The Foreman is definitively the biggest open source software related to Puppet, and not directly developed by Puppet Labs.
The project was started by Ohad Levy, who now works at Red Hat and leads its development, supported by a great team of internal employees and community members.
The Foreman can work as a Puppet ENC and reporting tool, it presents an alternative to the inventory system, and most of all, it can manage the whole lifecycle of the system, from provisioning, to configuration and dismissal.
Some of its features have been quite ahead of their time.
For example, the foreman()
function made possible what is now done with the puppetdbquery
module.
It allows direct query of all the data gathered by the Foreman: facts, nodes classification, and Puppet run reports.
Let's look at this example, which assigns to the variable $web_servers
the list of hosts that belong to the web
hostgroup that have reported successfully in the last hour:
$web_servers = foreman("hosts", "hostgroup ~ web and status.failed = 0 and last_report < "1 hour ago"")
This was possible before PuppetDB was even conceived.
The Foreman really deserves at least one book by itself, so here we will just summarize its features and explore how it can fit in to a Puppet architecture.
We can decide which of the following components to use:
For some of these features, we may need to install Foreman's Smart Proxies on some infrastructural servers. The proxies are registered on the central Foreman server and provide a way to remotely control relevant services (DHCP, PXE, DNS, Puppet Master, and so on).
The web GUI, based on Rails, is complete and appealing, but it might turn out to be cumbersome when we have to deal with a large number of nodes; for this reason, we can also manage the Foreman via CLI.
The original foreman-cli
command has been around for years but is now deprecated for the new hammer
(https://github.com/theforeman/hammer-cli) with the Foreman plugin, which is very versatile and powerful as it allows to manage, via the command line, most of what we can do on the web interface.