Here’s a behind-the-scenes look at how we worked with a large retail company to build a new rendering engine for Foreman templates.
Modern organizations depend on their server infrastructure not only for most IT functions but also for day-to-day business operations. Being able to manage servers effectively is one of the key competencies of any IT department. The larger the company, the bigger the potential cost of suboptimal server management, poor use of automation of repetitive tasks, outdated security, etc.
In today’s article, we describe how we helped one of our clients to improve their Foreman setup and implement a new template rendering engine that plays important role in their IT infrastructure.
The client
Our client is the IT subsidiary of a leading retail company in Europe. We have been supporting their in-house software developers, data engineers, and IT architects in creating digital solutions for their parent company’s customers and employees.
The challenge
This time they reached out to us with a project to develop new features for Foreman’s template rendering:
1. Provide the possibility to use templates from a Git repository (by default templates were stored in the database)
2. Add support for using credentials from Hashicorp Vault in the templates.
Considering the client’s requirements, we realized that the existing rendering engine needed refactoring. Therefore we decided to build a new engine which was based on the old one but also included the new features.
What is Foreman and how it generates executable scripts
Foreman is an Open Source application that automates the lifecycle of physical and virtual Linux-based servers (called hosts). It’s used to manage servers across organizations, especially large ones, automate repetitive tasks, and deploy applications. If you’re not familiar with this tool, check out our article about how it helps approach various challenges in IT companies.
An important part of Foreman is the template rendering engine. It turns the ERB (Embedded Ruby) templates into executable scripts, for example, a template `<%= "#{@host.fqdn} #{@host.ip}" %>` produces `host.example.com 192.168.1.2`. Variables and macros enable access to the data within templates. You can read more about that in the Foreman’s documentation: writing ERB templates, variables, and macros. Over the years, more features have been added to the engine, and the code has become much more complicated.
Our solution
First, we designed a new template rendering system while making sure it covers all the client’s needs. Once it was ready, we also carried out the implementation. The new system is:
- Fully compatible with the old one, contains all the previously existing features, and passes all tests.
- Extendable with additional context details (i.e. variables, macros) through Foreman plugins.
- Divided into modules – we refactored the old monolith engine into modules.
- Independent of the template source.
From Foreman 1.20, the new template rendering engine replaced the old one.
We also introduced a new way of testing templates by using snapshots, as well as created Foreman plugins adjusted for the new engine:
- *foreman_git_templates* plugin adds support for templates from Git repositories. In order for a host to use templates from a Git repository, set the host parameter named `template_url`.
- *foreman_vault* plugin adds support for credentials from Hashicorp Vault by introducing a new `vault_secret` macro.
Foreman plugins and integrations
Foreman is a powerful tool that can be adjusted to different requirements through third-party or custom plugins. Over the last years, our backend team has been offering Foreman development services, been active members of the community, and created a number of custom plugins to serve the specific needs of our clients.
If you’re considering Foreman for your project, or already have it implemented, but are missing some functionalities, let’s see how iRonin.IT could help you with that!
