11-Foreman와 Ansible 연동

잘나가는전산쟁이 2022. 10. 18. 01:16


  1. Ansible core는 cli기반의 기능만 제공하고 있고, web ui는 제공하지 않음
  2. Redhat에서는 Ansible Tower라는 상용 제품이 있긴 하지만, 가격이 매우 비쌈
  3. Opensource기반에서는 AWX를 사용하면 되는데,  AWX는 컨테이너 기반의 솔루션이라 컨테이너의 환경을 도입하기 어려운 곳에서 Foreman을 사용해서 ansible을 연동


  1. foreman 설치를 위한 리포지터리 구성
    $ yum -y install https://yum.puppet.com/puppet6-release-el-7.noarch.rpm
    $ yum-config-manager --enable extras
    $ yum -y install epel-release centos-release-scl-rh
    $ curl https://yum.theforeman.org/releases/2.5/el7/x86_64/foreman-release.rpm -O
    $ yum install ./foreman-release.rpm
  2. foreman 패키지 설치
    $ yum install foreman foreman-installer -y
    $ foreman-installer
    2021-06-24 10:53:34 [NOTICE] [root] Loading installer configuration. This will ta
    2021-06-24 10:53:38 [NOTICE] [root] Running installer with log based terminal out
    2021-06-24 10:53:38 [NOTICE] [root] Use -l to set the terminal output log level t, or DEBUG. See --full-help for definitions.
    2021-06-24 10:53:41 [NOTICE] [configure] Starting system configuration.
    2021-06-24 10:54:52 [NOTICE] [configure] 250 configuration steps out of 1334 steps complete.
    2021-06-24 10:55:23 [NOTICE] [configure] 500 configuration steps out of 1336 steps complete.
    2021-06-24 10:55:35 [NOTICE] [configure] 750 configuration steps out of 1347 steps complete.
    2021-06-24 10:59:24 [NOTICE] [configure] 1000 configuration steps out of 1357 steps complete.
    2021-06-24 11:01:15 [NOTICE] [configure] 1250 configuration steps out of 1357 steps complete.
    2021-06-24 11:01:24 [NOTICE] [configure] System configuration has finished.
    Executing: foreman-rake upgrade:run
    `/usr/share/foreman` is not writable.
    Bundler will use `/tmp/bundler20210624-32690-b2erjo32690' as your home directory temporarily.
      * Foreman is running at
          Initial credentials are admin / 1234
      * Foreman Proxy is running at https://1234:8443
      The full log is at /var/log/foreman-installer/foreman.log
  3. webui 로그인 - (계정명은 상단 credentials 정보 확인)

Foreman과 ansible연동

  1. foreman이 설치된곳에 ansible 설치 - 3- ansible 설치하기
  2. ansible에 foreman 연동
    $ vi /etc/ansible/ansible.cfg
    callback_whitelist = foreman
    url = https://skb-djk-master-1.cluster.local
    ssl_cert = /etc/puppetlabs/puppet/ssl/certs/skb-djk-master-1.cluster.local.pem
    ssl_key = /etc/puppetlabs/puppet/ssl/private_keys/skb-djk-master-1.cluster.local.pem
    verify_certs = /etc/puppetlabs/puppet/ssl/certs/ca.pem
  3. foreman에 ansible 연동
    $ foreman-installer --enable-foreman-plugin-ansible --enable-foreman-proxy-plugin-ansible
    $ foreman-installer --enable-foreman-plugin-remote-execution --enable-foreman-proxy-plugin-remote-execution-ssh



