Release notes are now on the new site -

Release Notes for 1.0


  • Updated to rails 3.0.15, including recent CVE's. --> THIS REQUIRES RUBY 1.87+
  • Using bundler, with groups, so features/db adapaters etc can be turn on/off as needed, see more about bundler groups
  • Removed config/database.yml from the repo, there is now a config/database.yml.example file that you could use as a starting point
  • Foreman is now completely seperated from a puppet master, which means that if you need foreman to communicate (import puppet classes, puppetrun, puppetca etc) with Puppet (even if its on the same machine), you need to install a Smart Proxy
  • Experimental support for Ruby1.9x


Compute Resources

As foreman aims to be able to provision on as many different hardware types and virtualilizations providers, we've created Compute Resources (can find them under the more tab).

Compute Resources are providers which can create new virtual machines / instances, they would completely replace hypervisors in the next release.

The main differences between Compute Resources and former Virtualisation support are :
  • Abilitity to create VM with multiple disks and NICs
  • noVNC console directly integrated in Foreman UI
  • Support of Power Management and full deletion of Host/VM in Foreman UI

See more about Compute Resources

At the first release, Compute Resources that are fully supported are (Provisioning, Console etc)

  • oVirt (RHEV-m)
  • Libvirt :
    Libvirt implementation in Foreman has been completely rewritten to support new Compute Resources features. See example at screencasts
  • EC2
Experimental Compute Resources

Provisioning Templates

  • EPEL is now a snippet, they were changing urls far too often, you can now use <%= snippet 'epel' %> instead.
  • Added a few compute resources related template functions, see Compute Resources for more details.
  • We now keep an history of changes to provisioning templates, and one could see the diff between versions (in the audit log/history tab), undo etc.
  • Its possible to add a commit message when updating a template
  • Added preview tab for template updates.

Provisioning Orchestration

DNS / DHCP conflict detection and remedy

When Foreman detects that an ipaddress / hostname is already used and conflicts with the user request, Foreman now offers the user to the ability to override / fix the issue.


  • Added ArchLinux support
  • Added UUID support for certnames
  • Added support for having a different PuppetCA and a puppetmaster
  • Added the ability to reuse existing DHCP reservations/leases
  • Important Reverse DNS entries will be created only if a subnet is associated to a DNS proxy server, this allows that both primary and reverse zones are on different servers and allows not to create one of the two.


  • Added class filter when selecting puppet classes
  • Every page can now be have search bookmarks, not only top navigations
  • The 'More' section has been restructured into groups.
  • Added progress bar when creating new hosts (requires passenger or something else that can serve more than one request at a time).
  • Added Session expiry (timeout is configurable via settings)
  • Much improved Config Template Editor (including Syntax highlighting etc)
  • Its possible to upload files as templates instead of using the editor.
  • Audits view redone completely, hopefully now its a bit more useful.
  • When editing a host, you can now see which parameters the host will get, and possible override them.
  • UI support smaller screens (mobile, tablets etc).

and many more updates


  • Provisioning templates can now be fetched.
  • Host_parameters are now part of the json resposne per host / collection.
  • Ensure that error messages are passed over completly in json as well.
  • Hosts index collection now provides much more results, now return hash of hosts instead of an array. note this would require you to amend your scripts / foreman search function


Packaging has changed significantly for 1.0, the main changes are:
  • No longer including rails within Foreman packages
  • Created separate packages for rails and other required libraries, which are now provided via our hosted yum/deb repositories.
  • Add meta packages based on functionality, e.g.
    • foreman-<db> (pg, mysql, sqlite)
    • foreman-<cloud/virtualization> (ovirt, ec2, libvirt etc)
  • repo restructure, since we now provide packages to RHEL5-6 and Fedora16-17, we had to update the repo structure, please use the foreman-release rpm or update your yum repos manually.
  • One of the few to package Rails 3 / bundler app and stay alive

Other stuff

  • Parameters / smart variables can now contain very long text
  • Added support for puppet html report processor, however note that SSL is not supported currently in puppet.
  • Full RBAC (Role Based Access Control) for Compute Resources, this allows to define who can deploy VM's/instances and where etc.
  • Puppet Reports now support NOOP mode.
  • Added Basic MS Windows support to foreman
  • Assign more than one domain to a subnet is now possible.
  • Add gateway and dns fields to Subnets (and of course access it via provisioning templates)
  • Added support to limit subnet range when offering IP addresses
  • Added support for external http authentication via REMOTE_USER env variable (e.g. for kerb, your own web server authentication)
  • Facts are now imported even for managed hosts, if you have an issue with mac / ip facts, you could turn it off by using the ignore_puppet_facts_for_provisioning setting
  • It is also highly recomended to use the new ENC script which comes with foreman installer.

Release Notes for 0.4.2

This is another maintenance release, including only the bug fix for #1420

Release Notes for 0.4.1

This is a maintenance release, and most likely the last release of foreman supporting Ruby older than 1.87.

This release mostly contains many small UI fixes and features, PostgreSQL related bugs and dashboard notifications.

If you are provisioning hosts via foreman, it is highly recommended to upgrade to this version, as it solves an issue when foreman was unable to rollback actions on failures #1386 (e.g. dns / dhcp records etc).

The complete change log can be found here

Release Notes for 0.4

  • hostgroups can now be nested
  • hostgroups can now act as a as templates, including VM attributes etc.
  • Introducing Smart_Variables
  • Most of Foreman_configuration has been moved into the UI itself, this does not require a restart every time you change something, only core settings remain in the settings file.
  • audit log now capture class assignments
  • Solaris (sparc and intel) provisioning support
  • OpenSUSE provisioning support
  • BMC NIC management

New UI that doesn't SUCK with lots of improvements - checkout the new screenshots

Smart Proxy version

In order to use provisioning support with this version of Foreman, you are required to* update your proxy* to the latest 0.3 release.

Ruby 1.87 support

Foreman 0.4 would be the last major version supporting Ruby older then 1.87.
This has to be done since the upstream rails community no longer supports that version, which means that critical security patches are no longer available if we keep supporting that.

if required, we would release 0.4.x maintenance releases, but since ruby 1.87+ is available on most distribution these days, you are encouraged to upgrade.

Release Notes for 0.3

This release incorporates many new features plus the resolution of about 75 outstanding bugs.

Highlights of this release include:


An extensive rewrite of the search system was performed.
  • Foreman now has a searchbar that prompts for possible search fields and values.
  • Searches can consist of multiple clauses with complex logic operations.
  • Previous searches can be saved as a bookmark and made public for others to use.
  • Many more search conditions, among them:
    • Host can be found by their parameters
    • Host can be found by their classes (direct associations or though host groups).
    • Host can be found by all valid combinations (e.g. multiple facts, report status, time stamps etc)
  • Audits search target have been greatly enhanced
  • All Search conditions could be used via the API as well
  • Search can apply on pages such as the dashboard (e.g. show only hosts in environment != development)


  • A user is always granted access to their own account information. This also allows Internal users to change their password even if they do not have edit rights on User.
  • Additional permission groups have been added to control access to nearly all of Foreman's feature.


  • The graphing libraries have been replaced with the Highchart system.
  • Internet access is no longer required to view charts.
  • They look way better :p


  • The hypervisor pages now show more information about their guests.
  • Virtual clients can now be deleted/stopped/started etc.

Smart-proxy extensions

  • Puppet certificates can now be displayed, signed and revoked from within Foreman.
  • Autosign entries can be managed from within Foreman.


Many more operations that are available from the Web interface have been exposed via the API. These are just a few:-

Information for developers

  • The Backend Prototype Javascript library has been replaced with jQuery, thus providing a much richer set of graphical browser components


  • All communication between smart-proxies and Foreman could be encrypted over HTTPS channels.
  • Support for Scientific Linux has been added.
  • Most operations now refer to the host by its name rather than its id in the URL.
  • Selected hosts tickbox works across multiple pages.
  • Foreman handles unreachable proxies gracefully.
  • Hosts which report skipped operations are no longer considered as being in error state.
  • When creating or editing a host the provisioning templates that will be used are displayed.

Release Notes for 0.2

This release is a major release, it includes many new provisioning features and introduce a new service called [[Smart-Proxy:Wiki|Smart Proxy]] within Foreman Architecture. Highlights of this release includes:

Support for New Puppet Reports format

Puppet reports changed in Puppet version 2.6.5+.

New look and feel

Extended restful API

see API for more details.

Full VM/physical host Provisioning


Starting with 0.2, Foreman supports many different kind of templates, including:

Type Description
Provisioning Kickstart, Preseed, Jumpstart etc
PXElinux PXElinux TFTP configuration templates (such as pxe menus, and plain PXE config files)
gPXE gPXE based configuration files (which can be used as an alternative to TFTP based deployments altogether).
finish Finish scripts (such as a preseed or a jumpstart finish scripts)
scripts Scripts which can manipulate grub configuration on existing hosts
snippets partial templates which can be included within other templates

Templates are now stored within the database - there is no longer a need to restart Foreman after the modification of a template.

If you don't configure any templates, or use the old urls (such as /unattended/kickstart) you will still render your template using the old/legacy way.

Template association to hosts

The guiding principle within Foreman is that we don't want to associate templates with hosts directly.
There are 4 ways to associate a template with a host

  1. Though a host group.
  2. Though an environment.
  3. Though a combination of a host group and an environment (such as web servers in development mode).
  4. Though an operating system.

Therefore, there are few steps which are required in order to relate hosts and templates.

  1. Make sure you define at least one operating systems.
  2. Create each template and associate the valid operating systems to it.
  3. Optionally, associate the template with hostgroups and/or environments.
  4. Edit the relevant operating system and define a default/fallback template for each relevant template type.

A special type of a template is called "PXE Default File" which is the default PXE template.
The included example will setup PXE menus for each configured host group (allowing you to deploy hosts without puppet if you require that functionality).

Safe Rendering of Templates

Foreman by default works in safe rendering mode (restricted access) - see TemplateWriting for more details.

We tried to provide sane default templates which should hopefully get you started.


Foreman can configure your DNS servers via the [[Smart-Proxy:Wiki|Smart Proxy]] service.
The currently supported DNS servers are BIND and Microsoft DNS server.

Foreman will create a reverse and primary DNS record for each host which is created via Foreman.

If you wish to enable DNS management for selected domains, you may configure smart proxy under domain settings.


Foreman now needs to know about your subnets in order to configure the correct DHCP / TFTP servers.

At the moment, Foreman associates subnets with domains (a domain such as has many subnets.) If you have a different layout, please feel free to create a new feature request.


Foreman can fully configures DHCP servers via the [[Smart-Proxy:Wiki|Smart Proxy]] service.
The currently supported DHCP servers are ISC and Microsoft DHCP server.

This includes creating a reservation/lease per host with the correct boot configuration based on the TFTP setup

If you wish to enable DHCP management for selected subnets, you may configure smart proxy under the subnet settings.

Please ensure that you disable Dynamic DNS updates for subnets that are managed. Foreman will manage the DNS entries for your machines.


Foreman now can fully populate TFTP file trees via the [[Smart-Proxy:Wiki|Smart Proxy]] service.

This includes downloading the relevant media file (such as kernel and initrd) and the machine specific pxelinux configuration file as well as managing pxe default / menus if defined.

If you wish to enable TFTP management for selected subnets, you may configure the smart proxy under the subnets settings.

If a Proxy is not configured for your Subnet, then the old (legacy) TFTP support will be executed.

Auto discovery of un-used IP addresses

The smart proxy which runs the DHCP server can automatically suggest an unused IP address based on subnet.

The user can always override the suggested IP address.

Virtual Machine support

Foreman now can create virtual machines for you.
At the moment we support libvirt , so if you use a hypervisor which is supported via libvirt, you can create new instances though Foreman in a simple and effective way.

Just create a new hypervisor (under the settings tab) and follow the steps at Virtual_Machine_Provisioning

You are required to isntall the ruby-libvirt package


Support Managed and non-Managed hosts

When deploying Foreman into an existing environment, it makes sense that only some of the machines are managed by Foreman.
For those hosts that are not managed, you can toggle the managed/provisioned status from a link in the host edit page.

This will not require you to key in provisioning related information (such as OS, installation media etc).

Rebuild many hosts at once

Its now possible to set multiple hosts for rebuild upon their next reboot.

New dependencies

Foreman now requires the rest-client JSON gems.

These gems are normally available via your operating system packing.

Release Notes for 0.1-6

Puppet Importers

  • The environment and puppet class importer now works in batch and interactive modes
    • In interactive mode, allows the user to select those classes and environments that they wish to import or delete.
    • The environment and puppetclass importer removes the contents of config/ignored_classes_and_environments.yml from the set of changes that are to be applied. A sample file extras/ignored_classes_and_environments.yml.sample is supplied
  • The importer will now obsolete missing puppet classes and environments
  • Support Puppet 2.6.x reports
  • External node import script (from an older external nodes script) now overrides the exists classes in foreman if they exists.

User Authentication and Authorization

  • Added support for internal authentication.
  • Added full Role based Authorization (RBAC) system, see Roles and permissions for more details.
  • All actions are audited as either the logged in user, or the system account named admin, if logins are unused.
  • If you chose to enable authentication, the default username is admin, password changeme


  • Added JSON based API to many common actions, see API for more details
  • Added example scripts to add and remove hosts in extras directory
  • Added YAML support for all host lists, dashboard pages etc.

Web interface

  • Reports are filtered by default so that only reports that contain any changes are displayed. All reports can still be seen by running a suitable search.
  • The user may search for hosts that are using a class, though this only works if the host explicitly names the class as host's hostgroups are not searched.
  • New features, notices and alerts can be presented to users via a new notification pane within the web interface.
  • A single puppetdoc page for an environment's manifest now contains a link to the browser for the whole environment's manifests
  • The settings page has been replaced with a floating dropdown selector box at the right of the screen
  • Improve host edit form in cases when working in mixed mode where some machines were installed via foreman, and others are managed (i.e. class assignments).
  • Added timestamps to facts, this allow users to see if their facts data is up to date.
  • Added links from puppet classes list to see hosts which apply that class.
  • changed many URLS to include a meaningful name instead of the internal ID, i.e. foreman/hosts/fqdn instead of foreman/hosts/123
  • updated html pages to be XHTML compliance
  • Added the ability to disable notifications for several hosts, this will not show the hosts in the host list and in the dashboard statistics.
  • Fixed confusing graph labels in the host show page


  • When operating in spoof mode, the output will always be in text/plain instead of html.
  • Foreman can now be programatically interrogated to determine the required bootfiles for a media type. This allows an external TFTP source to locate and download these files before a host is built - see API.
  • Auto generate pxe syslinux config files on remote TFTP servers - see API
  • on anaconda based installed (redhat family), Foreman will use the MAC address (from the active interface) to identify the host.
  • It is now possible to cancel a "build host" request.
  • Added new setting to allow Foreman to install the host from a temporary IP range (which is not the final host ip).
    This will avoid scenarios where the IP gets rotated between the entered values and the IP coming from Facter.
  • Added redhat network registration snippet
  • Fixed slipping newlines in the dynamic partition table layouts.


  • New repositories for RedHat/Fedora, and Debian/ubuntu are now available at or, they include stable and testing packages.
  • Foreman now bundle rubygem rack package, this allow the package to be natively installed on many distributions (in various versions).
  • see Installation instructions for more details.
  • Added rack task to build a deb package.


  • Parameter names and values may now contain spaces and other characters, but they must still not end with whitespace
  • In previous version, when entering a FQDN as the hostname, Foreman would automatically create the domain name for the host, however, as its legitimate to have a full stop (".") as part of the hostname, foreman can no longer know what is the correct domain name, and therefore will not create it, if the domain already exists, Foreman would still associate the host to it.
  • (for developers) The rake db:convert:prod2dev task now takes an optional tablename and record count.
  • Foreman now have more test code than actual code.

Important migration notes

In order to support Puppet 2.6.x reports, a major change in the database structure was required, if you are upgrading via a package the database change will happen automatically as part of the package update, however it might take a long time according to the amount of reports you currently have in your database.
therefore its recommended to expire non-required reports (via the rake reports:expire command)

Release Notes for 0.1-5

Web interface

Most of the pages have been rewritten, there are many changes:

Search options
  • Hosts (filter based on facts, based on host groups etc
  • Facts (all hosts with fact x or with value y etc)
  • Reports (show me all failed reports in the last 3 months etc)
  • Audits (per user, per type – e.g. all hosts, per action – e.g. delete)

Improved Graphs for dashboard and per host

Host edit page now has a lot of logic
  • Class selection depends on your chosen environment
  • Class selection breaks down into modules, making it easy to navigate
  • Inherited classes (via hostgroups), are also visible.
  • Unattended settings will only show selection based on the os (e.g. no debian disk templates will be shown to redhat based os etc).
  • Clone existing hosts (instead of choosing all of the options again)
Perform changes on many hosts at once
  • change a parameter for many hosts
  • change host group for many hosts
  • change environment for many hosts

Import new puppetclasses from the interface

Unattended installations

  • added support for dynamic disk layout
  • added kickstart/preseed compatibility with Ubuntu 10.04, RHEL6 beta, Fedora 13
  • support for customized kickstart files (e.g. if you use a package like rpm, you can create your own kickstart which will not be replaced on next update).
  • medias can now be shared with many operating systems (e.g. with replacing variables for $arch or $version)
  • x-rhn-provisioning headers support for booting from other devices than eth0

Query interface

  • added verbose mode, which will return all of hosts classes, facts and external node parameters.
  • added query based on a hostgroup


  • Host ownership (via a user or a user group) base infrastructure for per host authorization (e.g. who can change what) and sending the reports to the right people.
  • Speed optimization when keeping many reports in the db
  • Puppetdoc integration
    • Foreman can generate puppetdoc (via a rack task, so you can add it to your repo post commits scripts), and links to the docs via the puppet classes page.
  • Improved RPM packaging
    • added startup script for foreman (uses webrick)
    • moved all config files to /etc/foreman and /etc/sysconfig/foreman
    • moved log files to /var/log and added logrotate support
    • moved db files state dir
    • ...
  • Fact importer now imports the hardware model information