Open source release

.gitignore

@@ -0,0 +1 @@
+stats

COPYING.md

@@ -0,0 +1,3 @@
+Copyright (c) 2016 NETWAYS GmbH <[email protected]>
+
+Material is licensed under (http://creativecommons.org/licenses/by-sa/4.0/)[http://creativecommons.org/licenses/by-sa/4.0/]

README.md

@@ -0,0 +1,63 @@
+# Training
+
+This training is designed as a two day hands-on training introducing Foreman.
+
+In the training you will get basic knowlegde of the architecture of Foreman. You will
+install and configure Foreman to provide several ways of provisioning. The configuration
+management solution used is Puppet to show configuration management integration into Foreman.
+Furthermore user and permission management of Foreman is shown. And last but not least
+Foreman's extensibility is shown by introducing some plugins from basic ones to Katello.
+
+Targeted audience are experienced Linux administrators in need of a provisioning and
+management solution for their systems. Knowledgement of Puppet is of advantage but not
+required.
+
+## Online Material
+
+In addition to the sources you can find the rendered material on 
+[netways.github.io](https://netways.github.io/foreman-training)
+
+* [Presentation](https://netways.github.io/foreman-training)
+* [Handouts](https://github.com/NETWAYS/foreman-training/releases/download/v1.0/foreman-training-handouts.pdf)
+* [Exercises](https://github.com/NETWAYS/foreman-training/releases/download/v1.0/foreman-training-exercises.pdf)
+* [Solutions](https://github.com/NETWAYS/foreman-training/releases/download/v1.0/foreman-training-solutions.pdf)
+
+## Provide your own training
+
+Feel free to use this material as it is to provide your own training.
+
+To run the presentation you will need [showoff 0.9.11.1](https://rubygems.org/gems/showoff/versions/0.9.11.1).
+After installing it simply run `showoff serve` to get presenter mode with additional notes
+and display window to present to your students.
+
+For creating the rendered documents on your own run `showoff static print` (handouts),
+`showoff static supplemental exercises` (exercises) or `showoff static supplemental solutions`
+(solutions) followed by 
+`wkhtmltopdf -s A5 --print-media-type --footer-left [page] --footer-right 'Foreman Training' static/index.html handouts.pdf`
+
+If you want to change the design to represent your corporate identity have a look at 'foreman.css',
+to change the included content adjust 'showoff.json' for example to add your own introduction as pre slides.
+
+There will be optional content included in the training repository which does not fit in our
+two day training, for example adding content about Docker integration is planed. This material
+can be included in your training material by changing 'showoff.json', too. In the same way
+remove content you do not want to show or change order if you feel it fits your need better.
+
+For some notes on setting up the training enviroment have a look at 'Setup.md'.
+
+If you provide a training we would be happy to add it to the forthcoming trainings to give you
+some promotion on this site, simply contribute your date to the slides. In exchange we would like
+you to credit us for providing the material.
+In addition you can make sure to add it to the [events](http://theforeman.org/events/) listed by
+the Foreman project.
+
+# Contribution
+
+Patches to fix mistakes or add optional content are always appreciated. If you want to see
+changes on the default content of the training we are open for suggestions but keep in mind
+that the training is intended for a two day hands-on training.
+
+The rendered content will be updated at least if we do a newer version of the material which
+will also be tagged on git.
+
+Material is licensed under [Creative Commons Attribution-ShareAlike 4.0 International](http://creativecommons.org/licenses/by-sa/4.0/).

Setup.md

@@ -0,0 +1,45 @@
+# Setup
+
+## Virtual machine
+
+To setup a new version of the virtual machine install CentOS from ISO, only configuration required is
+setting the network interface to manual, ip address 10.0.0.2, netmask 255.255.0.0, gateway 10.0.0.1,
+dns 10.0.0.1.
+
+Afterwards run the finish.sh provided in the _files directory to setup host entries and openldap.
+
+## Local mirror
+
+A Vagrant file is provided in the directory to setup a local mirror of CentOS 7 x86_64, EPEL 7 x86_64
+and Puppetlabs EPEL 7 x86_64. This machine will require about 20GB.
+
+## Katello Demo
+
+To setup the Katello demo follow this guide:
+
+    # git clone https://github.com/Katello/katello-deploy.git
+    # cd katello-deploy
+    # vagrant up centos7-2.4
+
+This will setup your Katello server, login with the provided credentials and add the following content:
+
+* GPG Key "RPM-GPG-KEY-CentOS-7" by uploading the key from a CentOS 7 system
+* Product "CentOS7" with the key assigned
+* Repository "CentOS7-Base-x86_64" of type "yum" and URL "http://mirror.centos.org/centos/7/os/x86_64/"
+* Sync this repository - it will consume about 7GB
+* Life Cycle Environment "Test" and "Production"
+* Content View "CentOS7"
+ * Add the Repository "CentOS7-Base-x86_64"
+ * Publish new version
+ * Promote "Version 1.0" to Life Cycle Environment "Test"
+* Activation Key "CentOS7-Test"
+ * Assigned to Life Cycle Environment "Test" and Content View "CentOS7"
+ * Subscription to Repository "CentOS7-Base-x86_64"
+
+Use this information to deploy some docker containers as Content Hosts:
+
+    # cd docker/clients/
+    # cp docker-compose.yml.example docker-compose.yml
+    # vi docker-compose.yml
+    # docker-compose scale el7=5
+

Vagrantfile

@@ -0,0 +1,85 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://atlas.hashicorp.com/search.
+  config.vm.box = "https://download.gluster.org/pub/gluster/purpleidea/vagrant/centos-7.1/centos-7.1.box"
+  config.vm.hostname = "mirror"
+  config.vm.synced_folder ".", "/vagrant", type: "rsync"
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine. In the example below,
+  # accessing "localhost:8080" will access port 80 on the guest machine.
+  # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+  # Create a private network, which allows host-only access to the machine
+  # using a specific IP.
+  # config.vm.network "private_network", ip: "192.168.33.10"
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  # config.vm.network "public_network"
+
+  # Share an additional folder to the guest VM. The first argument is
+  # the path on the host to the actual folder. The second argument is
+  # the path on the guest to mount the folder. And the optional third
+  # argument is a set of non-required options.
+  # config.vm.synced_folder "../data", "/vagrant_data"
+
+  # Provider-specific configuration so you can fine-tune various
+  # backing providers for Vagrant. These expose provider-specific options.
+  # Example for VirtualBox:
+  #
+  # config.vm.provider "virtualbox" do |vb|
+  #   # Display the VirtualBox GUI when booting the machine
+  #   vb.gui = true
+  #
+  #   # Customize the amount of memory on the VM:
+  #   vb.memory = "1024"
+  # end
+  #
+  # View the documentation for the provider you are using for more
+  # information on available options.
+
+  # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+  # such as FTP and Heroku are also available. See the documentation at
+  # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+  # config.push.define "atlas" do |push|
+  #   push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+  # end
+
+  # Enable provisioning with a shell script. Additional provisioners such as
+  # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+  # documentation for more information about their specific syntax and use.
+  config.vm.provision "shell", inline: <<-SHELL
+    sleep 10
+    sudo yum -y install rsync httpd
+    sudo systemctl enable httpd.service
+    sudo systemctl start httpd.service
+    # CentOS 7
+    sudo mkdir -p /var/www/html/centos/7.2.1511/os/
+    sudo ln -s /var/www/html/centos/7.2.1511 /var/www/html/centos/7
+    sudo rsync  -avSHP --delete --exclude "local*" --exclude "isos" mirror.eu.oneandone.net::centos/7.2.1511/os/ /var/www/html/centos/7.2.1511/os/
+    sudo mkdir -p /var/www/html/epel/7/x86_64/
+    sudo rsync -vaH --exclude="debug*" --numeric-ids --delete --delete-after --delay-updates rsync://rsync.hrz.tu-chemnitz.de/fedora-epel/7/x86_64/ /var/www/html/epel/7/x86_64/
+    sudo mkdir -p /var/www/html/puppetlabs/el/7/dependencies/x86_64/
+    sudo rsync -av --copy-links --del rsync://yum.puppetlabs.com/packages/yum/el/7/dependencies/x86_64/ /var/www/html/puppetlabs/el/7/dependencies/x86_64/
+    sudo mkdir -p /var/www/html/puppetlabs/el/7/products/x86_64/
+    sudo rsync -av --copy-links --del rsync://yum.puppetlabs.com/packages/yum/el/7/products/x86_64/ /var/www/html/puppetlabs/el/7/products/x86_64/
+  SHELL
+end

_files/share/finish.sh

@@ -0,0 +1,79 @@
+echo "foreman.localdomain" > /etc/hostname
+echo "10.0.0.1 host.localdomain host" >> /etc/hosts
+echo "10.0.0.2 foreman.localdomain foreman" >> /etc/hosts
+
+yum install -y openldap-servers openldap-clients
+
+echo 'dn: olcDatabase={2}hdb,cn=config
+changetype: modify
+replace: olcSuffix
+olcSuffix: dc=localdomain
+-
+replace: olcRootDN
+olcRootDN: cn=admin,dc=localdomain
+-
+add: olcRootPW
+olcRootPW: {SSHA}pQjSq3J3wXsHahiaYh6UyQpCTFx4G80s' > start.ldif
+
+echo 'dn: dc=localdomain
+dc: localdomain
+ou: localdomain
+objectClass: dcObject
+objectClass: organizationalUnit' > domain.ldif
+
+echo 'dn: ou=users,dc=localdomain
+objectClass: organizationalUnit
+ou: users
+description: Users
+
+dn: cn=administrator,ou=users,dc=localdomain
+objectClass: inetOrgPerson
+cn: administrator
+sn: User
+description: Administrator
+userPassword: {SSHA}pQjSq3J3wXsHahiaYh6UyQpCTFx4G80s
+givenName: Administrator
+mail: administrator@localdomain
+uid: administrator
+
+dn: cn=viewer,ou=users,dc=localdomain
+objectClass: inetOrgPerson
+cn: viewer
+sn: User
+description: Viewer
+userPassword: {SSHA}pQjSq3J3wXsHahiaYh6UyQpCTFx4G80s
+givenName: Viewer
+mail: viewer@localdomain
+uid: viewer
+
+dn: cn=selfservice,ou=users,dc=localdomain
+objectClass: inetOrgPerson
+cn: selfservice
+sn: User
+description: Selfservice
+userPassword: {SSHA}pQjSq3J3wXsHahiaYh6UyQpCTFx4G80s
+givenName: Selfservice
+mail: selfservice@localdomain
+uid: selfservice
+
+dn: ou=groups,dc=localdomain
+objectClass: organizationalUnit
+ou: groups
+description: Groups
+
+dn: cn=admins,ou=groups,dc=localdomain
+objectClass: posixGroup
+cn: admins
+description: Admins
+gidNumber: 666
+memberUid: administrator' > users.ldif
+
+systemctl start slapd
+systemctl enable slapd
+ldapadd -Y EXTERNAL -H ldapi:/// -f start.ldif
+ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
+ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
+ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
+ldapadd -x -D "cn=admin,dc=localdomain" -w netways -f domain.ldif
+ldapadd -x -D "cn=admin,dc=localdomain" -w netways -f users.ldif
+

_files/share/users.ldif

@@ -0,0 +1,46 @@
+dn: ou=users,dc=localdomain
+objectClass: organizationalUnit
+ou: users
+description: Users
+
+dn: cn=administrator,ou=users,dc=localdomain
+objectClass: inetOrgPerson
+cn: administrator
+sn: User
+description: Administrator
+userPassword: {SSHA}pQjSq3J3wXsHahiaYh6UyQpCTFx4G80s
+givenName: Administrator
+mail: administrator@localdomain
+uid: administrator
+
+dn: cn=viewer,ou=users,dc=localdomain
+objectClass: inetOrgPerson
+cn: viewer
+sn: User
+description: Viewer
+userPassword: {SSHA}pQjSq3J3wXsHahiaYh6UyQpCTFx4G80s
+givenName: Viewer
+mail: viewer@localdomain
+uid: viewer
+
+dn: cn=selfservice,ou=users,dc=localdomain
+objectClass: inetOrgPerson
+cn: selfservice
+sn: User
+description: Selfservice
+userPassword: {SSHA}pQjSq3J3wXsHahiaYh6UyQpCTFx4G80s
+givenName: Selfservice
+mail: selfservice@localdomain
+uid: selfservice
+
+dn: ou=groups,dc=localdomain
+objectClass: organizationalUnit
+ou: groups
+description: Groups
+
+dn: cn=admins,ou=groups,dc=localdomain
+objectClass: posixGroup
+cn: admins
+description: Admins
+gidNumber: 666
+memberUid: administrator

advanced/00_overview.md

@@ -0,0 +1,3 @@
+!SLIDE subsection
+# ~~~SECTION:MAJOR~~~ Advanced Topics
+

advanced/01_web.md

@@ -0,0 +1,56 @@
+!SLIDE subsectionnonum
+# WebGUI
+
+!SLIDE smbullets small
+# Searches
+
+* Almost all views are simple lists
+* Some views like "Reports" have a default filter
+* Most views provide additional searches
+* Bookmark and share your own search
+
+<div style="text-align:right">
+<img src="./_images/foreman-searches.png" style="float: right, max-width:200px; max-height: 250px; width: auto; height: auto; margin-top: 50px; margin-right: 50px" alt="Foreman Searches"/>
+</div>
+
+~~~SECTION:handouts~~~
+
+****
+
+~~~PAGEBREAK~~~
+
+In the Foreman WebGUI almost all views are simple unfiltered lists, some views like the "Reports" view are filtered by
+default using a search and most provide additional searches to quickly filter for typically views like 'all hosts
+out of sync'. But the WebGUI is not limited to these searches you can always create your own and bookmark it for later.
+Setting a bookmark to public allows to share it with other users.
+
+The search field can be used for a free text search but gets more powerful if using the autosuggestions. It provides
+different comparison operators depending on the type of the field compared including SQL like wildcard matching.
+
+For more details see: http://theforeman.org/manuals/latest/index.html#4.1.5Searching
+
+~~~ENDSECTION~~~
+
+!SLIDE smbullets small
+# Trends
+
+* Graphs changes in your enviroment
+* Configured in the WebGUI and collected by a cronjob
+* Internal Host parameters or Facts provided by Configuration Management
+
+<div style="text-align:right">
+<img src="./_images/foreman-trend-puppetversion.png" style="float: right, max-width:200px; max-height: 300px; width: auto; height: auto; margin-top: 50px; margin-right: 50px" alt="Foreman Trends"/>
+</div>
+
+~~~SECTION:handouts~~~
+
+****
+
+~~~PAGEBREAK~~~
+
+Foreman can provide graphs about changes in your environment. Those are configured and displayed in the WebGUI in
+"Monitor > Trends" and a cronjob is performs the data collection. By default this cronjob runs every 30 minutes matching 
+Puppet's default run interval because most trends will be based on the facts collected by the configuration management
+solution, another source are Foreman's internal parameters like the operatingsystem of the host.
+
+~~~ENDSECTION~~~