On the agent, add the following near to the top of the file:
# vim /etc/puppet/auth.conf path /run allow *
Note: later on change the "*" to the fqdn of the puppetmaster fqdn.
On the puppetmaster enable mcollective:
$ cat /etc/foreman-proxy/settings.d/puppet.yml . . .# valid providers: # puppetrun (for puppetrun/kick, deprecated in Puppet 3) # mcollective (uses mco puppet) # puppetssh (run puppet over ssh) # salt (uses salt puppet.run) # customrun (calls a custom command with args) :puppet_provider: mcollective . . .
on foreman settings (More -> Settings -> “Puppet”tab), set puppetrun to “true”.
Edit the master sudoers file as described here:
On the agent add the following to sudoers file:
# /etc/sudoers foreman-proxy ALL=(ALL) NOPASSWD: ALL foreman ALL=(ALL) NOPASSWD: ALL
On foreman, You might need to do the following for the first time only:
# on the agent first do: $ service puppet restart # then on master, do: puppet kick puppetagent01.local # then on foreman gui, hit the puppet run button
This might be best:
https://github.com/witlessbird/foreman_mco # you can install this using:
$ yum install ruby193-rubygem-foreman-mco.noarch
I think on the agents you need to do:
$ yum install mcollective-client
Actually, I think the above is done on the foreman server itself, see: