Friday, April 26, 2019

Using Foreman For Bare Metal Provisioning (1/N)

After reviewing current offerings for bare metal provisioning I've decided to take Foreman for a spin. The first thing that needs to happen is to set up an appropriate test bed. Since I don't presently have access to a lump of real hardware we're going to fake it, as usual, using VirtualBox.

Because Foreman does its magic using PXE we'll need to set up a simulated LAN and then provide the DHCP ourselves. I experimented a little bit with Vagrant to see if it could be made to do this, but the use case is far enough from Vagrant's core purpose that its not worth the hassle. Rather, it seems simpler to set it up manually.

The first thing to do is configure a NAT network. VirtualBox's NAT networks behave a lot like your home network, providing a LAN with a gateway that does NAT translation. Normally when you set up one of these it also provides DHCP, but we need to turn that feature off since we're going to be providing it ourselves. Here we go:

VBoxManage natnetwork add --netname natnet1 --network "192.168.15.0/24" --enable --dhcp off
That creates a /24 NAT network named "natnet1". Note that the command doesn't ask you to specify the gateway IP; one gets picked automatically. The list natnetworks command can be used to identify the gateway:
$ VBoxManage list natnetworks
NetworkName:    natnet1
IP:             192.168.15.1
Network:        192.168.15.0/24
IPv6 Enabled:   No
IPv6 Prefix:    fd17:625c:f037:2::/64
DHCP Enabled:   No
Enabled:        Yes
loopback mappings (ipv4)
        127.0.0.1=2
So the gateway for the network is 192.168.15.1.

Next up, let's create an empty VM to be used to house Foreman. I found it easier to do this through the VirtualBox UI than to try to script it. Here are the relevant bits of config:

  • Name: foreman
  • Type: Linux
  • Version: Red Hat (64-bit)
  • 4G RAM (as specified in the Quickstart Guide)
  • Create a thin-provisioned virtual disk
  • Enable network adapter 1 and attach it to Nat Network "natnet1".

Since we're bootstrapping the provisioning system we'll have to do some sort of media-based install. I've chosen to use a CentOS 7 "everything" image, CentOS-7-x86_64-Everything-1810.iso (available via one of the official CentOS mirrors), mostly on the grounds of simplicity, but other install images will work just as well. Attach the ISO to the VM:

$ VBoxManage storageattach foreman --storagectl IDE --port 0 --device 0 --type dvddrive --medium ~/Desktop/CentOS-7-x86_64-Everything-1810.iso
Power up the VM, and perform a minimal install manually. Here are the relevant bits of config for that:
  • Name: foreman.localdomain
  • IP: 192.168.15.254
  • Netmask: 255.255.255.0
  • Gateway: 192.168.15.1
  • Name servers: Set as appropriate for your envirnoment.

With the VM up and running we're nearly there; the last thing to do is to enable inbound SSH to the new VM. We'll do this by adding a port forwarding rule to natnet1:

$ VBoxManage natnetwork modify --netname natnet1 --port-forward-4 'ssh:tcp:[127.0.0.1]:2222:[192.168.15.254]:22'
This will forward port 2222 on localhost to the SSH daemon on the foreman VM. Let's test it out:
$ ssh -p 2222 root@localhost
Warning: Permanently added '[localhost]:2222' (ECDSA) to the list of known hosts.
...
root@localhost's password:
Last login: Thu Apr 25 15:08:21 2019
[root@foreman ~]#
Very good. Let's verify that routing and name resolution is working:
[root@foreman ~]# ping www.google.com
PING www.google.com (172.217.6.68) 56(84) bytes of data.
64 bytes from sfo07s17-in-f68.1e100.net (172.217.6.68): icmp_seq=1 ttl=51 time=27.8 ms
64 bytes from sfo07s17-in-f68.1e100.net (172.217.6.68): icmp_seq=2 ttl=51 time=27.4 ms
^C
Awesome, we've got our basic environment up and running. Next time we'll install Foreman and get started on configuration.

posted by GG at 8:23 PM

0 Comments:

Post a Comment

<< Home

Blog Information Profile for gg00