You may want to check how much disk space is available to accommodate the amount and size of RHEL repositories you want to enable and synchronize:
Also, make sure to configure your firewall rules:
- If you want to install the latest published version of Satellite 6, then follow these instructions.
- If you want to install the latest build off a compose, then follow these instructions instead.
If you want to use Libvirt and install/configure a default/internal capsule with support for DHCP, DNS, TFTP, then do the following:
- Configure your Satellite 6 instance to handle an internal DHCP, DNS, TFTP, Puppet and Puppet CA capsule
- Run this script
If you want to increase the DEBUG level for your logs:
$ sed -i -e 's/# config.log_level = :debug/config.log_level = :debug/' /usr/share/foreman/config/environments/production.rb
$ sed -i -e 's/# log_level: INFO/log_level: INFO/' /etc/pulp/server.conf
$ katello-service restart
If you want to configure your Satellite behind a proxy, then check this script
In order to have all the pre-'seeded' content available to the default Default Organization organization, do the following:
-
Edit Default Location Location
- Select initial default Capsule
- Select the Default Organization organization
-
Edit Default Organization
- Select all available Capsules
-
Refresh Capsule
- Select your capsule and click the Refresh features entry in the dropdown
-
Edit Capsule
- Select Default Organization
- Select Default Location location
-
Edit Domain (you should see a default domain matching your server's domain)
- Domains tab
- Select your Capsule for the DNS Proxy field
- Locations tab
- Select Default Location location
- Organizations tab
- Select Default Organization organization
- Domains tab
-
Create libvirt_subnet Subnet by choosing Import Subnet option from Capsule
-
Edit libvirt_subnet
- Select the default domain
- Select Default Organization organization
- Select Default Location** location
- Select Proxies
- DHCP Proxy: Default capsule
- TFTP Proxy: Default capsule
- DNS Proxy: Default capsule
- Discovery Proxy: Default capsule
This can also be done via hammer cli as shown below:
export ADMIN_USER="admin"
export ADMIN_PASSWORD="changeme"
export ORGANIZATION="Default Organization"
export LOCATION_ID=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv location list | grep 'Default Location' | cut -d ',' -f 1 | grep -vi 'id')
echo LOCATION ID: $LOCATION_ID
export CAPSULE_ID=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv capsule list | cut -d ',' -f 1 | grep -vi 'id')
echo CAPSULE ID: $CAPSULE_ID
export DOMAIN_ID=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv domain list | cut -d ',' -f 1 | grep -vi ID)
echo DOMAIN ID: $DOMAIN_ID
# Adding Org to Default location
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD location add-organization --id ${LOCATION_ID} --organization="${ORGANIZATION}"
# Associate default capsule to default domain
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD domain update --id ${DOMAIN_ID} --dns-id ${CAPSULE_ID}
# Add default domain to default location
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD location add-domain --id ${LOCATION_ID} --domain-id ${DOMAIN_ID}
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD organization add-domain --name "${ORGANIZATION}" --domain-id ${DOMAIN_ID}
# Create new subnet and associate it to default org and location
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD subnet create --name 'libvirt_subnet' --domain-ids $DOMAIN_ID --dns-id ${CAPSULE_ID} --dhcp-id ${CAPSULE_ID} --tftp-id ${CAPSULE_ID} --network '192.168.100.0' --mask '255.255.255.0'
# Add subnet to default location and organization
export SUBNET_ID=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv subnet list | cut -d ',' -f 1 | grep -vi ID)
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD location add-subnet --id ${LOCATION_ID} --subnet-id ${SUBNET_ID}
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD organization add-subnet --name "${ORGANIZATION}" --subnet-id ${SUBNET_ID}
-
Create DEV lifecycle-environment for Default Organization with Library as prior environment
-
Create QE lifecycle-environment for Default Organization with DEV as prior environment
-
Create custom products
- Name: Puppet Modules
- Repository: MoTD
- Download the motd puppet module from https://forge.puppetlabs.com/jeffmccune/motd
- Select the newly created repository and manually import the motd Puppet module
- Name: Puppet Modules
-
Import RH manifest
- Enable Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server
- Enable Red Hat Enterprise Linux 7 Server Kickstart x86_64 7.1
- Enable Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 7Server
- Enable Red Hat Satellite Capsule 6 Beta for RHEL 7 Server RPMs x86_64
-
Synchronize repos
-
Create Content View RHEL 7 CV
- Content tab
- Add Repository Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server
- Add Repository Red Hat Enterprise Linux 7 Server Kickstart x86_64 7.1
- Add Repository Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 7Server
- Puppet Modules
- Add the motd puppet module imported previously
- Publish it
- Promote it to DEV
- Content tab
-
Create Content View Capsules
- Content tab
- Add Repository Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server
- Add Repository Red Hat Satellite Capsule 6 Beta for RHEL 7 Server RPMs x86_64
- Add Repository Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 7Server
- Publish it
- Promote it to DEV
- Content tab
-
Create Host Collections RHEL 7
-
Create Host Collections Capsules
-
Create Activation Key ak-rhel-7
- Select DEV environment
- Select RHEL 7 CV content view
-
Edit ak-rhel-7 Activation Key
- Add Subscriptions
- Red Hat Employee Subscription
- Puppet Modules
- Associate with Host Collections RHEL 7
- Add Subscriptions
-
Create Activation Key ak-capsule-7
- Select DEV environment
- Select Capsules content view
-
Edit ak-capsule-7 Activation Key
- Add Subscriptions
- Red Hat Employee Subscription
- Red Hat Satellite Employee Subscription
- Puppet Modules
- Associate with Host Collections Capsules
- Add Subscriptions
-
Create a new Compute Resource
- Compute Resource tab
- Name: qe_libvirt
- Provider: Libvirt
- URL: qemu+tcp://localhost:16509/system
- Display type: VNC
- Console password - [x]
- Locations tab
- Choose the Default Location** location
- Organizations tab
- Choose Default Organization
- Compute Resource tab
-
Create a new Host Group
- Host Group tab
- Name RHEL 7 HG
- Environment: KT_Default_Organization_DEV_Capsule_RHEL_7_CV_7
- Content View: RHEL 7 CV
- Content Source: $FQDN
- Puppet CA: $FQDN
- Puppet Master: $FQDN
- Puppet Classes tab
- Select the motd puppet module
- Network tab
- Domain: the default domain
- Subnet: libvirt_subnet
- Operating System tab
- Architecture: x86_64
- Operating system: RHEL 7
- Media: Default_Organization/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_1
- Partition table: Kickstart default
- Root password: <TYPE_DESIRED_PASSWORD>
- Locations tab
- Select Default Location** location
- Organizations tab
- Select Default Organization
- Activation Keys tab
- Select ak-rhel-7
- Host Group tab
NOTE: Once you start provisioning hosts, you may want to see the host's console window. To do so on Firefox:
- Type
about:config
in address field and press Enter - Accept the disclaimer - Click on
I'll be careful, I promise!
- search for
socket
- Double click on
network.websocket.allowInsecureFromHTTPS
parameter to make ittrue
This can also be done via hammer cli as shown below:
export ADMIN_USER="admin"
export ADMIN_PASSWORD="changeme"
export ORGANIZATION="Default Organization"
# Create 2 lifecycle-environments
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD lifecycle-environment create --name='DEV' --prior='Library' --organization="${ORGANIZATION}"
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD lifecycle-environment create --name='QE' --prior='DEV' --organization="${ORGANIZATION}"
# Enable Red Hat repositories
# Kickstart trees
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD repository-set enable --name="Red Hat Enterprise Linux 7 Server (Kickstart)" --basearch="x86_64" --releasever="7.1" --product "Red Hat Enterprise Linux Server" --organization="${ORGANIZATION}"
# 'Base' OS RPMs
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD repository-set enable --name="Red Hat Enterprise Linux 7 Server (RPMs)" --basearch="x86_64" --releasever="7Server" --product "Red Hat Enterprise Linux Server" --organization="${ORGANIZATION}"
# Enable Satellite Tools 6 Beta
# RHEL 7
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD repository-set enable --name="Red Hat Satellite Tools 6 Beta (for RHEL 7 Server) (RPMs)" --basearch="x86_64" --releasever="7Server" --product "Red Hat Enterprise Linux Server" --organization="${ORGANIZATION}"
# Enable Satellite 6 Capsule Beta
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD repository-set enable --name="Red Hat Satellite Capsule 6 Beta (for RHEL 7 Server) (RPMs)" --basearch="x86_64" --releasever="7Server" --product "Red Hat Satellite Capsule Beta" --organization="${ORGANIZATION}"
# Custom product for Puppet modules
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD product create --name='Puppet Modules' --organization="${ORGANIZATION}"
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD repository create --name='MoTD' --organization="${ORGANIZATION}" --product='Puppet Modules' --content-type=puppet --publish-via-http=true
wget -O jeffmccune-motd-1.0.3.tar.gz https://forgeapi.puppetlabs.com/v3/files/jeffmccune-motd-1.0.3.tar.gz
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD repository upload-content --name='MoTD' --organization="${ORGANIZATION}" --product='Puppet Modules' --path=jeffmccune-motd-1.0.3.tar.gz
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD repository create --name='NTP' --organization="${ORGANIZATION}" --product='Puppet Modules' --content-type=puppet --publish-via-http=true
wget -O puppetlabs-ntp-3.3.0.tar.gz https://forgeapi.puppetlabs.com/v3/files/puppetlabs-ntp-3.3.0.tar.gz
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD repository upload-content --name='NTP' --organization="${ORGANIZATION}" --product='Puppet Modules' --path=puppetlabs-ntp-3.3.0.tar.gz
# Synchronize all repositories except for Puppet repositories which don't have URLs
for org in $(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv repository list --organization="${ORGANIZATION}" --per-page=1000 | grep -vi 'puppet' | cut -d ',' -f 1 | grep -vi '^ID'); do hammer -u $ADMIN_USER -p $ADMIN_PASSWORD repository synchronize --id ${org} --organization="${ORGANIZATION}" --async; done
This is where we wait as the synchronization process takes some time :)
# Create a Host collection
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD host-collection create --name 'RHEL 7' --unlimited-content-hosts=false --max-content-hosts=5 --organization="${ORGANIZATION}"
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD host-collection create --name 'Capsules' --unlimited-content-hosts=false --max-content-hosts=5 --organization="${ORGANIZATION}"
# Create content views
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view create --name 'RHEL 7 CV' --organization="${ORGANIZATION}"
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view create --name 'Capsule RHEL 7 CV' --organization="${ORGANIZATION}"
# Add content to content views
# RHEL 7
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view add-repository --name='RHEL 7 CV' --organization="${ORGANIZATION}" --product='Red Hat Enterprise Linux Server' --repository='Red Hat Enterprise Linux 7 Server Kickstart x86_64 7.1'
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view add-repository --name='RHEL 7 CV' --organization="${ORGANIZATION}" --product='Red Hat Enterprise Linux Server' --repository='Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view add-repository --name='RHEL 7 CV' --organization="${ORGANIZATION}" --product='Red Hat Enterprise Linux Server' --repository='Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 7Server'
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view puppet-module add --content-view='RHEL 7 CV' --organization="${ORGANIZATION}" --name=motd
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view publish --name='RHEL 7 CV' --organization="${ORGANIZATION}"
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view version promote --content-view='RHEL 7 CV' --organization="${ORGANIZATION}" --to-lifecycle-environment=DEV
# Capsule
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view add-repository --name='Capsule RHEL 7 CV' --organization="${ORGANIZATION}" --product='Red Hat Satellite Capsule Beta' --repository='Red Hat Satellite Capsule 6 Beta for RHEL 7 Server RPMs x86_64 7Server'
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view add-repository --name='Capsule RHEL 7 CV' --organization="${ORGANIZATION}" --product='Red Hat Enterprise Linux Server' --repository='Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view add-repository --name='Capsule RHEL 7 CV' --organization="${ORGANIZATION}" --product='Red Hat Enterprise Linux Server' --repository='Red Hat Satellite Tools 6 Beta for RHEL 7 Server RPMs x86_64 7Server'
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view puppet-module add --content-view='Capsule RHEL 7 CV' --organization="${ORGANIZATION}" --name=motd
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view publish --name='Capsule RHEL 7 CV' --organization="${ORGANIZATION}"
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD content-view version promote --content-view='Capsule RHEL 7 CV' --organization="${ORGANIZATION}" --to-lifecycle-environment=DEV
# Fetch the UUID for our products
PUPPET_PRODUCT_ID=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv subscription list --organization="${ORGANIZATION}" --search='name="Puppet Modules"' | cut -d ',' -f 8 | grep -vi 'ID')
RH_PRODUCT_ID=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv subscription list --organization="${ORGANIZATION}" --search='name="Red Hat Employee Subscription"' | cut -d ',' -f 8 | grep -vi 'ID')
CAPSULE_PRODUCT_ID=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv subscription list --organization="${ORGANIZATION}" --search='name="Red Hat Satellite Employee Subscription"' | cut -d ',' -f 8 | grep -vi 'ID')
echo PUPPET_PRODUCT_ID: $PUPPET_PRODUCT_ID
echo RH_PRODUCT_ID: $RH_PRODUCT_ID
echo CAPSULE_PRODUCT_ID: $CAPSULE_PRODUCT_ID
# Create activation keys
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD activation-key create --name 'ak-rhel-7' --unlimited-content-hosts=false --max-content-hosts=5 --content-view='RHEL 7 CV' --lifecycle-environment='DEV' --organization="${ORGANIZATION}"
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD activation-key create --name 'ak-capsule-7' --unlimited-content-hosts=false --max-content-hosts=5 --content-view='Capsule RHEL 7 CV' --lifecycle-environment='DEV' --organization="${ORGANIZATION}"
# Add subscriptions and host collection to activation key
# RHEL 7 activation key
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD activation-key add-host-collection --name='ak-rhel-7' --organization="${ORGANIZATION}" --host-collection='RHEL 7'
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD activation-key add-subscription --name='ak-rhel-7' --organization="${ORGANIZATION}" --subscription-id=${RH_PRODUCT_ID}
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD activation-key add-subscription --name='ak-rhel-7' --organization="${ORGANIZATION}" --subscription-id=${PUPPET_PRODUCT_ID}
# Capsule activation key
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD activation-key add-host-collection --name='ak-capsule-7' --organization="${ORGANIZATION}" --host-collection='Capsules'
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD activation-key add-subscription --name='ak-capsule-7' --organization="${ORGANIZATION}" --subscription-id=${RH_PRODUCT_ID}
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD activation-key add-subscription --name='ak-capsule-7' --organization="${ORGANIZATION}" --subscription-id=${CAPSULE_PRODUCT_ID}
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD activation-key add-subscription --name='ak-capsule-7' --organization="${ORGANIZATION}" --subscription-id=${PUPPET_PRODUCT_ID}
# Create a libvirt compute resource
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD compute-resource create --name='local_libvirt' --organizations="${ORGANIZATION}" --url='qemu+tcp://localhost:16509/system' --provider='Libvirt' --locations='Default Location'
# Fetch some more IDs
RHEL7_ENV=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv environment list --organization="${ORGANIZATION}" --search='name~"DEV_RHEL_7_CV"' | cut -d ',' -f 2 | grep -vi 'name')
RHEL7_MEDIUM=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv medium list --search='name~"Linux_7_Server_Kickstart_x86_64"' | cut -d ',' -f 2 | grep -vi 'name')
CONTENT_SOURCE_ID=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv capsule list --search="name~$(hostname)" | cut -d ',' -f 1 | grep -vi 'ID')
DOMAIN_NAME=$(hammer -u $ADMIN_USER -p $ADMIN_PASSWORD --csv domain list | cut -d ',' -f 2 | grep -vi 'name')
echo RHEL7_ENV: $RHEL7_ENV
echo RHEL7_MEDIUM: $RHEL7_MEDIUM
echo CONTENT_SOURCE_ID: $CONTENT_SOURCE_ID
echo DOMAIN_NAME: $DOMAIN_NAME
Now we can create a host group but sadly, one cannot set the password
or activation key
via hammer
, so these will have to set manually.
hammer -u $ADMIN_USER -p $ADMIN_PASSWORD hostgroup create --name='RHEL 7 HG' --content-view='RHEL 7 CV' --environment=${RHEL7_ENV} --lifecycle-environment='DEV' --content-source-id=${CONTENT_SOURCE_ID} --puppet-proxy=$(hostname) --puppet-ca-proxy=$(hostname) --organizations="${ORGANIZATION}" --puppet-classes='motd' --domain=${DOMAIN_NAME} --subnet='libvirt_subnet' --architecture='x86_64' --operatingsystem='RedHat 7.1' --medium=${RHEL7_MEDIUM} --partition-table='Kickstart default' --locations='Default Location'
Assuming that MASTER_FQDN represents your Satellite 6 server and CAPSULE_FQDN is the system which you want to use as your capsule:
Take special note of the output generated by capsule-certs-generate:
export MASTER_FQDN=$(hostname)
export CAPSULE_FQDN=$FQDN_FOR_YOUR_CAPSULE
capsule-certs-generate --capsule-fqdn $CAPSULE_FQDN --certs-tar ~/$CAPSULE_FQDN-certs.tar
scp /root/$CAPSULE_FQDN-certs.tar root@$CAPSULE_FQDN:.
Run the following commands in your client:
export MASTER_FQDN=$FQDN_FOR_YOUR_SAT6_SERVER
rpm -Uvh http://$MASTER_FQDN/pub/katello-ca-consumer-latest.noarch.rpm
subscription-manager register --org Default_Organization --activationkey 'ak-capsule-6-server-64'
subscription-manager refresh
yum clean all && yum repolist
yum install -y satellite-capsule
Now, run the command generated by the output from the capsule-certs-generate command in the server. It should be something similar to:
foreman-installer --scenario capsule\
--parent-fqdn "${MASTER_FQDN}"\
--register-in-foreman "true"\
--foreman-base-url "https://${MASTER_FQDN{"\
--trusted-hosts "${MASTER_FQDN}"\
--trusted-hosts $(localhost)\
--oauth-consumer-key "shZTdZdJzhn8cAksGn2Dpji4EchrKLmF"\
--oauth-consumer-secret "BWzd3Tch93rwH9JyJFRK7mv4cSBdBLDP"\
--pulp-oauth-secret "VEikbCF8dYDjNwNDnR8BDfngHdVqucU8"\
--certs-tar "/root/$(localhost)-certs.tar"
- Edit Default Location
- Add the new capsule to it and save
- Edit Default Organization
- Add the new capsule to it and save
First, list the available capsules to grab their IDs by running the following command in the satellite 6 server:
$ hammer -u admin -p changeme capsule list
---|------------------------------------|------------------------------------------------
ID | NAME | URL
---|------------------------------------|------------------------------------------------
2 | $FQDN1 | https://$FQDN1:9090
1 | $FQDN2 | https://$FQDN2:9090
---|------------------------------------|------------------------------------------------
Assuming we want to use the capsule with ID=2
, now we check which lifecycle-environments are available to the Default Organization organization, running:
$ hammer -u admin -p changeme capsule content available-lifecycle-environments --id 2
---|--------
ID | NAME
---|--------
3 | QE
2 | DEV
1 | Library
---|--------
Since I only promoted content to my DEV environment, I now can add it to my capsule:
$ hammer -u admin -p changeme capsule content add-lifecycle-environment --id=2 --lifecycle-environment-id=2
Lifecycle environment successfully added to the capsule
Finally, let's synchronize contents to the capsule:
$ hammer -u admin -p changeme capsule content synchronize --id=2
[......................... ] [50%]
The second command to increase the debug level should be changed to:
sed -i -e 's/# log_level: INFO/log_level: INFO/' /etc/pulp/server.conf
Was missing the trailing
/
to end the seds
command.