server:
firewall-cmd \
--add-port="8000/tcp" \
--add-port="9090/tcp"
[root@foreman ~]# firewall-cmd \
--add-port="8000/tcp" \
--add-port="9090/tcp"
success
[root@foreman ~]
* Allow access to services on Foreman server:
firewall-cmd \
--add-service=dns \
--add-service=dhcp \
--add-service=tftp \
--add-service=http \
--add-service=https \
--add-service=puppetmaster
[root@foreman ~]# firewall-cmd \
--add-service=dns \
--add-service=dhcp \
--add-service=tftp \
--add-service=http \
--add-service=https \
--add-service=puppetmaster
success
[root@foreman ~]#
* Make the changes persistent:
firewall-cmd --runtime-to-permanent
[root@foreman ~]# firewall-cmd --runtime-to-permanent
success
[root@foreman ~]#
* Verification
* Enter the following command:
firewall-cmd --list-all
[root@foreman ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp1s0
sources:
services: cockpit dhcp dhcpv6-client dns http https puppetmaster ssh tftp
ports: 8000/tcp 9090/tcp
protocols:
forward: yes
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@foreman ~]#
For more information, see Using and configuring firewalld in Red Hat Enterprise Linux 9 Configuring firewalls and packet filters.
1.6. Login
* Connect to URL : https://foreman.katello.lds.local/
* Initial credentials are admin / 6J83hpJNep7zaAyK
댓글목록 0
등록된 댓글이 없습니다.