Foreman Azure allows you to provision and manage your hosts in Azure. This is convenient when you want your users to have restricted access to your Azure account (such that only they can create hosts), to monitor and configure them automatically (via Ansible, Puppet, etc..), or also to automate its creation via host groups.
This plugin 1.x series should be compatible with Foreman 1.11, 1.12 and 1.13. Future versions of Foreman might or might not be compatible. 2.x will be released when the plugin is found to not be compatible with any of these 3 versions or drops compatibility of any of them.
See the Foreman manual.
Set up the repo as explained in the link above, then run
# yum install tfm-rubygem-foreman_azure
Set up the repo as explained in the link above, then run
# yum install rubygem-foreman_azure
Set up the repo as explained in the link above, then run
# apt-get install ruby-foreman-azure
Add the following to bundler.d/Gemfile.local.rb in your Foreman installation directory (/usr/share/foreman by default)
$ gem 'foreman_azure'
Then run bundle install
from the same directory
Same as any other compute resource, provide your credentials:
Then associate your Foreman operating system with an image on Azure. The username is not important, Foreman will instruct Azure to setup that name for SSH login using the Azure certificate:
And you’ll be able to create hosts in Azure with that image and many other options, via Foreman. This will allow you to proactively manage your hosts DHCP/DNS, configuration management, parameters, run scripts via remote execution and more!
When you create the compute resource, you need to provide your subscription ID, a path to the .pem certificate, and a URL to your Azure API. Read below how to create the certificate needed.
The certificate used must be generated by the user. OpenSSL can be used to create the management certificates. Two certificates are needed: a .cer file, which is uploaded to Azure, and a .pem file, which is stored locally.
To create the .pem file, execute the following command:
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/foreman/azure.pem -out /etc/foreman/azure.pem
To create the .cer file, execute the following command:
openssl x509 -inform pem -in /etc/foreman/azure.pem -outform der -out /etc/foreman/azure.cer
After creating these files, the .cer file will need to be uploaded to Azure via the “Upload a Management Certificate” action of the “Management Certificates” tab within the “Settings” section of the classic management portal. Read how to upload the certificate on the Azure official documentation.
This plugin works no matter if you have a Foreman smart-proxy in Azure or not. If you do have a smart-proxy that manages DHCP/DNS/TFTP in the same Azure network as the hosts you intend to create, you will be able to PXE boot and discover hosts in that network. Read more about smart-proxy installation on the manual.
If you do not have a smart-proxy in the Azure network you want to provision, Foreman will use SSH provisioning using the Azure certificate in the compute resource, and the name in the image. If you’ve set ‘foo’ as the username for your image, you can SSH into it by calling ssh -i path_to_your_azure_cert foo@azurehost
. Your OS must be associated with a ‘finish’ template in order to provision through SSH. This template will be sent via SSH to your host after it’s created and it will provision the host.
At the moment, Azure hosts have a domain ‘cloudapp.net’ by default. You can create a ‘cloudapp.net’ domain (without DHCP/DNS proxies) and assign it to your Azure hosts.
Alternatively, if you do not want your hosts to show up with the ‘cloudapp.net’ domain in Foreman, you can do the following. Foreman does not yet allow domainless provisioning. This means you will have to create a ‘fake domain’ without subnets in Foreman, and set your interfaces as ‘unmanaged’ when you create your host. This will tell Foreman to not create DHCP/DNS records for this host, and it will let Azure do that. Notice the red circles in the picture, these show a fake domain with no subnets, and the managed checkbox:
When the host finishes provisioning, the public IP and interfaces from Azure will show up in Foreman.
Please follow our standard procedures and contacts.
Errors regarding the provisioning will show up on /var/log/foreman/production.log of your Foreman host.
If you find a bug, please file it in Redmine.
See the troubleshooting section in the Foreman manual for more info.
Follow the same process as Foreman for contributing.
Sources at github.com/theforeman/foreman_azure
Foreman 3.13.0 has been released! Follow the quick start to install it.
Foreman 3.12.1 has been released! Follow the quick start to install it.