Foreman can execute puppetrun on selected hosts
currently foreman will execute puppetrun locally (e.g. from the machine which runs foreman), however it is planned to be able to select from which host puppetrun will be executed.
Puppetrun binary needs to be installed (defaults to /usr/bin/puppetrun) and configured correctly - e.g.
on your clients¶
in your puppet.conf make sure you have
listen = true
and in your namespaceauth.conf
[puppetrunner] allow foreman.domain.com
NOTE: in puppet 2.6 and greater, you will also need in your /etc/puppet/auth.conf
path /run method save allow foreman.domain.com
additionally, if you are behind a firewall, you would need to open tcp port 8139 to the client.
on your foreman server¶
in foreman settings (More --> Settings), make sure you have puppetrun enabled.
enable sudo (as puppetrun needs to be able to access your puppet certificates) - e.g:
Defaults:foreman !requiretty foreman ALL = NOPASSWD: /usr/sbin/puppetrun
In your host list, you will see a new option "Run", just click on it :)