Foreman

title: “Foreman”
date: 2019-03-19T14:09:37
slug: foreman

yum -y update
yum -y install https://yum.puppetlabs.com/puppet5/puppet5-release-el-7.noarch.rpm
yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum -y install https://yum.theforeman.org/releases/1.20/el7/x86\_64/foreman-release.rpm
yum -y install https://repo.saltstack.com/yum/redhat/salt-repo-latest.el7.noarch.rpm

yum -y install foreman-installer salt-master salt-api psmisc tcpdump mc

foreman-installer \
 --enable-foreman-plugin-salt \
 --enable-foreman-proxy-plugin-salt \
 --foreman-proxy-dhcp=true \
 --foreman-proxy-dhcp-interface=ens9 \
 --foreman-proxy-dhcp-gateway=10.0.0.1 \
 --foreman-proxy-dhcp-range="10.0.0.10 10.0.0.20" \
 --foreman-proxy-dhcp-nameservers="10.0.0.1" \
 --foreman-proxy-dns=true \
 --foreman-proxy-dns-interface=ens9 \
 --foreman-proxy-dns-forwarders=10.83.41.202

systemctl enable salt-master salt-api dhcpd

firewall-cmd --add-port=53/udp --permanent
firewall-cmd --add-port=53/tcp --permanent
firewall-cmd --add-port=67/udp --permanent
firewall-cmd --add-port=68/udp --permanent
firewall-cmd --add-port=69/tcp --permanent
firewall-cmd --add-port=69/udp --permanent
firewall-cmd --add-port=80/tcp --permanent
firewall-cmd --add-port=443/tcp --permanent
firewall-cmd --add-port=8140/tcp --permanent
firewall-cmd --add-port=8443/tcp --permanent

oder:
systemctl stop firewalld
systemctl disable firewalld
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
(reboot system)

Wenn Foreman als Gateway arbeiten soll:
vi /etc/sysctl.conf
net.ipv4.ip\_forward = 1
Print Friendly, PDF & Email