Skip to main content

11-Foreman와 Ansible

사전정보

  1. Ansible core는 cli기반의 기능만 제공하고 있고, web ui는 제공하지 않음
  2. Redhat에서는 Ansible Tower라는 상용 제품이 있긴 하지만, 가격이 매우 비쌈
  3. Opensource기반에서는 AWX를 사용하면 되는데,  AWX는 컨테이너 기반의 솔루션이라 컨테이너의 환경을 도입하기 어려운 곳에서 Foreman을 사용해서 ansible을 연동

설치구성

  1. foreman 설치를 위한 리포지터리 구성
    $ yum -y install https://yum.puppet.com/puppet6-release-el-7.noarch.rpm
$ yum-config-manager --enable extras
$ yum -y install epel-release centos-release-scl-rh
$ curl https://yum.theforeman.org/releases/2.5/el7/x86_64/foreman-release.rpm -O
$ yum install ./foreman-release.rpm
  2. foreman 패키지 설치
    $ yum install foreman foreman-installer -y
$ foreman-installer
2021-06-24 10:53:34 [NOTICE] [root] Loading installer configuration. This will ta
2021-06-24 10:53:38 [NOTICE] [root] Running installer with log based terminal out
2021-06-24 10:53:38 [NOTICE] [root] Use -l to set the terminal output log level t, or DEBUG. See --full-help for definitions.
2021-06-24 10:53:41 [NOTICE] [configure] Starting system configuration.
2021-06-24 10:54:52 [NOTICE] [configure] 250 configuration steps out of 1334 steps complete.
2021-06-24 10:55:23 [NOTICE] [configure] 500 configuration steps out of 1336 steps complete.
2021-06-24 10:55:35 [NOTICE] [configure] 750 configuration steps out of 1347 steps complete.
2021-06-24 10:59:24 [NOTICE] [configure] 1000 configuration steps out of 1357 steps complete.
2021-06-24 11:01:15 [NOTICE] [configure] 1250 configuration steps out of 1357 steps complete.
2021-06-24 11:01:24 [NOTICE] [configure] System configuration has finished.
Executing: foreman-rake upgrade:run
`/usr/share/foreman` is not writable.
Bundler will use `/tmp/bundler20210624-32690-b2erjo32690' as your home directory temporarily.
  Success!
  * Foreman is running at https://1.2.3.4
      Initial credentials are admin / 1234
  * Foreman Proxy is running at https://1234:8443
 
  The full log is at /var/log/foreman-installer/foreman.log
  3. webui 로그인 - https://1.2.3.4 (계정명은 상단 credentials 정보 확인)

    image.png


Foreman과 ansible연동

  1. foreman이 설치된곳에 ansible 설치 - 3- ansible 설치하기
  2. ansible에 foreman 연동
    $ vi /etc/ansible/ansible.cfg
[defaults]
...
callback_whitelist = foreman
...
[callback_foreman]
url = https://skb-djk-master-1.cluster.local
ssl_cert = /etc/puppetlabs/puppet/ssl/certs/skb-djk-master-1.cluster.local.pem
ssl_key = /etc/puppetlabs/puppet/ssl/private_keys/skb-djk-master-1.cluster.local.pem
verify_certs = /etc/puppetlabs/puppet/ssl/certs/ca.pem
  3. foreman에 ansible 연동
    $ foreman-installer --enable-foreman-plugin-ansible --enable-foreman-proxy-plugin-ansible
$ foreman-installer --enable-foreman-plugin-remote-execution --enable-foreman-proxy-plugin-remote-execution-ssh

 

Back to top