This example will walk us through the process of adding a standalone Puppet host to Foreman for the purpose of managing the host through Puppet. In this instance we are going to create a standalone-hostgroup for the server.
Note that the Foreman server must be able listening on ports 8140, and 6163 (according to Puppet documentation). My RHEL7 Foreman host was listening on these ports, but the firewall was blocking any inbound connections. I corrected this with the commands shown below.
First I needed to determine my default firewalld zone.
# firewall-cmd –get-default-zone
Then I ran the commands below to punch a hole in the firewall to allow the required traffic. I also reloaded firewald.
Setting a server’s hostname used to be as simple as running the ‘hostname’ command and adding a “HOSTNAME” entry in /etc/sysconfig/network. However things have changed quite a bit in RHEL7. Apparently, systemd now controls setting a server’s hostname. The ‘hostname‘ command no longer works to set your hostname, however the command is still available just to confuse you.
Now in RHEL 7 you use the command ‘hostnamectl‘. Below is an example of how it works.
Here I have logged into my a RHEL 7.1 VM. You can see that the system appears to have the hostname of node1.
[root@node1 ~]# hostname
However upon further inspection, I find that this is not the case. Rather, the server has a static hostname of localhost.localdomain.
Unless you have been using Firewalld in the last few releases of Fedora, as some out there have, then you probably could probably use a few pointers to get you started on your way to configuring your Linux firewalls the “new-fangled fancy way”. This is especially the case if you plan on moving to RHEL7 anytime soon — as Firewalld is the default there. So put on your big boy (or girl) pants and say goodbye to your old friend IPTABLES.
provides a dynamically managed firewall with support for network “zones” to assign a level of trust to a network and its associated connections and interfaces. It has support for
firewall settings. It supports Ethernet bridges and has a separation of runtime and permanent configuration options. It also has an interface for services or applications to add firewall rules directly”
Wow, how fancy. So how do we use it? Well let’s take a stab at enabling HTTP access to our Fedora21 workstation.
First thing first, lets figure out what our default done is on our workstation.