updates to latest releases

Author: dgoetz

Setup.md

@@ -29,7 +29,7 @@ To setup the Katello demo follow this guide (it requires vagrant and ansible to
 
     # git clone https://github.com/Katello/forklift.git
     # cd forklift
-    # vagrant up centos7-katello-3.4
+    # vagrant up centos7-katello-3.7
 
 This will setup your Katello server, login with the provided credentials and add the following content:
 
@@ -48,7 +48,7 @@ This will setup your Katello server, login with the provided credentials and add
 
 Register the system to itself:
 
-    # vagrant ssh centos7-katello-3.4
+    # vagrant ssh centos7-katello-3.7
     # yum -y install katello-agent http://$(hostname -f)/pub/katello-ca-consumer-latest.noarch.rpm
     # subscription-manager register --org Default_Organization --activationkey="CentOS7-Test"
 

advanced/02_cleanup.md

@@ -133,3 +133,25 @@ before restarting the service you can optionally run the foreman-installer in si
 and see pending config changes, if some are shown run the foreman-installer again to apply them finally.
 
 ~~~ENDSECTION~~~~
+
+
+!SLIDE smbullets small
+# Foreman Maintain
+
+* A tool developed to automate the previous tasks
+* Handles multiple strategies for
+ * Backup
+ * Restore
+* Handles Updates including Health checks
+* Maintenance mode prevents access to Foreman
+
+~~~SECTION:handouts~~~
+
+****
+
+Foreman Maintain is a newly developed tool which tries to automate the previous tasks. It can handle multiple strategies for backup and restore,
+like offline and online, full and incremental. It ensures system health during Update and its maintenance mode prevents access to Foreman.
+
+For more information: https://theforeman.org/plugins/foreman_maintain/0.2/index.html
+
+~~~ENDSECTION~~~

advanced/03_api.md

@@ -24,7 +24,7 @@ in the WebGUI but they have to be URL encoded.
 
 Usage explainations can be found at http://theforeman.org/manuals/latest/index.html#5.1API
 
-API documentation is located at http://theforeman.org/api/1.16/index.html
+API documentation is located at http://theforeman.org/api/1.18/index.html
 
 ~~~ENDSECTION~~~
 
@@ -90,7 +90,7 @@ In the following command the ids depend on your environment and may differ:
 
     # curl -k -u admin:PASSWORD -H "Accept: version=2,application/json" -H "Content-Type: application/json" \ 
     -X POST -d '{ "name":"training", "environment_id":"1", "puppet_ca_proxy_id":"1", "puppet_proxy_id":"1", 
-    "subnet_id":"1", "domain_id":"1", "architecture_id":"1", "operatingsystem_id":"1", medium_id":"1", "ptable_id":"80", 
+    "subnet_id":"1", "domain_id":"1", "architecture_id":"1", "operatingsystem_id":"1", medium_id":"1", "ptable_id":"94", 
     "root_pass":"start123" }' \
     https://foreman.localdomain/api/hostgroups | python -m json.tool
 

advanced/04_cli.md

@@ -35,7 +35,7 @@ A list of plugins is provided by the Github page of the framework: https://githu
  * Make sure to provide the correct credentials.
  * Create the new Operatingsystem entry for "CentOS 6.8"
  * Associate the template "Kickstart default PXELinux" and set it as default template
- * Associate the template "Kickstart RHEL default" and set it as default template
+ * Associate the template "Kickstart default" and set it as default template
 
 
 !SLIDE supplemental exercises
@@ -54,7 +54,7 @@ A list of plugins is provided by the Github page of the framework: https://githu
 * Make sure to provide the correct credentials.
 * Create the new Operatingsystem entry for "CentOS 6.8"
 * Associate the template "Kickstart default PXELinux" and set it as default template
-* Associate the template "Kickstart RHEL default" and set it as default template
+* Associate the template "Kickstart default" and set it as default template
 
 
 !SLIDE supplemental solutions
@@ -86,10 +86,10 @@ The ids may vary depending on our environment but you can get them with the list
 
     # hammer template add-operatingsystem --name "Kickstart default PXELinux" \
     --operatingsystem "CentOS 6.8"
-    # hammer os set-default-template --config-template-id 24 --id 4
+    # hammer os set-default-template --config-template-id 35 --id 6
 
-### Associate the template "Kickstart RHEL default" and set as default template
+### Associate the template "Kickstart default" and set as default template
 
-    # hammer template add-operatingsystem --name "Kickstart RHEL default" \
+    # hammer template add-operatingsystem --name "Kickstart default" \
     --operatingsystem "CentOS 6.8"
-    # hammer os set-default-template --config-template-id 22 --id 4
+    # hammer os set-default-template --config-template-id 31 --id 6

advanced/07_monitoring.md

@@ -28,15 +28,15 @@ because of redirect rules directing the request to HTTPs.
 
     check_http -H foreman.localdomain -e 301
 
+~~~PAGEBREAK~~~ 
+
 Log entries containing "500 Internal Server Error" will typically indicate a software failure caused by
 something not running properly or a bug. Check_logfiles provided at http://labs.consol.de could be used
 to monitor.
 
     check_logfiles --logfile /var/log/foreman/production.log --rotation loglogdate8logdate8gz \
     --criticalpattern '500 Internal Server Error' --tag foreman
 
-~~~PAGEBREAK~~~ 
-
 To monitor the Smart proxy query the feature list for expected features as a feature will be deactivated if
 an error during startup occures.
 

architecture/01_foreman.md

@@ -3,7 +3,7 @@
 
 * Web Interface + API + CLI
 * Supported platforms:
- * Server: RHEL/Fedora, Debian/Ubuntu, (Linux)
+ * Server: RHEL/CentOS, Debian/Ubuntu, (Linux)
  * DB: PostgreSQL, MySQL, SQLite
  * Provisioning: RHEL/Fedora, Debian/Ubuntu, Solaris, SuSE, CoreOS, FreeBSD, Juniper Junos, Cisco NX-OS, (Windows, MacOS)
 * Usermanagement:
@@ -28,7 +28,7 @@
 
 Foreman provides in addition to the Web Interface an API and CLI.
 
-It supports as platform RHEL/Fedora and Debian/Ubuntu via packages and via installation from source
+It supports as platform RHEL/CentOS and Debian/Ubuntu via packages and via installation from source
 also other Linux distribution. 
 
 As database backend PostgreSQL, MySQL and SQLite are supported, while the default is PostgreSQL, 

architecture/02_smart_proxy.md

@@ -4,7 +4,7 @@
 * Autonomous web-based component
  * Restful API to connect to various systems from Foreman
  * Decentralisation of some Foreman features (templates) for isolated networks
-* Supported Platforms: RHEL/Fedora, Debian/Ubuntu, (Linux, Windows)
+* Supported Platforms: RHEL/CentOS, Debian/Ubuntu, (Linux, Windows)
 * Supported Subsystems:
  * DHCP - ISC DHCP, MS DHCP Servers, Libvirt
  * DNS - Bind, PowerDNS, Route53, MS DNS Server, Libvirt
@@ -27,7 +27,7 @@
 The smart proxy is an autonomous web-based component providing a restful API to connect to varios
 systems from higher ochestration tools such as Foreman. 
 
-The Project provides packages for installation on RHEL/Fedora and Debian/Ubuntu. Installing from
+The Project provides packages for installation on RHEL/CentOS and Debian/Ubuntu. Installing from
 source allows to support other Linux distributions and also Windows which is required for some 
 implementations of subsystems.
 
@@ -80,6 +80,8 @@ needs netsh command installed and the user running the service needs administrat
 server does not need to be the DHCP server. For testing enviroments also an implementation for Libvirt
 using libvirt API to manage the dnsmasq underneath is available, a productive use is not recommended.
 
+Additional providers like infoblox or remote connection to ISC DHCP are available as plugins.
+
 ~~~ENDSECTION~~~
 
 !SLIDE smbullets small
@@ -128,6 +130,8 @@ possibilty is to install the Smart Proxy on a Windows server and give it the pri
 Other implementations like PowerDNS and Route53 are also supported. Libvirt is again only supported as a
 testing environment.
 
+Additional providers like infoblox or powerdns are available as plugins.
+
 ~~~ENDSECTION~~~
 
 
@@ -165,6 +169,12 @@ in the most cases no manual configuration is required because it is completly in
  * allows certificate management using the Web GUI
  * creates autosign entry for hosts during provisioning
 
+~~~SECTION:notes~~~
+
+WIP: Tokenbased autosigning - https://github.com/theforeman/smart-proxy/pull/592
+
+~~~ENDSECTION~~~
+
 ~~~SECTION:handouts~~~
 
 ****

configmanagement/02_puppet.md

@@ -258,7 +258,7 @@ from unprivileged users.
 
 Navigate to "Configure > Classes" and select the class "training::user". In the "Smart Class Parameter" tab
 insert your name as Default Value for the id of the user, add a ssh public key as Default Value for ssh_pub_key,
-for the parameter sudo select override and set the default to true.
+for the parameter sudo select override, set the key type to boolean and the default to true.
 
 Hint: To create a ssh key pair run "ssh-keygen". The key string required for the puppet module is the second part
 of the pub file.

configmanagement/03_ansible.md

@@ -51,13 +51,6 @@ back to other tools.
  * Ansible transfers reports to Foreman via callback
  * Ansible uses Foreman as dynamic inventory
 
-~~~SECTION:notes~~~
-
-Role import is broken in the Smart proxy but works still in the Foreman integration
-Playing roles is broken in Foreman integration but works using Smart proxy
-
-~~~ENDSECTION~~~
-
 ~~~SECTION:handouts~~~
 
 ****
@@ -143,14 +136,14 @@ The playbook only requires an array of hosts and roles.
 ### Configure callback plugin 
 
     # vi /etc/ansible/ansible.cfg
+    [defaults]
     callback_whitelist = foreman
-    bin_ansible_callbacks = True
-    # vi .bash_profile
-    export FOREMAN_URL="https://foreman.localdomain"
-    export FOREMAN_SSL_CERT="/etc/puppetlabs/puppet/certs/foreman.localdomain.pem"
-    export FOREMAN_SSL_KEY="/etc/puppetlabs/puppet/private_keys/foreman.localdomain.pem"
-    export FOREMAN_SSL_VERIFY="false"
-    # . .bash_profile
+    ...
+    [callback_foreman]
+    url = 'https://foreman.example.com'
+    ssl_cert = /etc/puppetlabs/puppet/ssl/certs/foreman.localdomain.pem
+    ssl_key = /etc/puppetlabs/puppet/ssl/private_keys/foreman.localdomain.pem
+    verify_certs = /etc/puppetlabs/puppet/ssl/certs/ca.pem
 
 ### Add your host to the inventory
 
@@ -166,7 +159,7 @@ The playbook only requires an array of hosts and roles.
 
 ### Download the role "reallyenglish.ntpd"
 
-    # ansible-galaxy install reallyenglish.ntpd
+    # ansible-galaxy install reallyenglish.ntpd -p /etc/ansible/roles
 
 ### Create a playbook and run it
 
@@ -228,8 +221,8 @@ You can run the script directly to the output and use it with the parameter `-i`
 
 ### Download Dynamic Inventory and sample configuration
 
-    # wget -p /etc/ansible/ http://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/foreman.ini
-    # wget -p /etc/ansible/ http://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/foreman.py
+    # wget -P /etc/ansible/ http://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/foreman.ini
+    # wget -P /etc/ansible/ http://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/foreman.py
     # chmod +x /etc/ansible/foreman.py
 
 ### Adjust configuration
@@ -255,16 +248,14 @@ You can run the script directly to the output and use it with the parameter `-i`
 * Steps:
  * Install Foreman Plugin and Smart Proxy Plugin
  * Import roles and assign them
- * Configure settings in Foreman
  * Prepare Smart proxy to play roles
  * Play roles using the webinterface 
 
 ~~~SECTION:handouts~~~
 
 ****
 
-Graphical integration has some bugs and requires improvements which are worked on.
-Also integration with the callback plugin is not easy as it utilizes environment variables for configuration.
+Graphical integration uses Remote-Execution plugin which will be covered later in more depth.
 
 ~~~ENDSECTION~~~
 
@@ -283,19 +274,9 @@ Also integration with the callback plugin is not easy as it utilizes environment
 
 * Install Foreman Plugin and Smart Proxy Plugin using foreman-installer
 * Import roles and assign them
-
-This requires to adjust the Ansible configuration to include only a single roles_path.
-
-* Configure settings in Foreman
-
-You can configure the account used, the password and how to get superuser privileges.
-You can override configuration with host parameters.
-In production do not use root, but keep it now.
-
 * Prepare Smart proxy to play roles
 
-Smart Proxy needs a SSH configuration to disable host key checking and an Ansible directory
-to play roles.
+Smart Proxy needs a SSH key to play roles.
 
 * Play roles using the webinterface 
 
@@ -315,25 +296,17 @@ to play roles.
 
 * Import roles and assign them
 
-Adjust the Ansible configuration to include only a single roles_path.
-
-    # vi /etc/ansible/ansible.cfg
-    roles_path = /etc/ansible/roles
-
-Navigate to "Configure > Roles" and import using "Import from Foreman host".
+Navigate to "Configure > Roles" and import using "Import from foreman.localdomaon".
 Afterwards navigate to the host and edit them to assign the roles in the new "Ansible Roles" tab.
 
-* Configure settings in Foreman
-
-Navigate to "Administer > Settings", on the "Ansible" tab set the password.
-
 * Prepare Smart proxy to play roles
 
-    # install -o foreman-proxy -g foreman-proxy -m 0755 -d ~foreman-proxy/.ansible
-    # install -o foreman-proxy -g foreman-proxy -m 0755 -d ~foreman-proxy/.ssh
-    # sudo -u foreman-proxy vi ~foreman-proxy/.ssh/config
-    Host *
-       StrictHostKeyChecking on
+    # install -o foreman-proxy -g foreman-proxy -m 0700 -d ~foreman-proxy/.ssh
+    # su - foreman-proxy -s /bin/bash
+    # ssh-keygen -f .ssh/id_rsa_foreman_proxy
+    [ENTER]
+    [ENTER]
+    # ssh-copy-id -i .ssh/id_rsa_foreman_proxy root@foreman.localdomain
 
 * Play roles using the webinterface 
 

global/Pre/Training/02_Forthcoming_Training.md

@@ -1,14 +1,12 @@
 !SLIDE small noprint
 # Forthcoming Hands-on Training
 
-* 06.03.2018 - 07.03.2018 [NETWAYS](https://www.netways.de/schulungen/foreman/) (German)
-* 03.07.2018 - 04.07.2018 [NETWAYS](https://www.netways.de/schulungen/foreman/) (German)
-* 20.11.2018 - 21.11.2018 [NETWAYS](https://www.netways.de/schulungen/foreman/) (German)
+* 20.11.2018 - 21.11.2018 [NETWAYS](https://www.netways.de/en/trainings/foreman/) (German)
 
 
 !SLIDE center noprint
 # Forthcoming Hands-on Training
 
 For other events and trainings hosted by NETWAYS see our
 
-[event calendar](https://www.netways.de/en/about_netways/events/)
+[event calendar](https://www.netways.de/en/about_us/events/)