Foreman

Overview¶

Foreman can execute puppetrun on selected hosts
currently foreman will execute puppetrun locally (e.g. from the machine which runs foreman), however it is planned to be able to select from which host puppetrun will be executed.

Requirements¶

Puppetrun binary needs to be installed (defaults to /usr/bin/puppetrun) and configured correctly - e.g.

on your clients¶

in your puppet.conf make sure you have

listen = true

and in your namespaceauth.conf

[puppetrunner]
    allow foreman.domain.com

NOTE: in puppet 2.6 and greater, you will also need in your /etc/puppet/auth.conf

path /run
method save
allow foreman.domain.com

additionally, if you are behind a firewall, you would need to open tcp port 8139 to the client.

on your foreman server¶

in foreman settings (More --> Settings), make sure you have puppetrun enabled.

enable sudo (as puppetrun needs to be able to access your puppet certificates) - e.g:

Defaults:foreman !requiretty
foreman ALL = NOPASSWD: /usr/sbin/puppetrun

Usage¶

In your host list, you will see a new option "Run", just click on it :)