Foreman Project

Video thumbnail (Frame 0) Video thumbnail (Frame 2170) Video thumbnail (Frame 3004) Video thumbnail (Frame 3894) Video thumbnail (Frame 4733) Video thumbnail (Frame 6541) Video thumbnail (Frame 8188) Video thumbnail (Frame 9307) Video thumbnail (Frame 10133) Video thumbnail (Frame 11694) Video thumbnail (Frame 14122) Video thumbnail (Frame 16460) Video thumbnail (Frame 17891) Video thumbnail (Frame 20029) Video thumbnail (Frame 20917) Video thumbnail (Frame 22942) Video thumbnail (Frame 23915) Video thumbnail (Frame 24746) Video thumbnail (Frame 25633) Video thumbnail (Frame 26836) Video thumbnail (Frame 27799) Video thumbnail (Frame 29587) Video thumbnail (Frame 36850) Video thumbnail (Frame 37751) Video thumbnail (Frame 39057) Video thumbnail (Frame 40281) Video thumbnail (Frame 46047) Video thumbnail (Frame 47016) Video thumbnail (Frame 48177) Video thumbnail (Frame 49302) Video thumbnail (Frame 50427) Video thumbnail (Frame 51552) Video thumbnail (Frame 52677) Video thumbnail (Frame 53802) Video thumbnail (Frame 54927) Video thumbnail (Frame 56052) Video thumbnail (Frame 57177) Video thumbnail (Frame 58302) Video thumbnail (Frame 59185) Video thumbnail (Frame 60177) Video thumbnail (Frame 61302) Video thumbnail (Frame 62427) Video thumbnail (Frame 63552)
Video in TIB AV-Portal: Foreman Project

Formal Metadata

Title
Foreman Project
Title of Series
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
2014
Language
English

Content Metadata

Subject Area
Abstract
Foreman is a complete lifecycle management tool for virtual, cloud, and physical servers. Through deep integration with configuration management, infrastructure services, and PXE and Image-based unattended installations, Foreman manages every stage of the lifecycle of your servers. Foreman provides comprehensive, auditable interaction facilities including a web frontend and robust, RESTful API. Managing what actually runs on your instances could at times be tricky in large dynamic environments, in this talk, we'll introduce Foreman which can help managing your datacenter and cloud infrastructure, making it a perfect hybrid cloud management tool. Foreman is a life cycle management tool for servers, helping to provision (integrates with many virt and cloud providers - openstack/ovirt/libvirt/ec2/gce/rackspace etc) and to define their purpose in life, their content (e.g. package versions, configuration etc) on an ongoing basis. Foreman is already 4+ years old, and deployed at many small and large scale organizations, and is a used in distributions such as RDO and RHOS (redhat version of openstack distribution). Foreman provides comprehensive, auditable interaction facilities including a web frontend robust RESTful API and CLI, which makes building higher level business logic on top
Slide rule Arithmetic mean Word Website Virtualization
Web page Point (geometry) Frequency Server (computing) Personal digital assistant Video game Cycle (graph theory) Position operator Form (programming)
Point (geometry) Service (economics) INTEGRAL View (database) Uniqueness quantification Cloud computing Virtualization Information Technology Infrastructure Library Process (computing) Computer animation Meeting/Interview Term (mathematics) Self-organization Physical system
Complex (psychology) Multiplication Process (computing) Computer animation Combinatory logic Term (mathematics) INTEGRAL Operator (mathematics) Data center Configuration space Order of magnitude 2 (number)
Information management Information Civil engineering Multiplication sign Real number Connectivity (graph theory) Port scanner Cartesian coordinate system Information Technology Infrastructure Library Element (mathematics) Type theory Mechanism design Process (computing) Computer animation Bridging (networking) Configuration space Software framework Quicksort Software architecture Traffic reporting Proxy server Physical system
Gateway (telecommunications) Enterprise architecture Standard deviation Service (economics) Matching (graph theory) Keyboard shortcut Mathematical analysis Plastikkarte Representational state transfer Directory service Information Technology Infrastructure Library Type theory Direct numerical simulation Medical imaging Computer animation Software Different (Kate Ryan album) Internet service provider Data center Self-organization Remote procedure call Proxy server Window
Revision control Multiplication Integrated development environment INTEGRAL Traffic reporting Physical system Neuroinformatik Product (business)
Frequency Mathematics Process (computing) Field (computer science)
Web 2.0 Server (computing) Computer animation Different (Kate Ryan album) Profil (magazine) Set (mathematics) Object (grammar) System call Abstraction Library (computing) Physical system
Laptop Server (computing) Building Information Multiplication sign Cloud computing Web 2.0 Medical imaging Web service Computer animation Profil (magazine) Different (Kate Ryan album) Operating system Quicksort Traffic reporting Booting Address space Physical system Form (programming)
Server (computing) Patch (Unix) Decision theory Interprozesskommunikation Public key certificate Medical imaging Direct numerical simulation Sign (mathematics) Process (computing) Computer animation Personal digital assistant Operating system Self-organization Traffic reporting Address space Physical system Form (programming) Row (database)
Direct numerical simulation Game controller Information management Data storage device Variable (mathematics) Mereology Public key certificate Address space Physical system
Enterprise architecture Context awareness Uniform resource locator Integrated development environment Software System administrator Self-organization Login Physical system
Information management Process (computing) Electronic mailing list Content (media) Representational state transfer Plug-in (computing)
Scripting language Context awareness Multiplication Linear regression Multiplication sign Source code Information Technology Infrastructure Library Formal language Power (physics) Revision control Latent heat Web service Query language Physical system
Module (mathematics) Computer animation Computer configuration Personal digital assistant Real number Similarity (geometry) Bit Plug-in (computing) Connected space
Distribution (mathematics) Different (Kate Ryan album) Rule of inference Plug-in (computing) Information Technology Infrastructure Library
Installation art Touchscreen Computer animation Personal digital assistant Gradient Set (mathematics) Physical system Form (programming)
Arithmetic mean Process (computing) Computer animation Software Password Gene cluster Bit Software testing
Area Touchscreen Information management Computer animation Combinatory logic Computer configuration Real number Information Technology Infrastructure Library
Enterprise architecture Group action Email Multiplication sign Moment (mathematics) Website Right angle Window Product (business) Number
Point (geometry) Functional (mathematics) Server (computing) Service (economics) Information management Open source Code Multiplication sign Direction (geometry) Set (mathematics) Dimensional analysis Product (business) Revision control Medical imaging Mathematics Term (mathematics) Software framework Software testing Stochastic kernel estimation Physical system Stability theory God Multiplication Demo (music) Projective plane Content (media) Line (geometry) Software maintenance Type theory Personal digital assistant Logic Repository (publishing) Website Video game Configuration space Cycle (graph theory) Quicksort Remote procedure call Wireless LAN Asynchronous Transfer Mode
Mathematics Computer animation Lecture/Conference State of matter Synchronization Moment (mathematics) Configuration space Bit Instance (computer science) Traffic reporting Physical system Pie chart
Building Computer animation Mapping Lecture/Conference Database Quicksort Error message Demoscene
Slide rule Functional (mathematics) Server (computing) Group action INTEGRAL Open set Web 2.0 Latent heat Mechanism design Term (mathematics) Energy level Proxy server Physical system Social class Form (programming) Theory of relativity Information Moment (mathematics) Planning Database Limit (category theory) Information Technology Infrastructure Library Process (computing) Computer animation Personal digital assistant Klassengruppe Network topology Formal grammar Video game Object (grammar)
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Computer animation
Lecture/Conference
so it it it it you know every once in a while yeah welcome to the write the buddhist closer to the OK and the Jewish no words OK what and how do they like to talk revealed that about just about 40 minutes with all about formant and its relevance to infrastructure and virtualization also just for me to know how many are using or no formant here it's wonderful I can go out there called so set of slides hopefully it's not boring to review 1 including myself to do repeat the and on a meaning maybe else they the new site so there alright so
1st of all what we talking about to form and all deliberately introduction of what form is
about so we on the same page but normally we're talking about life cycle of servers where use it start somewhere well when they're initially positions set
up all the way to whatever needs to happen to make them production ready up to the point where they eventually stopped could be very short for the very long period depends on your use cases we specifically talk about the very of
focusing on integration with configuration management provisioning services and monitoring the infrastructure we actually supposed to be it's supposed is running
and configure the way it's supposed to be so when we talk about provisioning think former has a unique point of view in terms of allowing
you to go all the way from the all the way
to virtualization and cloud we pretty much the same process so if we think about a larger organization
usually sadly is not not only a single system that may be terminal beer or maybe cloud and or hybrid cloud
multiple datacenters multiple combination of things and when the complexity goes up higher and higher at the end of the day of the people who actually launched those stuff the API but could also be operators and we want to simplify the process for that so it's pretty much the same process where the deployed on bare metal in the world seconds and so on um in terms
of configuration and I assume most of you well aware that today mostly most integration on a magnitude
greater configuration is done with some sort of a framework whether it's pop chair and civil
solve the Benjamin writer and so on so the idea is that it's not simply the time gap those a bridge those gaps or even between the provisioning process we set up process and the reporting process all into a unified framework what and we talk about monitoring is basically making sure it's not and ideas typical type of monitoring but actually
making sure that the policy that you set your configuration management policy that you set is actually i is done correctly or not correctly and then you can get all kind of information about what's going on also inventory systems and and ability to use scanned search and get information so in a nutshell formant architecture has basically 4 major components we have formed itself which is a real array of application so we have smart proxies we have there can be integrated greater management compute resources and this in the Y PIC align all of those elements so when we talk about smart proxy is basically a mechanism allow formant to reach out and
we think about large-scale organization that problem has lots of data centers lots of networks lots of different network types of network segments
as a proxy is kind of uh a gateway that
woman can reach out and manage remote services running on remote data centers or isolated networks and whether it's things like that maybe at a European SO so maybe just BMC and manage your IP amine and bare-metal service and this smart proxy itself because we're trying to kind image that makes a match a lot of things and smart proxy itself can actually run on Windows for example obviously from the Linux and talked to standard DNS services but can also run the Windows if you're an enterprise and you have some you know Active Directory things like that so we try to integrate and expose the rest API across all of those services so it's kind of a 1 REST API for example that the analysis and ending many providers in the back and what its Active Directory bind and so on but the configuration management
so we have a very deep integration the MoMu with puppet when it comes to things and shift now starting out as well but things like
knowing what's going on non-English reports what actually happened on your system which inventory do you have an obviously what is the role and what which what the system is doing it's not enough just just enough for juice uh we wanna know exactly what's uh is installed install on that system what's its purpose maybe we even more important there's multiple environment supports staging production of the multiple versions of the production and so on and integration of all that making it kind of seamless as much as possible to the user so when we talk about computer
resources this is the way and basically reach out to remote systems and whether it's uh and all the
OpenStack field where he C 2 the period directly and so on will compute and so on based and and allow and basically obstruct the process of what is involved with what's required to actually make a change extracted into single process regardless of the provider and so we
use a library call fog and it will be based very popular library and which we
happily contribute the news and then we have another abstraction which we call compute profiles which allows us to uh let's say define our own sets of the false for example we could think about the traditional small medium large and then define what is small medium large and every different uh and also for a different set of customers so we can use we don't identify for example OpenStack as OpenStack obviously it's a tenant in OpenStack that's a given user in OpenStack thing goes 3 C 2 and so on and we can define different sets of different people to each 1 of them so later on we will be talking about a higher-level object for example I want deployed a small web the and and and that definition of the web server all your apple whatever it is is something we call host book which is basically the system defined the Phoenician off your system and so
it's it's a it's a way to say this is that the full operating system I want for my web services people puppet relationship portion of the recipes and obviously associated to
compute profiles now what I'm telling you that because the idea is that you can define a
higher-level objects such as a web server and I have had the ability for formant to speed up the and create an image for its own every
different provided automatically so I have all the information I need of bronze and to define the system regardless of where it's gonna run I can define the web server have all the recipes all the ingredients to make it happen form different clouds and and I don't need it I can easily transform and rebuild the same system on a different clouded by would like we can now also do interesting more interesting things for example detected as some sort of address if there wasn't a package update that we can detect from let's say a puppet report and that the claim that it took me more than a minute maybe it makes sense for us to spend a making a snapshot that make an image out of that and automatically next time the system boots up it will consume the latest image so there's a lot of the nice things we can do extract that and I don't know how if you ever use the traditional image building tools but this approach actually of users of the sort the storage of off the you know and provide some not building an image on my laptop and uploading it to city to for example I'm actually building it in situ 2 in the 1st place when we talk about
provisioning we talk about basically everything we can support so we go all the way up from traditional PC-based to image-based we can view the traditional use B or
ISO all IPC manipulations we can if we doing image obviously user data or SSH to reach out to the to the system involved and as a complementary when you create a new system form all automatically creates the DNS records if can speak see the DTP reservations required for it to PC and TFTP and and certificate signing all kind of things that are required in the process and the we have also PC-based discovery this is more for the use cases of I have a rack of servers Iocked Turner mom I want to automatically show up and start managed and I don't want to insert a MAC address for every new there'll system that I got the visibility just to discover all the system that basically launch into many 5 us center less uh operating system that is like a light see the reports all inventory and then you can make decisions based on that you are automatically provisioned or select this system belongs to this organization already stands and and so on the and were also will get them sorry operating system agnostic so will happily solve for you any of these operating systems and others if you're are willing to send the patches along the way so this
part of what I mentioned variables part of the creation of a system a lot of things are happening so it's not just enough to create a VM and maybe storage
I also want to create the DNS I want to sign a certificate I wanna make sure I expressed specifically for a for bare metal and very I wanna control that he addressed so we have p address management and that we offer automatically and on using the address and a lot of things that happens when you create a new system that's completely extendable who were plugin system there's a whole plug hopes is that allow you to add your own books and we try to when something fails so we actually make a lot of effort to ensure that we don't leave stuff tattling so if I created B I failed to create storage or to create something else I'm not gonna leave something in the air that you you like him that will be used and on the news of more for example I no we've we've been
around and we know that most of these features are mostly for enterprise users people who have a very complicated and large environments
and in that regard so we obviously integrated by the elder act inca roster and whatever here SSL approach if you know how to configure remote user in the budget for example that we are but we have detailed audit logs and we also move you can see multi-location so you can go up to the the final location as at no personal or you can define rectified in bristles that center West East with someone so there's a hierarchy of that you can go down defined locations so we try really to make a traditional sysadmin life's this year obviously when we have this kind of system we would know which resources or the Administrator will define which resources are available for example for which location organization so we would know that this network for example is accessible and this building or at this network of or you know something in your infrastructures map basically to a given context given context that you a better team and will we may be allocated to different resources than the engineering team and look at a or B and so on you no foreign is really really pluggable this a lot
there are a lot of plug-ins this is really just the kind a list of plug-ins blood is could be as simple as sending here you would give that sorry he would
notification or as compared complete that our feature the full features like as Otello for content management and this really a lot of and 1 can extended this tradition of your rubyonrail lsabella process this is just a rails engine with some API around it so it's really easy to extend and and and as required and obviously it comes with a REST API and we have multiple
versions of API and that we we know that you know API is 1 of the most
important thing we try not never to break so we have we went through the exercise of adding multiple versions and and other DPI there is really is I think 1 of the things really useful as a powerful search in PI and that means we have a really reach a search language which allows you to figure out and find the exact resources that you're actually looking for regardless of in the specific context so you can easily automate over the API with a specific search query and you can fully automated at a a very natural example as I want to monitor or something which what do I need to mind source you can simply defined search query I want want all of my web service invocation of bristles so you define it as a search query you feed that back into your configuration management and you regression and systems and simply so that managed all start monitoring it automatically you don't need to start writing all your customized scripts that whenever a new system comes up and added my monitoring and all all kind of those things like that of try to show that there's enough time will try to show some them all around that but we also the full-featured
zeolite kohlhammer and similar we took the approach of bits of
modules so it's a hammer and similar commands it uses that the 2 API and it's actually build from day 1 to support formant-like and that means that if you write your own of plug to form a new connection extended the lively plug-ins that automatically a dynamically learn from the API of various options that you can't consume now I want to put some these so called you know try to put a bit of all of the
real use case that we actually use formant that maybe a more bit more relevant to this
rule and I think deploying OpenStack is something that's a really large topic been discussed heavily and as we saw earlier this triple 0 there's quite a lot of different tools every configuration management tool has its own set of and the recipes to deploy and we try to make this problem of bit smaller if possible some and using this customized common plugin and so just going to show you a few screenshots so this is based on
RGO so for those of you don't know is a distribution of OpenStack for ascent Oisin and rail they operating
systems and which is pretty easily to pretty easy to install all packaged and and and all of that and and party on phone actually comes together bundled together if using ideally connecting so formative their figured when you configure the of Europe was stories in this case is just say I'm installed in the formant Mormon OpenStack on the installer and basically we get back to
form with a set of slot you know the screens that allows grades a given that the OpenStack cluster so obviously you can create multiple
clusters of OpenStack you know staging testing small meaning latest whatever and you can press the find tries to guide you through and so for for the various you know what is the a bit about the networking and a bit about this so various parameters if
you add a note here that J off-roading like is and and allow you to override any uh different values it also automatically generate passwords and we try it's not perfect but we try to simplify the process of deploying set so someone without a lot of knowledge can actually even deployed OpenStack
in relatively straightforward manner to to free screens click next and grown create OpenStack and there's a lot of options
for OpenStack connecting the diversity here is what makes it so challenging because there's a lot of uh overlapping combinations in OpenStack and this is a real problem for prefiguration management of in general
and and we're working hard now coming up with a new approach uh in in the configuration management area and to try and solve that but I guess this is another topic for another room to generally about formants community and the
product is about four year old and roughly 200 but 50 + users on the mailing that on IIsi and something is you can see that we're trying we're growing at a leader me as much as we can these are roughly the number is most of our users are I would assume all our users are enterprise users or users with infrastructure and other white does make sense to use this kind of a product and an and I hope I've convinced you to get started I'll try the demo but in between will pause for a 2nd for questions on uh the get started you can obviously see it on the web site if you go there some tutorial reviews how to get started we have a really active REC channel and to this end user group so if you have any questions before I try to do a lot of them will go ahead of time how do people a window that question and ask you questions back why no kidding I thank you all right windows deployment at the moment it's
possible to image-based provisioning only and so if you have a template during
image OpenStack and so on it's possible just like any other to you know if it's user data driven for SSH we can located to that and yet of year of 1st year provisioning massive solves a lot like would raise your those do integrate was Thracian so we don't integrate raise the direction there some overlap the bulk of tried background your question right after I want to understand raises a is a great provisioning all of a sudden by the overlaps together here um which has started from day 1 with the discovery principles in mind that means you turn on servers and they can automatically assigned himself roles they functionality based on the final some formal existed before a and we had a discovery functionality similar to raise their somewhere along after raising started out with this consider using razors that compute providing the informa the end but that never happened from 1 reason not it's not you know we had a lot of that logic already did make it necessary feel right to we write that was drop all those stable lines of code for 4 of our that point in time you know that our mouth of product but I think that there is a great product and it solves the problem that you if you're facing great and you should use it I think we're trying to sort of 18 the overall use cases raises a service in that regard that it can create bare-metal systems so that you can consume Vermilab bare metal system in this case we're trying to add another few more dimensions the management off the whole of problem problems but a OK yeah I could more questions during the day the formant but I'd like to see the future from the when you see the future from and where they see the future for and so there is a short short the feature in the long-term future of short term 1 of the uh involved in 1 of the completely new 2 main functionalities were added to form and besides that of enhancing the current thing we have is 1st of all everything around content management that means that ability to classify your content and manages its life so what is production which packages of production what they mean how testing and staging and and how do we promote content from 1 point in time for 1 set of functionality to another so when I deploy system and not just randomly getting a set of our and for example repository and configuration data from a certain point in time where I installed it actually has a way that you can and say this is production I can I can point my production of this production I can take the production that was 5 years ago and deployed now again to really try to look for the whole continent problem as something which is kind of a snapshot of content that is consumable as you go forward this is important if you if you have to have multiples of versions of your production maybe you have 2 sites and once I can perform a change in a given time the others they can perform a change in another type of you orchestrate all that that's 1 thing the other thing we're working on that we're working on extending the remote execution framework and is more for complicated workflows so if you need to dynamically orchestrate change across multiple systems and you know I'll take and I'll take an example from from from over it for example when you want to have great hypervisor you need what you need to do you basically need to know the type provides put it in maintenance mode so all the DBM's running on it will like migrate another B and then you wanna upgraded packages maybe kernel was upgraded you 1 of whom the system then you go you wanna go to the next 1 you will pick it out of maintenance go to the next 1 and then this cycle again this is just 1 example or often orchestration framework that we as a problem that we're trying to solve we wanna build a framework that is easy to use that can automate this kind of workflows and there's probably a lot of things that happen you know is an open source project
where amazingly surprisingly to pull request that you get so besides that I have no yeah so where world will be in 2 years of the far more questions only this guy were alright so I'll try to give me enough time right there there's enough the nothing equal so I'll try to jump into the demo if the gods of wireless will allow
me of see alright so
this is for instance a dashboard and in here we can see a bit of an of a pie chart showing us while the wind which state our systems our so I could see that 40 per cent of my systems are in OK stated that means that they've run configuration agent on them but the public and other executed Andorra no changes that means the policy that we've redefined is applied and things working great move out of the out of sync basically means nothing happened so that the agent did not run and we don't know whether that the what is the actual state of the system at the moment and no reports but no report means never send the report not so interesting there's also other states this is alive system or
my maps set up so there is there more errors but obviously something failed to execute or things like that we could see so we have a the scene good we have all this it's too slow and try to
see if I can have a local copy of the database the no yeah OK will
go back to PM but this takes while and so when you look at that I just sort of them I have as so basically um this is too so I would encourage and meanwhile all of you to come we have a goof outside that the k building and
also if you happen to be inadequate in Ghent on Monday and Tuesday there's a configuration management camps we can ask more questions is also a couple more talks about continues and integration infrastructure and integration of chat happening there today and tomorrow and on unless there know this is too slow sorry um besides that I think I covered the basics there's more questions to save save me so good and you know the question was what is the relation between formal and heat or is there a relation ship between formant at the moment there is no air integration between formant heat I would love to see what I would love to see heat be able to consume resources from formant and I would love to see formant uh manage he place and I think these are 2 things we would love to see and and again this is such that the solution of the small so but I generally this is at the moment is no such a such that yes questions about the and so the it and OK so the question was if there is a plan to fix groups by thing uh so this is only for those of you actually using it in and know the problem and so with so I have a nature of and being able to inherit so you can define a top level of base form I have none of that you can say in my database and my web server or my functionality and you could go nests pretty much on limit the level of down in the tree and you can share politest between those and considers benefits you could define things that are common started to and share information between those using search for other mechanisms mechanism um and 1 of the things in life correct me if I'm wrong it my friend later incorrectly but what you mean basically that ability not to redefine public process or what what is the exact problem in the and and OK so so at the moment and form it's possible to so we started with the term most group and later on it's actually going to something we now look at the system definition and if we look at this look at it from a system as a system definition going to you it doesn't make sense for a system to have multiple definitions and then but to solve that specific problems we we are now will be working in a problem the new future you and handle uh classes and classes groups that can be reassigned so take what you look previous host and try to extract it to another object that could be applied in multiple then you could apply multiple but they public groups or public class of recipes whatever it will be called and you could try to solve it in that approach uh but this still be only 1 host to persist yes but will try to handle that specific use case which I think what is what you're we can take it offline and maybe you can enlighten me what we're doing it wrong will be more than happy to learn how to the the anything else OK so let me quickly try opens some tabs so there that's not as slow so
when we talk about In the last OK I'll open that uses few slides and no OK alright
so this concludes the like the uh and
few more than happy to show this later on we will make sure that we have a working like them later on down the road you will ability to play thanks everyone and
and
thank and
but in
the
the lecture we we we
we we we we we we tend to
be you you can you think of it the
and
and you and you you you you you you you
you you you you don't do you we all know everyone in the of the
do we
really have to do this we
you know we we we do not use use
any of you would call it the final and
Feedback