Integrating ManageIQ and The Foreman


#1

Intro:
ManageIQ is commonly leveraged by customers for provisioning. We have a few concepts in common with The Foreman (i.e. ERB customization templates), however we go much deeper into the pre-provision, post-provision and user friendliness of the task. We also offer service provisioning which can wrap several OS installations. The Foreman offers much more flexibility of the installation using partials to dynamically generate a kickstart based on multiple templates. They also offer the ability to customize the OS after the provision job is complete using puppet to manage the desired state. We should focus on the strong points of each project and enhance each as necessary to provide a better provisioning experience to the end user. After doing some research I have put together some thoughts on integrating with The Foreman.

Stages:
First: Collect inventory and Map Foreman objects to ManageIQ objects.
Second: Offload ManageIQ host provisioning (bare metal)
Third: Offload ManageIQ provisioning via ISO and PXE
Future:

  • Add support for managing which puppet scripts are applied to the Host / VM
  • Integrate Puppet scripts and report results with ManageIQ’s control to get event driven compliance?

Inventory Challenges:

  • Where to store data about The Foreman (and other management tools
    like IPAM in the future) in ManageIQ?

  • Traditionally the ExtManagementSystem has been Virtualization providers, but this
    sounds like another type of EMS which would require dropping a new
    subclass between ExtManagementSystem and its children (maybe EmsVirt)
    to keep it separate from things like EmsForeman

  • The Foreman refers to
    all machines as a Host, ManageIQ tracks Hosts and VMs/Instances in
    different tables, we need to map these objects to each other

    • Need a
      new class for Foreman Hosts (needs a name) that can then belong_to a
      Host or Vm

Provisioning Challenges:

Enabling multi-select of customization templates in the UI When using Foreman as a provisioning type


#2

This is great. Goes without saying that you should present this at the design summit.


#3

Would this also include discovering smart proxies (capsules) available through the foreman server? How would the foreman system map to a zone and region concept in manageIQ?


#4

The ‘pre-boot’ cycle needs to be included in this integration - e.g. PXE boot configuration/provisioning via Cobbler, Puppet Hanlon.


#5

Sorry for the x-post from Github, I laid out a few points on the strengths of ManageIQ and Foreman in an issue.

PS: Where should we have this discussion? Twitter told me this board is the place rather than Github, now I’m confused.


#6

@eLobato Thanks for the github post

I think it would be great to have both products work together.
Not exactly sure that we should merge the products, or plug one of them into the other. Both are quite large.

True, we both have CLIs, robust extension mechanisms, UI customization, and orchestration engines to assist our users in configuring machines.
But to me, it seems the two are focused on very different aspects of helping a customer maintain a cloud.

Foreman’s main strength is the host group. Defining the machine’s profile to configure them, customize them, maintain them with software updates, and auditing them. Detect when machines drift off of the standard profile, and get them back. Whether it is the kickstarts with partial support, or the puppet integration, it sure excels in customizing the configuration and ensuring the machines stay within the configuration.

ManageIQ’s main strength is the interaction across machine boundaries. Understanding how many machines are running in each region, the best place to start new machines, rules to start/stop machines, managing total numbers of licenses across the whole cluster, workflows allowing the business to determine if, when and where users are allowed to start up new systems.

Both systems can do some of the things I highlighted for the other, but this seems like a good place for collaboration between both systems. (Only have preliminary information on foreman, but am learning more and more daily)


#7

Alright then, since we both want things from the other product, let’s start figuring out parts that can be modularized and consumed.

About ManageIQ components integration in Foreman, I’m really, really sorry to say I’ll be quite time-constrained in the short term but kicking off some collaboration efforts and laying out some plans would be very beneficial for both sides. So, I’ll just cite one item ManageIQ does really well (out of a lot more) to get this started, and we can move on and integrate more in the future.

You guys did a great job on making discovery in providers easy as pie from the user point of view. I’m not very familiar with the approach, could you describe or give some pointers about agent-free discovery, and how would another project use it as it is right now?

For integration of Foreman components into ManageIQ, please ask away. Parts of it are very modular while other are not (like you mentioned, Host groups). I’m looking forward to help with anything from planning to modularizing Foreman to make it more pluggable.


#8

Just a random question here out of curiosity. Will this be the first time that a single object would be visible under multiple providers?

For example, I could use Foreman to provision an OpenStack node that would also be visible through the OpenStack provider. Would it understand that the objects are the same?


#9

@geertj Great question. The notion of unique identifier and correlation amongst providers is absolutely essential to successful integration. You want a way to - automatically when possible - reconcile various representations of a same object.
That particular point was discussed during the session @ ManageIQ summit on the subject and identified as a key area of this project.