Foreman Ansible Modules ¶
Ansible modules for interacting with the Foreman API and various plugin APIs such as Katello.
Documentation¶
A list of all modules and their documentation can be found at theforeman.org/plugins/foreman-ansible-modules.
Support¶
Supported Foreman and plugins versions¶
Modules should support any currently stable Foreman release and the matching set of plugins. Some modules have additional features/arguments that are only applied when the corresponding plugin is installed.
We actively test the modules against the latest stable Foreman release and the matching set of plugins.
Supported Ansible Versions¶
The supported Ansible versions are aligned with currently maintained Ansible versions that support Collections (2.8+). You can find the list of maintained Ansible versions here.
Supported Python Versions¶
Starting with Ansible 2.7, Ansible only supports Python 2.7 and 3.5 (and higher). These are also the only Python versions we develop and test the modules against.
Known issues¶
Some modules, e.g.
repository_sync
andcontent_view_version
, trigger long running tasks on the server side. It might be beneficial to your playbook to wait for their completion in an asynchronous manner. As Ansible has facilities to do so, the modules will wait unconditionally. See the Ansible documentation for putting tasks in the background. Please make sure to set a high enoughasync
value, as otherwise Ansible might abort the execution of the module while there is still a task running on the server, making status reporting fail.According to Ansible documentation, using loop over Ansible resources can leak sensitive data. This applies to all modules, but especially those which require more secrets than the API credentials (
auth_source_ldap
,compute_resource
,host
,hostgroup
,http_proxy
,image
,repository
,scc_account
,user
). You can prevent this by usingno_log: yes
on the task.eg:
- name: Create compute resources theforeman.foreman.compute_resource: server_url: https://foreman.example.com username: admin password: changeme validate_certs: yes name: "{{ item.name }}" organizations: "{{ item.organizations | default(omit) }}" locations: "{{ item.locations | default(omit) }}" description: "{{ item.description | default(omit) }}" provider: "{{ item.provider }}" provider_params: "{{ item.provider_params | default(omit) }}" state: "{{ item.state | default('present') }}" loop: "{{ compute_resources }}" no_log: yes
Installation¶
There are currently two ways to use the modules in your setup: install from Ansible Galaxy or via RPM.
Installation from Ansible Galaxy¶
You can install the collection from Ansible Galaxy by running ansible-galaxy collection install theforeman.foreman
(Ansible 2.9 and later) or mazer install theforeman.foreman
(Ansible 2.8).
After the installation, the modules are available as theforeman.foreman.<module_name>
. Please see the Using Ansible collections documentation for further details.
Installation via RPM¶
The collection is also available as ansible-collection-theforeman-foreman
from the client
repository on yum.theforeman.org
.
After installing the RPM, you can use the modules in the same way as when they are installed directly from Ansible Galaxy.
Foreman Ansible Roles¶
Roles using the Foreman Ansible Modules to configure Foreman and its plugins.
Documentation¶
For individual role documentation, check the README defined at roles/rolename/README.md
.
Common Role Variables¶
foreman_server_url
: URL of the Foreman server. If the variable is not specified, the value of environment variableFOREMAN_SERVER_URL
will be used instead.foreman_username
: Username accessing the Foreman server. If the variable is not specified, the value of environment variableFOREMAN_USERNAME
will be used instead.foreman_password
: Password of the user accessing the Foreman server. If the variable is not specified, the value of environment variableFOREMAN_PASSWORD
will be used instead.foreman_validate_certs
: Whether or not to verify the TLS certificates of the Foreman server. If the variable is not specified, the value of environment variableFOREMAN_VALIDATE_CERTS
will be used instead.foreman_organization
: Organization where configuration will be applied.