Foreman YAML client
Project description
Make automated foreman configuration as easy as pie.
This script automatically resolves names so you can link templates, hosts, domains with only using their names. It’s not required to know their ids beforehand.
Installation
git clone https://github.com/adfinis-sygroup/foreman-yml --recursive cd foreman-yml sudo pip install .
Note CentOS/RHEL
- ::
sudo yum install gcc python-devel python-pip python-argparse -y
Usage
foreman-yml [import|dump|cleanup] /path/to/config.yaml
Configuration
Root node of YAML is always foreman. You can find an configuration example under config/example.yml
Dump current configuration
foreman-yml supports dumping the whole configuration of a remote foreman instance to sdout. Use foreman-yml dump for this feauture.
For dumping, provide an config file with auth settings:
foreman:
auth:
url: "https://foreman.lab.local"
user: username
pass: passwordThen run foreman-yml like this to dump configuration:
foreman-yml dump /path/to/config.yml > foreman_dump.yml
Import settings into foreman
If no keyword or import is provided to foreman-yml, the script tries to import settings provided by yaml-file.
foreman-yml /path/to/config.yml foreman-yml dump /path/to/config.yml
The following config sections are supported:
Section auth
auth:
url: "https://foreman.lab.local"
user: username
pass: passwordurl URL of your foreman instance
user Username for connecting to the API. User should have administrative rights
pass Password for the User
Section setting
setting:
- name: entries_per_page
value: 42
- name: safemode_render
value: falseKey/Value pair for global foreman settings
name Key
value Value
Section architecture
architecture:
- name: x86_64
- name: i386name Architecture string (Example: ‘x86_64’)
Section environment
environment:
- name: production
- name: development
- name: stagingname Environment name
Section smart-proxy
smart-proxy:
- name: smproxy01
url: "http://localhost:8000/"name Smart proxy name
url Smart proxy url
Section domain
domain:
- name: lab.local
fullname: lab.local is a test domain
dns-proxy: smproxy01
parameters:
- name: keyname
value: keyvaluename Domain name
fullname Detailed description
dns-proxy DNS proxy for the domain. Maps to smart-proxy.name
parameters Extra parameters, key/value pair
name Key
value Value
Section subnet
subnet:
- name: lab
network: 192.168.122.0
mask: 255.255.255.0
gateway: 192.168.122.1
dns-primary: 192.168.122.1
dns-secondary: 8.8.8.8
ipam: DHCP
from: 192.168.122.10
to: 192.168.122.50
vlanid:
domain:
- name: lab.local
dhcp-proxy: Smart Proxy
tftp-proxy: Smart Proxy
dns-proxy:
boot-mode: DHCP
network-type: IPv4name Subnet name
network Network address
mask Network Netmask
gateway Network gateway
dns-primary Primary DNS server
dns-secondary Secondary DNS server
ipam IP Address auto suggestion mode for this subnet, valid values are “DHCP”, “Internal DB”, “None”
from Starting IP Address for IP auto suggestion
to Ending IP Address for IP auto suggestion
vlanid VLAN ID for this subnet
domain Domains in which this subnet is part
name Domain name, maps to domain.name
dhcp-proxy DHCP Proxy to use within this subnet, maps to smart-proxy.name
tftp-proxy TFTP Proxy to use within this subnet, maps to smart-proxy.name
dns-proxy DNS Proxy to use within this subnet, maps to smart-proxy.name
boot-mode Default boot mode for interfaces assigned to this subnet, valid values are “Static”, “DHCP”
network-type Type or protocol, IPv4 or IPv6, defaults to IPv4, valid values are “IPv4”, “IPv6”
Section model
model:
- name: libvirt
info: Virtual Machine
vendor-class: vmware
hardware-model: esxi6name Model name
info Detailed description
vendor-class Hardware vendor
hardware-model Hardware model
Section medium
medium:
- name: Ubuntu Mirror
path: "http://archive.ubuntu.com/ubuntu"
os-family: Debianname Model name
path The path to the medium, can be a URL or a valid NFS server (exclusive of the architecture)
os-family Operating system family, available values: AIX, Altlinux, Archlinux, Coreos, Debian, Freebsd, Gentoo, Junos, NXOS, Redhat, Solaris, Suse, Windows
Section partition-table
partition-table:
- name: Ubuntu Default
os-family: Debian
audit-comment: initial import
layout: |
#!ipxe
<%#
kind: iPXE
name: RLC iPXE
oses:
- Ubuntu 14.04
%>
[...]
locked: falsename Partition table name
os-family Operating system family, available values: AIX, Altlinux, Archlinux, Coreos, Debian, Freebsd, Gentoo, Junos, NXOS, Redhat, Solaris, Suse, Windows
audit-comment Comment for the audit log
layout Partition layout
locked Whether or not the template is locked for editing
Section provisioning-template
provisioning-template:
name: Ubuntu Preseed
template: |
<%#
kind: provision
name: Ubuntu Preseed
oses:
- Debian 8.
%>
[...]
snippet: false
audit-comment: initial import
template-kind-id: 3
template-combination-attribute:
os:
- name: Debian 8
locked: falsename Partition table name
template The provisioning template itself
snippet Set to true if template is a snippet only
audit-comment Comment for the audit log
template_kind_id Template kind id
os
name Operating system name, maps to os.name
locked Whether or not the template is locked for editing
Section os
os:
- name: Ubuntu
major: 14
minor: 4
description: Ubuntu 14.04 LTS
family: Debian
release-name: trusty
password-hash: SHA512
architecture:
- name: x86_64
provisioning-template:
- name: Ubuntu PXE
- name: Ubuntu Preseed
medium:
- name: Ubuntu Mirror
partition-table:
- name: Ubuntu Default
parameters:
version: "14.04"
codename: "trusty"name Operating system table name
major The provisioning template itself
minor Set to true if template is a snippet only
description Comment for the audit log
family Operating system family, available values: AIX, Altlinux, Archlinux, Coreos, Debian, Freebsd, Gentoo, Junos, NXOS, Redhat, Solaris, Suse, Windows
release-name OS release name
password-hash Root password hash function to use, one of MD5, SHA256, SHA512, Base64
architecture
name Architecture name, maps to architecture.name
provisioning-template
name Provisioning template name, maps to provisioning-template.name
medium
__ name__ Medium name, maps to medium.name
partition-table
name Ptable name, maps to partition-table.name
parameters
__ key__ Additional OS settings in format ‘keyname’: ‘keyvalue’
Section hostgroup
hostgroup:
- name: switzerland
parent:
environment: production
os: Ubuntu 14.04 LTS
architecture: x86_64
medium: Ubuntu Mirror
partition-table: Ubuntu Default
subnet: lab
domain: lab.local
parameters:
- keyname: keyvaluename Hostgroup name
parent Parent hostgroup
environment Environment name, maps to environment.name
os Operating system name, maps to os.name
architecture Architecture name, maps to architecture.name
medium Media name, maps to medium.name
partition-table Ptable name, maps to partition-table.name
subnet Subnet name, maps to subnet.name
domain Domain name, maps to domain.name
parameters Dict of params -keyname Value of param
Section host
host:
- name: testhost
domain: lab.local
architecture: x86_64
hostgroup: switzerland
environment: production
os: Ubuntu 14.04 LTS
media: Ubuntu Mirror
partition: Ubuntu Default
model: VMWare VM
mac: 00:11:22:33:44:55
root-pass: supersecret42
parameters:
env: prod
kernel_params: quietname Host name
domain Domain name, maps to domain.name
architecture Architecture name, maps to architecture.name
hostgroup Hostgroup name, maps to hostgroup.name
environment Environment name, maps to environment.name
os Operating system name, maps to os.name
media Media name, maps to medium.name
partition Ptable name, maps to partition.name
model Hardware model name, maps to model.name
mac MAC address
root-pass Root password
parameters Dict of params
keyname Value of param
Section roles
roles:
- name: testrole
permissions:
architecture:
- view_architectures
- edit_architectures
compute_resources:
- view_compute_resources
- create_compute_resources
- destroy_compute_resourcesname Role name
permissions
groupname Name of permission group (not applied to foreman), only for clarity
permission_name Permission name, maps to permission.name
permission_name Permission name, maps to permission.name
permission_name Permission name, maps to permission.name
… …
Section users
users:
- login: testhaaaans
password: schmetterling42
mail: haaaans@example.com
auth-source: ldap-is-not-web-scale
firstname: Test
lastname: Haaaaaans
admin: true
timezone: UTC
locale: enlogin User login
password Password of user
auth-source Name of auth source or ‘INTERNAL’ for foreman-own auth source
firstname First name of user
lastname Last name of user
admin If true, user will be created with admin permissions
timezone Timezone for the user
locale WebUI locale for the user
Section usergroups
usergroups:
- name: api-test2
admin: false
users:
- name: foo
- name: burlson
groups:
- name: api-testgroup
ext-usergroups:
- name: foremangroup
auth-source-ldap: ldap-is-not-web-scale
roles:
- name: fooname Usergroup name
admin If set to true or 1, group is has admin permissions
users List of users
name Username, maps to users.name
groups List of groups
name Groupname, maps to usergroups.name
ext-usergroups List of external usergroups
name Name of the external usergroup
auth-source-ldap Name of the external auth source, maps to auth-source-ldap.name
roles List of roles
name Role name, maps to role.name
Section auth-source-ldap
auth-source-ldap:
- name: ldap-is-not-web-scale
host: 10.11.12.13
port: 389
account: uid=binduser,cn=users,dc=test,dc=example,dc=com
account-password: 123qwe
base-dn: dc=test,dc=example,dc=com
attr-login: uid
attr-firstname: firstName
attr-lastname: lastName
attr-mail: mail
attr-photo: picture
onthefly-register: false
usergroup-sync: false
tls: false
groups-base: cn=groups,dc=test,dc=example,dc=com
ldap-filter:
server-type: posixname Name of the authsource
host LDAP host
port Server port
account Bind account user
account-password Bind account password
base-dn LDAP Base DN
attr-login LDAP attribute for username, required if onthefly-register is true
attr-firstname LDAP attribute for first name, required if onthefly-register is true
attr-lastname LDAP attribute for last name, required if onthefly-register is true
attr-mail LDAP attribute for mail, required if onthefly-register is true
attr-photo LDAP attribute for user photo
onthefly-register Register users on the fly if true or 1
usergroup-sync Sync external user groups on login if true or 1
tls If true or 1, use SSL to connect to the server
groups-base groups base DN
ldap-filter LDAP filter
server-type LDAP Server type, valid are free_ipa, active_directory and posix
Cleanup (delete) settings
If the keyword cleanup is provided to foreman-yml, it will try to delete items specified by its name.
foreman-yml cleanup /path/to/config.yml
Section cleanup-[architecture|compute-profile|partition-table|provisioning-template]
cleanup-[architecture|compute-profile|partition-table|provisioning-template]:
- name: foo
- name: barRemoves specified objects, mapping to object.name - name architecture|compute-profile|partition-table|provisioning-template name to delete
Hacking
virtualenv --system-site-packages venv-dev source venv-dev/bin/activate pip install -e .
Future
Dump current settings
Better documentaion
License
GNU GENERAL PUBLIC LICENSE Version 3
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file foreman-yml-1.0.4.tar.gz.
File metadata
- Download URL: foreman-yml-1.0.4.tar.gz
- Upload date:
- Size: 33.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 7ed873a4821381e2227747d178b5fcd06b2fb48769cb29d1c8aef860cb7ddebd |
|
| MD5 | 4c48e6a5d79f9eb1a66fbb64c60b80f8 |
|
| BLAKE2b-256 | 30bdfc3d034c44c31d94e1758c742bb2ef918276f0175e88b476f57b78012810 |
File details
Details for the file foreman_yml-1.0.4-py2-none-any.whl.
File metadata
- Download URL: foreman_yml-1.0.4-py2-none-any.whl
- Upload date:
- Size: 40.3 kB
- Tags: Python 2
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 203b966dccf71f5ce613bebe86470ce81238b727609c80d342ed2940b41efb12 |
|
| MD5 | 629992ac87c964da64d0116e689abb1b |
|
| BLAKE2b-256 | b16cd7711a0e36374c9652755ada1ee9dbba2c3e6583a866648cdbc8b987ceb4 |
