Configure Foreman
Prev Foreman on Wheezy (not!) Next

Configure Foreman

  1. Act as with /etc/puppet

  2. /etc/foreman/settings.yaml 

    ---
#your default puppet server - can be overridden in the host level
#if none specified, plain "puppet" will be used.
#:puppet_server: puppet
:unattended: true
:puppetconfdir: /etc/puppet/puppet.conf
:login: true
:require_ssl: false

  3. /etc/foreman/database.yml 

    production:
  adapter: postgresql
  database: puppetdb
  username: puppetdb
  password: 6QuI4O9aSyJDFkxpQrJ6sTRiHRsZuKmpMd5CVkNy
  host: localhost
  encoding: unicode

    /etc/default/foreman>: 

    START=yes

  4. /etc/default/foreman-proxy: 

    DAEMON_USER="foreman-proxy:foreman-proxy"
DAEMON_HOME="/usr/share/foreman-proxy"
DAEMON_ARGS=""

    /etc/foreman-proxy/settings.yml: 

    ---
# SSL Setup

:trusted_hosts:
- localhost
- foreman.service.rug.nl

# enable the daemon to run in the background
:daemon: true
:daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid

# port used by the proxy
:port: 8443

# Enable TFTP management
:tftp: false

# Enable DNS management
:dns: false

# Enable DHCP management
:dhcp: false
# The vendor can be either isc or native_ms
:dhcp_vendor: isc

# enable PuppetCA management
:puppetca: false

# enable Puppet management
:puppet: true

# Where our proxy log files are stored
# filename or STDOUT
:log_file: /var/log/foreman-proxy/foreman-proxy.log
# valid options are
# WARN, DEBUG, Error, FATAL, INFO, UNKNOWN
:log_level: INFO

  5. (This here only for reference, it works, but I didn't actually use it this time.) /etc/apache2/sites-available/foreman 

    <VirtualHost *:443>
    ServerName puppet.servers.mydomain.com
 
    RailsAutoDetect On
    RailsEnv production
    DocumentRoot /usr/share/foreman/public
 
    # Use puppet certificates for SSL
    SSLEngine On
    SSLCertificateFile /etc/foreman/ssl/public/cert-11048-puppet.servers.mydomain.com.pem
    SSLCertificateKeyFile /etc/foreman/ssl/private/1353341774-key
    SSLCertificateChainFile /etc/foreman/ssl/public/chain-11048-puppet.servers.mydomain.com-3-AddTrust_External_CA_Root.pem
    SSLCertificateChainFile /etc/foreman/ssl/public/chain-11048-puppet.servers.mydomain.com-2-UTN-USERFirst-Hardware.pem
    SSLCertificateChainFile /etc/foreman/ssl/public/chain-11048-puppet.servers.mydomain.com-1-TERENA_SSL_CA.pem
    #SSLCACertificateFile /var/lib/puppet/ssl/certs/ca.pem
    #SSLVerifyClient optional
    SSLVerifyClient none
    SSLOptions +StdEnvVars
    SSLVerifyDepth 3
</VirtualHost>

    apprentice@puppet:~$ sudo a2ensite foreman
    apprentice@puppet:~$ sudo service apache2 reload

    (Getting the actual certificates is not documented here.)

  6. apprentice@puppet:~$ sudo service foreman start
    apprentice@puppet:~$ sudo service foreman-proxy start

    Foreman fails to start

  7. I tried

    apprentice@puppet:/usr/share/foreman$ sudo RAILS_ENV=production bundle exec rake db:migrate
    /usr/share/foreman/vendor/ruby/1.9.1/gems/activerecord-3.0.17/lib/active_record/connection_adapters/postgresql_adapter.rb:518:in `xec': PG::Error: ERROR:  relation "template_kinds" does not exist (ActiveRecord::StatementInvalid)
    LINE 1: SELECT "template_kinds".* FROM "template_kinds" WHERE (name ...
                                           ^
    : SELECT "template_kinds".* FROM "template_kinds" WHERE (name LIKE 'pxelinux')
            from /usr/share/foreman/vendor/ruby/1.9.1/gems/activerecord-3.0.17/lib/active_record/connection_adapters/postgresql_adapter.rb:518:in lock in execute'

    Then I tried:

    apprentice@puppet:/usr/share/foreman$ sudo RAILS_ENV=production bundle exec rake db:migrate
    rake aborted!
    An error has occurred, this and all later migrations canceled:

    PG::Error: ERROR:  integer out of range
    : INSERT INTO "schema_migrations" ("version") VALUES (20090714132448)
    Tasks: TOP => db:migrate

  8. Use a bigint if an integer doesn't cut it...

    apprentice@puppet:~$ sudo sed -i 's/t.column\ :version,\ :integer,/t.column :version, :bigint,/g' /usr/share/foreman/db/migrate/*_add_audits_table.rb
    apprentice@puppet:~$ sudo -u puppetdb psql puppetdb
    Password: 
    psql (9.1.6)
    Type "help" for help.

    puppetdb=> ALTER TABLE schema_migrations ALTER COLUMN version TYPE bigint;
    ALTER TABLE
    puppetdb=> ALTER TABLE schema_migrations ALTER COLUMN time SET DEFAULT now();
    ALTER TABLE
    puppetdb=> \q
    could not save history to file "/usr/share/puppetdb/.psql_history": Permission denied
    apprentice@puppet:~$ sudo RAILS_ENV=production bundle exec rake db:migrate
    apprentice@puppet:~$ sudo service foreman start
    apprentice@puppet:~$ sudo service foreman stop

  9. The GUI just saye there's an error, so we try the command line for more verbosity:

    apprentice@puppet:/usr/share/foreman$ sudo rake puppet:import:puppet_classes[batch] RAILS_ENV=production
    Evaluating possible changes to your installation
    Problems were detected during the evaluation phase

    undefined method 'importClasses' for #<Class:0x00000007175870>

    Please fix these issues and try again

    [Note]Note

    without the [batch] it breaks even sooner.

    At this point I gave up.