Some practical information :<\/p>\n\n\n\n
- Red Hat Satellite<\/a><\/span> :<\/strong> is a system management solution that enables you to deploy, configure, and maintain your systems across physical, virtual, and cloud environments. Satellite provides provisioning, remote management and monitoring of multiple Red Hat Enterprise Linux deployments with a single, centralized tool.<\/li><\/ul>\n\n\n\n
- The Foreman<\/a><\/span> :<\/strong> For provision and Life Cycle Management of physical and virtual systems.<\/li><\/ul>\n\n\n\n
- Katello <\/a>:<\/strong> Foreman Plug-in for Subscription and Repository Management. (RHEL patching)<\/li><\/ul>\n\n\n\n
Note<\/strong><\/span> : <\/span>Foreman <\/strong>and Katello <\/strong>are actually two of the components <\/strong>that make up Red Hat Satellite<\/strong>.<\/span><\/em><\/p>\n\n\n\n
P<\/strong>rerequisites<\/h3>\n\n\n\n
For this lab, for testing purposes<\/strong>, we will use a virtual machine<\/strong> like the following :<\/p>\n\n\n\n
OS <\/strong>: RHEL 7, CentOS 7 (64bits)
CPU <\/strong>: 2 minimum
RAM <\/strong>: 8 GB minimum
DISK <\/strong>: 140GB = 40GB(OS) + 100GB(\/var\/lib\/pulp)<\/p>\n\n\n\nNote<\/span> <\/strong>: <\/span>\/var\/lib\/pulp<\/strong> : Location to store the content to sync. The recommended minimum size<\/strong> should be 30GB<\/strong> for each Operating System we are about to Sync.<\/span><\/em><\/p>\n\n\n\n
Installation of the Lab<\/h3>\n\n\n\n
Once we have the Linux CentOS 7 virtual machine ready<\/strong>, we go through the preparation <\/strong>to install Foreman, making <\/strong>some small configurations<\/strong>.<\/p>\n\n\n\n
Set the hostname <\/strong>and add an entry in \/etc\/hosts :<\/p>\n\n\n\n
# hostnamectl set-hostname \"foremanlab.mylab.com\"\n\n# echo \"10.79.94.99 foremanlab.mylab.com foremanlab\" >> \/etc\/hosts\n<\/code><\/pre>\n\n\n\n# hostnamectl status\n Static hostname: foremanlab.mylab.com\n Icon name: computer-vm\n Chassis: vm\n Machine ID: 7ad2153585ca450d80296226f31fe064\n Boot ID: b6fa901bb2eb4e28b36fb48198024bfc\n Virtualization: vmware\n Operating System: CentOS Linux 7 (Core)\n CPE OS Name: cpe:\/o:centos:centos:7\n Kernel: Linux 3.10.0-1127.19.1.el7.x86_64\n Architecture: x86-64<\/code><\/pre>\n\n\n\n# dnsdomainname -f\nforemanlab.mylab.com<\/code><\/pre>\n\n\n\nUpdate <\/strong>the machine and reboot <\/strong>it :<\/p>\n\n\n\n
# yum update -y ; reboot<\/code><\/pre>\n\n\n\nThe time synchronization<\/strong> for Foreman and Katello is really important. For that, we will install chrony<\/strong>, enable <\/strong>and start <\/strong>the service :<\/p>\n\n\n\n
# yum install chrony\n# systemctl enable chronyd\n# systemctl start chronyd\n# chronyc sources\n<\/code><\/pre>\n\n\n\nThen, we must enable NTP synchronization <\/strong>: <\/p>\n\n\n\n
# timedatectl set-ntp true\n# timedatectl status\n<\/code><\/pre>\n\n\n\nFirewall Requirement<\/strong><\/h3>\n\n\n\n
The ports <\/strong>we must open <\/strong>in the Firewall <\/strong>on Foreman machine are :<\/p>\n\n\n\n
TCP<\/span><\/strong> : 53, 80, 443, 5647, 9090
UDP<\/span><\/strong> : 67-69, 53<\/p>\n\n\n\nWe just have to execute <\/strong>the following commands <\/strong>:<\/p>\n\n\n\n
# firewall-cmd --add-port={53,80,443,5647,9090}\/tcp --permanent\n# firewall-cmd --add-port={67-69,53}\/udp --permanent\n# firewall-cmd --reload\n# firewall-cmd --list-all\n<\/code><\/pre>\n\n\n\nNote<\/span> :<\/span> If we plan to setup a DNS server in the same machine, it\u2019s necessary to open port 53 UDP and TCP.<\/span><\/em><\/p>\n\n\n\n
Storage Requirement<\/strong><\/h3>\n\n\n\n
We need to have ready the filesystem \/var\/lib\/pulp<\/strong> with 100 GB<\/strong> of space.<\/p>\n\n\n\n
# df -h \/var\/lib\/pulp\nFilesystem Size Used Avail Use% Mounted on\n\/dev\/mapper\/centos-var_lib_pulp 100G 33M 100G 1% \/var\/lib\/pulp<\/code><\/pre>\n\n\n\nAdd Repositories<\/strong><\/h3>\n\n\n\n
Check the current repositories <\/strong>:<\/p>\n\n\n\n
# yum repolist\nLoaded plugins: fastestmirror, langpacks\nLoading mirror speeds from cached hostfile\n * base: centos.crazyfrogs.org\n * extras: ftp.pasteur.fr\n * updates: centos.crazyfrogs.org\nrepo id \t repo name status\nbase\/7\/x86_64 CentOS-7 - Base 10,070\nextras\/7\/x86_64 CentOS-7 - Extras 413\nupdates\/7\/x86_64 CentOS-7 - Updates 1,134\nrepolist: 11,617\n<\/code><\/pre>\n\n\n\nAdd <\/strong>the required Repositories <\/strong>for the installation using yum :<\/p>\n\n\n\n
# yum -y localinstall https:\/\/yum.theforeman.org\/releases\/2.3\/el7\/x86_64\/foreman-release.rpm\r\n\r\nhttps://yum.theforeman.org\/releases\/2.3\/el7\/x86_64\/release-2.3.3-1.el7.noarch.rpm\r\n\r\n# yum -y localinstall https:\/\/fedorapeople.org\/groups\/katello\/releases\/yum\/3.18\/katello\/el7\/x86_64\/katello-repos-latest.rpm\r\n\r\n# yum -y localinstall https:\/\/yum.puppet.com\/puppet6-release-el-7.noarch.rpm\r\n\r\n# yum -y localinstall https:\/\/dl.fedoraproject.org\/pub\/epel\/epel-release-latest-7.noarch.rpm\r\n\r\n# yum -y install epel-release centos-release-scl-rh\r<\/code><\/pre>\n\n\n\nInstall Foreman<\/strong><\/h3>\n\n\n\n
# yum -y install foreman-installer\n# yum -y update<\/code><\/pre>\n\n\n\nInstall Katello<\/strong><\/h3>\n\n\n\n
# yum -y install katello\n<\/code><\/pre>\n\n\n\nSetup Katello<\/strong><\/h3>\n\n\n\n
Start to setup <\/strong>Katello by running foreman-installer. <\/p>\n\n\n\n
While running foreman-installer <\/strong>we can use multiple options to set <\/strong>the admin User\/Password<\/strong>. <\/p>\n\n\n\n
Note<\/span> <\/strong>: <\/span>If the option “–scenario katello<\/strong>” is not used, it will set up with the puppet.<\/span><\/em><\/p>\n\n\n\n
To set up<\/strong> with more modules <\/strong>it possible to add them by editing below YAML file<\/strong>. This should be done before starting with running foreman-installer :<\/p>\n\n\n\n
# vim \/etc\/foreman-installer\/scenarios.d\/katello.yaml\n<\/code><\/pre>\n\n\n\nIn my setup, I have appended with postgresql<\/strong>, pulp<\/strong>, candlepin<\/strong>, qpid<\/strong>, tftp<\/strong>, dhcp <\/strong>and dns<\/strong>:<\/p>\n\n\n\n
:order:\n- certs\n- foreman\n- katello\n- foreman_proxy\n- foreman_proxy::plugin::pulp\n- foreman_proxy_content\n- puppet\n- postgresql\n- pulp\n- candlepin\n- qpid\n- tftp\n- dhcp\n- dns<\/strong><\/code><\/pre>\n\n\n\nEnable true for required plugins<\/strong> by editing the below answer file. <\/p>\n\n\n\n
For instance, to enable <\/strong>the ansible plugin<\/strong>, replace \u201cfalse\u201d with \u201ctrue\u201d –> foreman::plugin::ansible: true<\/strong> :<\/p>\n\n\n\n
# vim \/etc\/foreman-installer\/scenarios.d\/katello-answers.yaml\nforeman_proxy::plugin::pulp: true\nforeman::plugin::ansible: true\n<\/strong>foreman::plugin::azure: false\nforeman::plugin::bootdisk: false\nforeman::plugin::chef: false\nforeman::plugin::default_hostgroup: false\nforeman::plugin::digitalocean: false\nforeman::plugin::discovery: false\nforeman::plugin::expire_hosts: false\nforeman::plugin::hooks: false\nforeman::plugin::inventory_upload: false\nforeman::plugin::kubevirt: false\nforeman::plugin::memcache: false\nforeman::plugin::monitoring: false\nforeman::plugin::openscap: false\nforeman::plugin::puppetdb: false\nforeman::plugin::remote_execution: false\nforeman::plugin::remote_execution::cockpit: false\nforeman::plugin::salt: false\nforeman::plugin::setup: false\nforeman::plugin::snapshot_management: false\nforeman::plugin::tasks: true\nforeman::plugin::templates: false\nforeman::plugin::virt_who_configure: false\nforeman_proxy::plugin::ansible: false\nforeman_proxy::plugin::chef: false\nforeman_proxy::plugin::dhcp::infoblox: false\nforeman_proxy::plugin::dhcp::remote_isc: false\nforeman_proxy::plugin::discovery: false\nforeman_proxy::plugin::dns::infoblox: false\nforeman_proxy::plugin::monitoring: false\nforeman_proxy::plugin::openscap: false\nforeman_proxy::plugin::remote_execution::ssh: false\nforeman_proxy::plugin::salt: false\nforeman::compute::ec2: true\n<\/strong>foreman::compute::gce: false\nforeman::compute::libvirt: false\nforeman::compute::openstack: false\nforeman::compute::ovirt: false\nforeman::compute::rackspace: false\nforeman::compute::vmware: true\n<\/strong>foreman::cli: true\nforeman::cli::ansible: true\n<\/strong>foreman::cli::azure: false\nforeman::cli::discovery: false\nforeman::cli::kubevirt: false\nforeman::cli::openscap: false\nforeman::cli::remote_execution: false\nforeman::cli::tasks: false\nforeman::cli::templates: false\nforeman::cli::virt_who_configure: false\n<\/code><\/pre>\n\n\n\nInstall python-gofer : <\/p>\n\n\n\n
# yum -y install python-gofer-qpid<\/code><\/pre>\n\n\n\nExecute foreman-installer <\/strong>with the following options to set up<\/strong> Katello <\/strong>:<\/p>\n\n\n\n
# foreman-installer \\\n--scenario katello \\\n--foreman-initial-admin-username admin \\\n--foreman-initial-admin-password 'password'\n<\/code><\/pre>\n\n\n\nMeanwhile, to monitor <\/strong>the installation progress <\/strong>check the log <\/strong>file with tail command :<\/p>\n\n\n\n
# tail -f \/var\/log\/foreman-installer\/katello.log\n<\/code><\/pre>\n\n\n\nNote<\/span><\/strong> : <\/span>It took around 25 minutes<\/strong> to complete <\/strong>the Katello installation<\/strong>.<\/span><\/em><\/p>\n\n\n\n
Preparing installation Done\n<\/span>\n Success!\n<\/span> * Katello <\/span>is running at https:\/\/foremanlab.mylab.com<\/span>\n Initial credentials are admin <\/span>\/ <\/span>password<\/span>\n * To install an additional Foreman proxy on separate machine continue by running:\n foreman-proxy-certs-generate --foreman-proxy-fqdn \"$FOREMAN_PROXY\" --certs-tar \"\/root\/$FOREMAN_PROXY-certs.tar\"\n \n The full log is at \/var\/log\/foreman-installer\/katello.log<\/span><\/code><\/pre>\n\n\n\nOnce completed with the installation verify <\/strong>the service status <\/strong>:<\/p>\n\n\n\n
# katello-service status | grep -i \"Active\"\n<\/code><\/pre>\n\n\n\nAccessing Foreman GUI<\/strong><\/h3>\n\n\n\n
Access <\/strong>the foreman GUI using the FQDN url<\/strong> have you configured : <\/p>\n\n\n\n
https:\/\/foremanlab.mylab.com<\/span> <\/p>\n\n\n\n
![\"\"](\"https:\/\/robermb.com\/blog\/wp-content\/uploads\/foreman_login-e1611844661376.png\")
<\/figure>\n\n\n\nOnce completed with the installation verify the service status :<\/p>\n\n\n\n
# systemctl status foreman.service\r\n# systemctl status foreman-proxy.service\r<\/code><\/pre>\n\n\n\nConfigure DHCP and DNS on Foreman-proxy : <\/h3>\n\n\n\n
Get oauth_consumer <\/strong>key and secret values :<\/p>\n\n\n\n
# cat \/etc\/foreman\/settings.yaml | grep oauth_\r<\/code><\/pre>\n\n\n\nConfigure the DHCP and DNS on foreman-proxy : <\/p>\n\n\n\n
# foreman-installer --enable-foreman-proxy \\\r\n--foreman-proxy-tftp true \\\r\n--foreman-proxy-tftp-servername=10.79.204.102 \\\r\n--foreman-proxy-dhcp true \\\r\n--foreman-proxy-dhcp-interface \"ens224\" \\\r\n--foreman-proxy-dhcp-gateway \"10.79.204.1\" \\\r\n--foreman-proxy-dhcp-nameservers \"10.79.204.102\" \\\r\n--foreman-proxy-dhcp-range \"10.79.204.160 10.79.204.170\" \\\r\n--foreman-proxy-dhcp-server \"10.79.204.102\" \\\r\n--foreman-proxy-dns true \\\r\n--foreman-proxy-dns-forwarders \"8.8.8.8; 4.4.4.4\" \\\r\n--foreman-proxy-dns-interface \"ens224\" \\\r\n--foreman-proxy-dns-reverse \"204.79.10.in-addr.arpa\" \\\r\n--foreman-proxy-dns-server \"10.79.204.102\" \\\r\n--foreman-proxy-dns-zone \"data.bluesoft-group.com\" \\\r\n--foreman-oauth-consumer-key \"PvQYpbBVB6RsMyAL7X6eBs686UPEYGqR\" \\\r\n--foreman-oauth-consumer-secret \"KGQaMurCGn4C5H4jK98qc8B256ca7YVL\"\r<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"Introduction With Katello & Foreman, you can install and configure the open source version of Red Hat Satellite, to manage … More How to install Foreman & Katello (Satellite free version) on CentOS 7<\/span>
- Katello <\/a>:<\/strong> Foreman Plug-in for Subscription and Repository Management. (RHEL patching)<\/li><\/ul>\n\n\n\n
- The Foreman<\/a><\/span> :<\/strong> For provision and Life Cycle Management of physical and virtual systems.<\/li><\/ul>\n\n\n\n