Red Hat Satellite 6.0 Installation Guide en US

Red Hat Satellite Red Hat Satellite
6.0 Managed Design Program 2

Installation Guide
Installing and Configuring Satellite: Technical Preview for Managed

Design Program (MDP) customers
Edition 1
Red Hat Satellite 6 Documentation Team
Red Hat Satellite Red Hat Satellite 6.0 Managed Design Program 2
Installation Guide
Installing and Configuring Satellite: Technical Preview for Managed

Design Program (MDP) customers
Edition 1
Red Hat Satellite 6 Do cumentatio n Team
Legal Notice
Copyright 2013 Red Hat.
T his document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported
License. If you distribute this document, or a modified version of it, you must provide attribution to Red
Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be
removed.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section
4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo,
and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux is the registered trademark of Linus T orvalds in the United States and other countries.
Java is a registered trademark of Oracle and/or its affiliates.
XFS is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States
and/or other countries.
MySQL is a registered trademark of MySQL AB in the United States, the European Union and other
countries.
Node.js is an official trademark of Joyent. Red Hat Software Collections is not formally related to or
endorsed by the official Joyent Node.js open source or commercial project.
T he OpenStack Word Mark and OpenStack Logo are either registered trademarks/service marks or
trademarks/service marks of the OpenStack Foundation, in the United States and other countries and
are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or
sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Abstract
T his document describes how to install Satellite. It also steps through the basic configuration
requirements to get Satellite running in your environment. T his document is part of Managed Design
Program and subject to future changes before official product release.
Table of Contents
Table of Contents
.Preface
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3. . . . . . . . . .
1. Document Conventions
3
1.1. T ypographic Conventions
3
1.2. Pull-quote Conventions
4
1.3. Notes and Warnings
5
2. Getting Help and Giving Feedback
5
2.1. Do You Need Help?
5
2.2. We Need Feedback!
6
.Chapter
. . . . . . . . 1.
. . .Introduction
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7. . . . . . . . . .
1.1. Introduction
7
1.2. Prerequisites
7
.Chapter
. . . . . . . . 2.
. . .Red
. . . . Hat
. . . . .Satellite
. . . . . . . . .Installation
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
............
2.1. Installing Red Hat Satellite
10
2.2. Installing Red Hat Satellite with an ISO Image
11
2.3. Configuring Red Hat Satellite
11
2.4. Configuring with an Answer File
13
2.5. Configuring LDAP Authentication for Red Hat Satellite
14
.Chapter
. . . . . . . . 3.
. . .Logging
. . . . . . . . .into
. . . . Red
. . . . .Hat
. . . .Satellite
. . . . . . . . . for
. . . .the
. . . .First
. . . . .T. ime
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
............
3.1. Red Hat Satellite Components
16
3.2. Red Hat Satellite: Content and Entitlement
16
3.2.1. Logging into Red Hat Satellite: Content and Entitlement
16
3.2.2. Using the Red Hat Satellite: Content and Entitlement Dashboard
17
3.3. Red Hat Satellite: Provisioning and Configuration
19
3.3.1. Logging into Red Hat Satellite: Provisioning and Configuration
19
3.3.2. Using the Red Hat Satellite: Provisioning and Configuration Dashboard
19
.Chapter
........4
. ...Using
. . . . . . the
. . . . Red
. . . . .Hat
. . . .Content
. . . . . . . . .Provider
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
............
4.1. About Content Providers
20
4.2. Setting up Manifests
20
4.3. Uploading a Subscription Manifest
21
4.4. Enabling Red Hat Repositories
21
.Chapter
. . . . . . . . 5.
. . .Synchronization
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
............
5.1. About Synchronization
22
5.2. Synchronization Status
22
5.3. Creating a New Synchronization Plan
23
5.4. Applying a Synchronization Schedule
23
.Chapter
. . . . . . . . 6.
. . .Satellite
. . . . . . . . . Nodes
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
............
6.1. Installing a Satellite Node
24
6.2. Configuring a Satellite Node
25
6.3. Adding Environments to a Satellite Node
28
6.4. Using a Satellite Node
29
. . . . . . . . . .History
Revision
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
...........
Red Hat Satellite Red Hat Satellite 6.0 Managed D esign Program 2 Installation Guide
Preface
Preface
1. Document Conventions
T his manual uses several conventions to highlight certain words and phrases and draw attention to
specific pieces of information.
In PDF and paper editions, this manual uses typefaces drawn from the Liberation Fonts set. T he
Liberation Fonts set is also used in HT ML editions if the set is installed on your system. If not, alternative
but equivalent typefaces are displayed. Note: Red Hat Enterprise Linux 5 and later include the Liberation
Fonts set by default.
1.1. Typographic Conventions

Four typographic conventions are used to call attention to specific words and phrases. T hese
conventions, and the circumstances they apply to, are as follows.
Mono-spaced Bold
Used to highlight system input, including shell commands, file names and paths. Also used to highlight
keys and key combinations. For example:
T o see the contents of the file m y_next_bestselling_novel in your current working
directory, enter the cat m y_next_bestselling_novel command at the shell prompt
and press Enter to execute the command.
T he above includes a file name, a shell command and a key, all presented in mono-spaced bold and all
distinguishable thanks to context.
Key combinations can be distinguished from an individual key by the plus sign that connects each part of
a key combination. For example:
Press Enter to execute the command.
Press Ctrl+Alt+F2 to switch to a virtual terminal.
T he first example highlights a particular key to press. T he second example highlights a key combination:
a set of three keys pressed simultaneously.
If source code is discussed, class names, methods, functions, variable names and returned values
mentioned within a paragraph will be presented as above, in m ono-spaced bold. For example:
File-related classes include filesystem for file systems, file for files, and dir for
directories. Each class has its own associated set of permissions.
Proportional Bold
T his denotes words or phrases encountered on a system, including application names; dialog-box text;
labeled buttons; check-box and radio-button labels; menu titles and submenu titles. For example:
Choose System Preferences Mouse from the main menu bar to launch Mouse
Preferences. In the Buttons tab, select the Left-handed m ouse check box and click
Close to switch the primary mouse button from the left to the right (making the mouse
suitable for use in the left hand).
T o insert a special character into a gedit file, choose Applications Accessories
Character Map from the main menu bar. Next, choose Search Find from the
Character Map menu bar, type the name of the character in the Search field and click
Next. T he character you sought will be highlighted in the Character T able. Double-click
this highlighted character to place it in the T ext to copy field and then click the Copy
button. Now switch back to your document and choose Edit Paste from the gedit menu
bar.
T he above text includes application names; system-wide menu names and items; application-specific
menu names; and buttons and text found within a GUI interface, all presented in proportional bold and all
distinguishable by context.
Mono-spaced Bold Italic or Proportional Bold Italic
Whether mono-spaced bold or proportional bold, the addition of italics indicates replaceable or variable
text. Italics denotes text you do not input literally or displayed text that changes depending on
circumstance. For example:
T o connect to a remote machine using ssh, type ssh username@ domain.name at a shell
prompt. If the remote machine is exam ple.com and your username on that machine is
john, type ssh john@ exam ple.com .
T he m ount -o rem ount file-system command remounts the named file system. For
example, to remount the /hom e file system, the command is m ount -o rem ount /hom e.
T o see the version of a currently installed package, use the rpm -q package command. It
will return a result as follows: package-version-release.
Note the words in bold italics above: username, domain.name, file-system, package, version and release.
Each word is a placeholder, either for text you enter when issuing a command or for text displayed by
the system.
Aside from standard usage for presenting the title of a work, italics denotes the first use of a new and
important term. For example:
Publican is a DocBook publishing system.
1.2. Pull-quote Conventions

T erminal output and source code listings are set off visually from the surrounding text.
Output sent to a terminal is set in m ono-spaced rom an and presented thus:
books
books_tests
Desktop
Desktop1
documentation
downloads
drafts
images
mss
notes
photos
scripts
stuff
svgs
svn
Source-code listings are also set in m ono-spaced rom an but add syntax highlighting as follows:
Preface
static int kvm_vm_ioctl_deassign_device(struct kvm *kvm,

struct kvm_assigned_pci_dev *assigned_dev)
{
int r = 0;
struct kvm_assigned_dev_kernel *match;
mutex_lock(&kvm->lock);
match = kvm_find_assigned_dev(&kvm->arch.assigned_dev_head,
assigned_dev->assigned_dev_id);
if (!match) {
printk(KERN_INFO "%s: device hasn't been assigned before, "
"so cannot be deassigned\n", __func__);
r = -EINVAL;
goto out;
}
kvm_deassign_device(kvm, match);
kvm_free_assigned_device(kvm, match);
out:
mutex_unlock(&kvm->lock);
return r;
}
1.3. Notes and Warnings

Finally, we use three visual styles to draw attention to information that might otherwise be overlooked.
Note
Notes are tips, shortcuts or alternative approaches to the task at hand. Ignoring a note should
have no negative consequences, but you might miss out on a trick that makes your life easier.
Important
Important boxes detail things that are easily missed: configuration changes that only apply to the
current session, or services that need restarting before an update will apply. Ignoring a box
labeled Important will not cause data loss but may cause irritation and frustration.
Warning
Warnings should not be ignored. Ignoring warnings will most likely cause data loss.
2. Getting Help and Giving Feedback

2.1. Do You Need Help?
If you experience difficulty with a procedure described in this documentation, visit the Red Hat Customer
Portal at http://access.redhat.com. T hrough the customer portal, you can:

search or browse through a knowledgebase of technical support articles about Red Hat products.
submit a support case to Red Hat Global Support Services (GSS).
access other product documentation.
Red Hat also hosts a large number of electronic mailing lists for discussion of Red Hat software and
technology. You can find a list of publicly available mailing lists at https://www.redhat.com/mailman/listinfo.
Click on the name of any mailing list to subscribe to that list or to access the list archives.
2.2. We Need Feedback!

If you find a typographical error in this manual, or if you have thought of a way to make this manual
better, we would love to hear from you! Please submit a report in Bugzilla: http://bugzilla.redhat.com/
against the product Red Hat Satellite 6.
When submitting a bug report, be sure to mention the manual's identifier: Docs Install Guide
If you have a suggestion for improving the documentation, try to be as specific as possible when
describing it. If you have found an error, please include the section number and some of the surrounding
text so we can find it easily.
Chapter 1. Introduction
Warning
T his document is a technical preview for Managed Design Program customers only.
1.1. Introduction
Red Hat Satellite is a systems management server that can be used to configure new systems,
subscribe to updates, and maintain installations in distributed environments. It provides content and
manages Red Hat entitlements. Satellite also performs provisioning and configuration management of
pre-defined standard operating environments.
Satellite uses a web-based user interface that can be installed from yum repositories or RPM. T he Red
Hat Subscription Manager also needs to be installed on client machines in order to receive updates
from the Satellite.
Note
T he web-based user interface and command-line interface for Satellite supports English,
Portuguese, Simplified Chinese, T raditional Chinese, Korean, Japanese, Italian, Spanish, Russian,
French and German.
Report a bug
1.2. Prerequisites
T he following conditions must be met before installing Red Hat Satellite 6:
Base Operating System
Red Hat Satellite is supported on Red Hat Enterprise Linux 6.4 or later. Install the operating system from
disc, local ISO image, kickstart, or any other methods that Red Hat supports. Red Hat Satellite requires
Red Hat Enterprise Linux installations with the @Base package group with no other package-set
modifications, and without third-party configurations or software that is not directly necessary for the
direct operation of the server. T his restriction includes hardening or other non-Red Hat security
software. If such software is required in your infrastructure, install and verify a complete working Red Hat
Satellite first, then create a backup of the system before adding any non-Red Hat software.
When installing Red Hat Enterprise Linux from CD or ISO image, there is no need to select any package
groups; Red Hat Satellite only requires the base operating system installation. When installing the
operating system via kickstart, select the @Base package group.
T here should be at least one networked host with the following minimum specifications:
64-bit architecture
Red Hat Enterprise Linux 6.4 or later
A minimum of two CPU cores, but four CPU cores are recommended
A minimum of 8GB memory but ideally 12GB of memory for each instance of Satellite. It is also
recommended to use 4GB of swap space where possible.
A minimum of 5 GB storage for the base install of Red Hat Enterprise Linux, 300 MB for the
installation of Red Hat Satellite and at least 10 GB storage for each software repository to be
synchronized in the /var filesystem.
No Java virtual machine installed on the system, remove any if they exist.
No Puppet RPMs installed on the system
No third-party unsupported yum repositories enabled. T hird-party repositories may offer
conflicting or unsupported package versions that may cause installation or configuration errors.
A current Red Hat Network subscription
Administrative user (root) access
Full forward and reverse DNS resolution using a fully qualified domain name. Check that hostname
and localhost resolve correctly, using the following commands:
# ping -c1 localhost
# ping -c1 `hostname -s` # my_system
# ping -c1 `hostname -f` # my_system.domain.com
Supported Browsers
Browsers that are supported by Satellite:
Mozilla Firefox 21 and higher
Microsoft Internet Explorer 9 and higher
Google Chrome
Application Specifications
Satellite application installation specifications are as follows:
It is recommended that a time synchronizer such as ntpd is installed and enabled on Satellite. T o
enable ntpd and have it persist at bootup:
# service ntpd start
# chkconfig ntpd on
Required Network Ports

T he following conditions must be met before continuing with this task:
Port 443 for HT T PS (secure WWW) must be open for incoming connections. T his can be achieved
through the system -config-firewall-tui tool. Or use this command on the command line:
# iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
Port 5671 must be open for SSL communication with managed systems. T his can be achieved
Port 80 for HT T P (WWW) must be open to download the bootstrap files. T his can be achieved
Port 8140 must be open for incoming Puppet connections with the managed systems. T his can be
achieved through the system -config-firewall-tui tool. Or use this command on the command
line:
T o make the changes persistant across reboots when using the command line use this command:
# iptables-save > /etc/sysconfig/iptables
Note
T he Red Hat Satellite system is ideally a freshly provisioned system that serves no other function
except as a Satellite server.
Report a bug
Chapter 2. Red Hat Satellite Installation

2.1. Installing Red Hat Satellite
T his procedure installs Satellite from the repository onto a host.
Procedure 2.1. Installing Satellite on a certificate managed system
T his procedure installs Satellite on systems that use Subscription Manager.
1. Verify the availability of Satellite channels with the following command as the root user:
# subscription-manager list --available --all
T he screen displays:
+-------------------------------------------+
Available Subscriptions
+-------------------------------------------+
ProductName:
ProductId:
PoolId:
Quantity:
Multi-Entitlement:
Expires:
MachineType:
Red Hat Satellite

MCT1550
[pool id]
10
No
08/20/2013
physical
2. Subscribe to the pool using the following command:

# subscription-manager subscribe --pool=[pool id]
3. (Optional) Install yum-utils if the package has not already been installed:
# yum install yum-utils
yum-config-manager must be installed in the host system. yum-config-manager is included in the

yum-utils package.
4. Disable all existing repositories:
# yum-config-manager --disable "*"
5. Enable the Satellite and Red Hat Enterprise Linux repositories by running yum -configm anager. You may need to alter the Red Hat Enterprise Linux repository to match the specific
version you are using.
# yum-config-manager --enable rhel-6-server-rpms rhel-server-6-satellite-6mdp-2-rpms
6. Install the katello-foreman-all package using the yum install command as the root user:
# yum install katello-foreman-all foreman-libvirt
10
Result:
Satellite is installed on your host system.
Important
Satellite must be configured before it can be used.
Report a bug
2.2. Installing Red Hat Satellite with an ISO Image

T he following procedure details how to install Satellite on a host through ISO.
1. Download the ISO image from the Red Hat Satellite 6 Channel in the Red Hat Customer Portal.
2. As the root user, mount the ISO image to a directory:
# mkdir /media/iso
# mount -o loop iso_filename /media/iso
3. Change directory to /m edia/iso.

4. Run the installer script in the mounted directory:
# ./install_packages
Result:
Satellite is installed on your host system.
Important
Before Satellite can be used, it needs to be configured.
Report a bug
2.3. Configuring Red Hat Satellite

T his procedure shows how to configure Satellite.
Satellite has an automatic initial configuration that prepares the Satellite for use. T he katelloconfigure script supports the ability to override various default settings, including the administrative
username, password and organization name. It can be run multiple times without any issues.
Procedure 2.2. Running the Configuration Script
Run the katello-configure script as the root user:
# katello-configure --user-pass=PASSWORD
T he option for user password is the only required option that needs to be set when katello-
11
configure is used. However, other options can be set to create your initial administrative
username, password and organization name. Use the format:
# katello-configure --user-name=USERNAME --user-pass=PASSWORD --orgname=ORGANIZATION_NAME
For example:
# katello-configure --user-name=adminuser --user-pass=password --orgname=Example_Org
Additional configuration options can be passed to the katello-configure command, to adjust

various aspects of the configuration. View a complete list of options using the command:
# katello-configure --help
Important
T he default username is admin. T he default organization name is ACME_Corporation. It is
strongly recommended that you override these default settings during configuration.
Result:
When the configuration script has completed successfully, it displays:
Starting Katello configuration
The top-level log file is
[/var/log/katello/katello-configure-[date]-[time]/main.log]
Katello configuration: |=======================================================|
If the configuration script encounters an error, it displays:

# katello-configure
[/var/log/katello/katello-configure-20111115-170733/main.log]
err: /Stage[main]/Postgres::Service/Service[postgresql]/ensure: change from
stopped to running failed: Could not start Service[postgresql]: Execution of
'/sbin/service postgresql start' returned 1: at
/usr/share/katello/install/puppet/modules/postgres/manifests/service.pp:6
Different error conditions can also show up with the name of the log file containing the error, for example:
Failed, please check [#{processing_logfile}]
12
Warning
When run, katello-configure --answer-file=/etc/katello/katelloconfigure.conf replaces all the configuration files with the standard templates. If the Satellite
has customized configuration files, please back them up before running katello-configure.
T he following command will show the files that will be replaced when the katello-configure
command is run:
# rpm -ql katello-configure | grep erb
Report a bug
2.4. Configuring with an Answer File

T he following task shows how to configure Satellite with an answer file.
Procedure 2.3. Configuration Using an Answer File
Answer files are used for automated installations with customized options. An answer file can be created
and passed to the katello-configure command.
1. Copy the answer file located at /usr/share/katello/install/default-answer-file to a
location on your local filesystem:
# cp
/usr/share/katello/install/default-answer-file /root/my-answer-file
2. Open the local copy of the answer file in your preferred text editor and edit the values to suit your
environment:
# Path of the Answer File.
answer_file =
# Katello database name.
# PostgreSQL database name used to store the Katello database
# objects.
db_name = katelloschema
# Katello database user.
db_user = katellouser
# Katello database password.
db_password = katellopw
Save your answer file once you have finished editing it.
3. Pass the answer file to the katello-configure command:
13
# katello-configure --answer-file=/root/my-answer-file
[/var/log/katello/katello-configure-20111115-170733/main.log]
Katello configuration:
|=======================================================|
|=======================================================|
|=======================================================|
Result:
Satellite is configured on your host system.
Report a bug
2.5. Configuring LDAP Authentication for Red Hat Satellite

Note
LDAP configuration for Red Hat Satellite is optional.
Satellite includes Lightweight Directory Access Protocol (LDAP) authentication for users.
Procedure 2.4 . Configuring LDAP Authentication
Run the katello-configure script as the root user and edit the parameters for your system:
# katello-configure --deployment=katello
--auth-method=ldap
--user-name=[Your LDAP login]
--ldap-server=[Hostname of your LDAP server]
--ldap-port=[Port of your LDAP server. The default is 389.]
--ldap-server-type=[free_ipa, active_directory, or posix. The default is
posix]
--ldap_encryption=[start_tls. The default is none]
--ldap-users-basedn=[Base dn of users, eg ou=People,dc=company,dc=com]
--ldap-groups-basedn=[Base dn of groups, eg ou=Groups,dc=company,dc=com]
--ldap-anon-queries=[True if your FreeIPA or Active Directory servers allow
anonymous queries. The default is false]
--ldap-service-user=[Username of the service user for FreeIPA and Active
Directory. The default is empty.]
--ldap-service-pass=[Password of the service user for FreeIPA and Active
Directory. The default is empty.]
--ldap-ad-domain=[Domain for making Active Directory queries. The default is
empty.]
--ldap-roles=[Enables the ldap_roles value in katello.yml. The default is
false.]
14
Warning
Configure at least one administrator user or administrator group before turning on LDAP
authentication. Using LDAP authentication without an existing administrator user can lock you out
of the Satellite instance.
Use the following procedure to setup an LDAP administrator.
Procedure 2.5. Creating an LDAP Administrator User
1. Complete an installation of Satellite with access set to local database users.
2. Login to Satellite as the default adm in user.
3. T o set up an LDAP administrator user:
a. Create a user with the same name as a user on your LDAP server. For information on user
creation, refer to Creating Users in the Red Hat Satellite 6.0 User Guide.
b. Provide the user with Global Administrator permissions. For information on user
permissions, refer to Editing Roles and Permissions of an Existing User in the Red Hat
Satellite 6.0 User Guide.
4. T o set up an LDAP administrator role:
a. Create a role with the same name as a user group on your LDAP server. For information on
role creation, refer to Creating Roles in the Red Hat Satellite 6.0 User Guide.
b. Provide the role with Global Administrator permissions. For information on role permissions,
refer to Adding Permissions to an Existing Role in the Red Hat Satellite 6.0 User Guide.
5. Update /etc/katello/katello.ym l to set user authentication to ldap mode.
6. T o update the LDAP settings run the following command and set the required parameters:
# katello-configure
7. Restart the Satellite with the following command:

# katello-service restart
LDAP Roles
In order to use LDAP authentication in conjunction with user roles, you will need to create users in
Satellite and assign them roles. Create a new user with the same username as the LDAP username, or
wait for them to log in, which automatically creates a new user account. Assign roles to this new user
after creation.
T o use LDAP for authentication only, without using it to manage roles, set the ldap-roles: parameter
to false and set the LDAP_BASEDN configuration setting. In this situation, users log in to Red Hat
Satellite normally, which creates a new user account if one does not already exist.
For further information on LDAP role mappings in Satellite, refer to the Red Hat Satellite 6.0 User Guide.
Report a bug
15
Chapter 3. Logging into Red Hat Satellite for the First Time
3.1. Red Hat Satellite Components
Satellite consists of two web applications:
Red Hat Satellite: Content and Entitlement manages the Satellite systems, subscriptions and
content.
Red Hat Satellite: Provisioning manages system provisioning as well as the creation and
management of configuration files to configure a new host.
Both of these web applications interact with each other to manage the organization's systems. T he web
applications are currently separate components and are configured using separate interfaces.
Report a bug
3.2. Red Hat Satellite: Content and Entitlement

3.2.1. Logging into Red Hat Satellite: Content and Entitlement
T hese steps show how to log into Satellite: Content and Entitlement.
1. Access the component using a web browser pointed to the following address:
https://[HOSTNAME]/katello.
T o identify your hostname, use the hostnam e command at the prompt:
# hostname
16
Important
An untrusted connection warning appears on your web browser when accessing Katello
for the first time. Accept the self-signed certificate and add the Satellite: Content URL as
a security exception to override the settings. T his procedure might differ depending on the
browser being used.
Only do this if you are sure that the Satellite: Content URL is a trusted source.
Figure 3.1. Untrusted Connection Warning
2. Enter the username and password that you created during the configuration process. If you did
not create a user during the configuration process, the default username is admin.
If you forget your password, click Forgot Usernam e or Password and an email with
instructions on resetting your password will be sent to you.
Result
When you have successfully logged in, you are taken to the Satellite: Content dashboard, which
displays critical information about your subscriptions and other important information.
Note
If you are logged into Satellite: Content or Satellite: Provisioning, you can toggle between
the two web interfaces by clicking on the application name at the top right-hand side of the menu
bar.
Report a bug
3.2.2. Using the Red Hat Satellite: Content and Entitlement Dashboard
T he Satellite: Content Dashboard
17
T he dashboard is the first screen seen after logging in to the Satellite: Content interface. It
provides a status overview of the subscriptions and systems currently registered, an overview
of promotions and synchronization, and a list of the latest notifications.
Satellite: Content is used to manage entitlements for client machines. Each entitlement
provides access to a specified number of certificates. Each certificate grants the right for the
client machine to download, update, and receive support for a product.
System Subscription Status
T he System Subscription Status gives an overview of the status of the
subscriptions currently being managed by Satellite: Content. A subscription is a
purchased certificate that unlocks access to software, upgrades, and security fixes for
systems.
T able 3.1. System Subscription States
State
Description
Invalid
Subscriptions
Systems that have products installed, but have not

consumed a subscription. T hese systems need
attention immediately.
Insufficient
Subscriptions
Systems that have consumed a subscription and

have a valid entitlement, but that are not consuming
their full entitlements. T hese systems should be
monitored to ensure they are configured as
expected.
Current
Subscriptions
Systems that have a valid entitlement and are

consuming their full entitlements.
Icon
Latest Notifications
All messages produced by the system are listed in the Latest Notifications
section. T his includes administration information, product and subscription changes,
and any errors. Clicking on "More >>" will show a detailed view of the notification.
T his section should be monitored for global notifications sent to all users as well as to
pick up any unusual activity or errors.
Content Views Overview
A list of all Content Views in Satellite: Content and their publish status.
Promotions Overview
All changesets that have been promoted or are being promoted are listed in the
Prom otions Overview section. Click the name of a changeset to view the
changeset history.
Sync Overview
An overview of all products or repositories enabled in Satellite: Content and their
Synchronization status. All products that are in the queue for synchronization, are
unsynchronized or have been previously synchronized are listed in the Sync
Overview section. Click a product name to view the synchronization status.
18
Report a bug
3.3. Red Hat Satellite: Provisioning and Configuration

3.3.1. Logging into Red Hat Satellite: Provisioning and Configuration
T hese steps show how to log into Satellite: Provisioning.
1. Access the component using a web browser pointed to the following address;
https://[HOSTNAME]/forem an.
T o identify your hostname, use the hostnam e command at the prompt:
$ hostname
2. Enter the username and password that you created during the configuration process. If you did
not create a user during the configuration process, the default username is admin.
If you forget your password, click Forgot Usernam e or Password and an email with
instructions on resetting your password will be sent to you.
Result
When you have successfully logged in for the first time, you are taken to the Satellite: Provisioning
dashboard, which displays critical information about the first configuration steps required to use the
component.
Note
If you are logged into Satellite: Content or Satellite: Provisioning, you can toggle between
the two web interfaces by clicking on the application name at the top right-hand side of the menu
bar.
Report a bug
3.3.2. Using the Red Hat Satellite: Provisioning and Configuration Dashboard
T he Satellite: Provisioning Dashboard
T he dashboard is the first screen seen after logging in to the Satellite: Provisioning
interface. T he "Welcome" screen gives the organization administrator the required tasks that
must be performed in order for Satellite: Provisioning to function according to the
organization's requirements. See Part II. Red Hat Satellite: Provisioning and Configuration in the
Red Hat Satellite 6.0 User Guide for more information on how to complete these steps.
Report a bug
19
Chapter 4. Using the Red Hat Content Provider

4.1. About Content Providers
Content providers are used to provide different types of content, including packages, errata updates,
kickstart trees, and installation images.
Content providers can be in the form of a basic yum repository, or they can deliver paid content through
an external service. Red Hat content providers are set up using a subscription manifest, which can be
obtained through the Red Hat Customer Portal, or by contacting Red Hat Support. Manifests are used to
provide subscriptions to client systems through the Red Hat Satellite rather than through Red Hat
Network.
Once a content provider has been set up, systems can be subscribed to receive updates.
Report a bug
4.2. Setting up Manifests

A subscription manifest can be obtained through the method below or by contacting Red Hat Support.
T he manifest is used to set up Red Hat content providers and contains repository information and
subscriptions. It is used as a basis of dispensing subscriptions and Red Hat Network (RHN) content to
client systems from Red Hat Satellite.
T hese steps show how to obtain the subscription manifest from the Customer Portal.
You must meet the following conditions before continuing with this task:
A Customer Portal login and password.
Sufficient subscriptions to add to the manifest.
1. Login to the Customer Portal.
2. Click the Subscriptions Subscriptions Management Applications tab.
3. On the top-right hand corner of the Subscriptions Management Applications page, click Register
a subscription m anagem ent application link.
4. Select Satellite as the subscription management application from the drop-down menu of the
T ype field.
5. T ype in a name for the manifest in the Nam e field.
6. Select 6.0 from the drop-down menu as the Satellite Version.
7. Click the Register button.
8. Click the Attach a subscription link and add the subscriptions required for Red Hat
Satellite. Once done, click the Attach Selected button.
9. Click the Download manifest button. T his will generate a zip file that contains the manifest for
Red Hat Satellite.
Result:
A subscription manifest is created and downloaded for Red Hat Satellite.
Report a bug
20
Chapter 4. Using the Red Hat Content Provider
4.3. Uploading a Subscription Manifest

T hese steps show how to upload a subscription manifest.
Procedure 4 .1. Upload Subscription Manifest
1. Click the Content Subscriptions Red Hat Subscriptions menu.
2. Click the +Import Manifest link.
3. On the Subscription Manifest Import tab, click the Browse button to specify the location of the
manifest.
4. Click the Upload button to upload the subscription manifest.
Result:
A subscription manifest is uploaded.
Note
Content synchronization can take a long time. T he length of time required is dependent on the
speed of disk drives, network connection speed and the amount of content selected for
synchronization.
Report a bug
4.4. Enabling Red Hat Repositories

Once the manifest has been uploaded, the repositories need to be enabled in the Red Hat Satellite to
prepare it for synchronization.
T hese steps show how to enable a Red Hat repository:
Procedure 4 .2. Enabling Repositories
1. Click the Content Repositories Red Hat Repositories menu.
2. Expand each Red Hat product to examine the different repository sets available by clicking on the
arrow by the product name.
3. Choose which Red Hat repository sets you wish to add. Choosing it will automatically enable that
repository for your Red Hat Satellite server.
Result:
Repositories have been enabled and are ready to be synchronized.
Note
Products in the "Enabling Red Hat Repositories" page are dependent on manifest content. If a
required Red Hat repository is not available on this page, consult the manifest or the Red Hat
Customer Portal Subscriptions page.
Report a bug
21
Chapter 5. Synchronization
5.1. About Synchronization
Synchronization is the act of coordinating updates between the Red Hat Satellite's repositories and the
source repositories being used. Constant, scheduled synchronization will result in:
Data integrity between packages
Updated packages, security fixes and errata
Satellite's synchronization management capabilities allow organization administrators to create
synchronization plans to configure how often a system should look for and install updates.
Synchronization plans are then paired with the product repositories to come up with a synchronization
schedule that will allow products to be updated at specific intervals that are convenient for the
organization's network.
T able 5.1. Synchronization Directories
Directory
Permissions
SELinux Context
Description
/var/lib/pulp/packages
apache:apac
he 0755
system _u:object_r:httpd_
sys_rw_content_t:s0
Location for
packages.
/var/lib/pulp/distribut
ions
apache:apac
he 0755
system _u:object_r:httpd_
sys_rw_content_t:s0
Location for
distribution
content
including
kickstart trees.
Report a bug
5.2. Synchronization Status

T hese steps show how to synchronize products in Red Hat Satellite.
Procedure 5.1. Synchronize Products
1. Click Content Sync Management Sync Status. Based on the content providers set up,
the list of product channels available for synchronization is displayed.
2. Click the arrow next to the product name to see available content.
3. Select the content you wish to synchronize.
4. Click the Synchronize Now button to starting synchronizing. T he status of the synchronization
process will appear for monitoring. If synchronization is successful, Sync complete will appear
under the Result column. If synchronization failed, Error syncing will appear.
Result:
A product is synchronized.
22
Chapter 5. Synchronization
Note
Content synchronization can take a long time. T he length of time required is dependent on the
speed of disk drives, network connection speed and the amount of content selected for
synchronization.
Report a bug
5.3. Creating a New Synchronization Plan

T hese steps show how to create a new synchronization plan in Red Hat Satellite.
Procedure 5.2. Creating a new Synchronization Plan
1. Click Content Sync Management Sync Plans.
2. Click the +New Plan link to create your new synchronization plan.
3. T ype in the name of the new synchronization plan in the Nam e field.
4. T ype in a description of the new synchronization plan in the Description field.
5. Select the interval of the new synchronization plan by clicking the Interval drop-down menu.
6. Select the start date of the new synchronization plan by clicking the Start Date calendar menu.
7. Select the start time of the new synchronization plan by clicking the T im e drop-down menu.
8. Click the Save button to save your changes.
Result:
A new synchronization plan is created.
Report a bug
5.4. Applying a Synchronization Schedule

T hese steps show how to create a synchronization schedule in Red Hat Satellite.
Procedure 5.3. Creating a Synchronization Schedule
1. Click Content Sync Management Sync Schedule.
2. Select the products to schedule from the list of products.
3. Select the synchronization plan you wish to apply to your selected products.
4. Click the Apply Selected Plan to Selected Products button to save your changes.
Result:
A new synchronization schedule is created.
Report a bug
23
Chapter 6. Satellite Nodes

A Satellite Node is a scalable component that provides key Satellite 6 functions outside the primary
Satellite server, similar to a proxy. T his decreases the load on the primary server, reduces redundancy
and bandwidth, and provides geographic locality to the Satellite environment. A Satellite Node provides
the following features:
Content Node features, including:
Repository synchronization
Content delivery
Red Hat Satellite Provisioning Smart Proxy features, including:
DHCP, including ISC DHCP and MS DHCP servers
DNS, including Bind and MS DNS servers
Any UNIX-based T FT P server
Puppet servers from 0.24
Puppet CA to manage certificate signing and cleaning
Baseboard Management Controller (BMC) for power management
Report a bug
6.1. Installing a Satellite Node

T his procedure installs a Satellite Node onto a host.
Procedure 6.1. Installing Satellite on a certificate managed system
T his procedure install the Satellite Node on systems that use Subscription Manager.
1. Verify the availability of Satellite channels with the following command as the root user:
# subscription-manager list --available --all
T he screen displays:
+-------------------------------------------+
Available Subscriptions
+-------------------------------------------+
ProductName:
ProductId:
PoolId:
Quantity:
Multi-Entitlement:
Expires:
MachineType:
Red Hat Satellite

MCT1550
[pool id]
10
No
08/20/2013
physical
2. Subscribe to the pool using the following command:

# subscription-manager subscribe --pool=[pool id]
3. (Optional) Install yum-utils if the package has not already been installed:
24
# yum install yum-utils
yum-config-manager must be installed in the host system. yum-config-manager is included in the

yum-utils package.
4. Disable all existing repositories:
# yum-config-manager --disable "*"
5. Enable the Satellite and Red Hat Enterprise Linux repositories by running yum -configm anager. You might need to alter the Red Hat Enterprise Linux repository to match the specific
version you are using.
# yum-config-manager --enable rhel-6-server-rpms rhel-server-6-satellite-6mdp-2-rpms
6. Install the node-installer and v8 packages using the yum install command as the root user:
# yum install node-installer v8
Result:
T he Satellite Node is installed on your host system. T he Satellite Node must also be configured before it
can be used.
Report a bug
6.2. Configuring a Satellite Node

Prerequisite
Set the SELinux permissions to permissive on the system designated as the Satellite node.
T he following procedure configures a Satellite Node for use with your Red Hat Satellite server. T his
includes the following types of Satellite Nodes:
Satellite Node with Smart Proxy
Satellite Node as a Content Node
Satellite Node as a Content Node with Smart Proxy
Procedure 6.2. T o configure a Satellite Node
1. Create an activation key on the parent server. For more information on creating an activation key
refer to Creating a New Activation Key in the Red Hat Satellite User Guide.
2. Retrieve and set aside the oauth secret from the parent server by running the following command:
# cat /etc/katello/oauth_token-file
3. If configuring as a Content Node: Generate certificates for the Content Node from the Satellite
server.
25
# node-certs-generate -v --child-fqdn satnode.example.com

--katello-org
"Satellite Infrastructure" --katello-user admin --katello-password admin -katello-activation-key node
Where:
child-fqdn is the Satellite node's fully qualified domain name. (REQUIRED)
katello-org is the Satellite server's organization name to create a repository in.
katello-user is the Satellite username used for creating repositories with certificates. T his
parameter indicates that the certificates will be distributed via a Satellite repository.
katello-password is the Satellite user's password.
katello-activation-key is the Satellite's activation key that registers the system with
access to the certificate repository.
Add the node-certs product to the Content View Definition for your product.
4. Register your Satellite Node to the Satellite server:
# rpm -Uvh http://sat6host.example.redhat.com/pub/candlepin-cert-consumerlatest.noarch.rpm
# subscription-manager register --org Satellite_Infrastructure --activationkey
node --force
5. Depending on the desired Satellite Node type, choose one of the following options:
Option 1 - Satellite Node with Smart Proxy: T his installs a Satellite Node with Smart
Proxy features (DHCP, DNS, Puppet). Run the following commands as the root user on the
Satellite server:
# OAUTH_SECRET=$(cat /etc/katello/oauth_token-file)
# FORWARDERS=$(for i in $(cat /etc/resolv.conf |grep nameserver|awk
'{print $2}'); do echo --dns-forwarders $i; done)
# node-install -v \
--parent-fqdn $(hostname) \
--dns true $FORWARDERS \
--dns-interface virbr1 \
--dns-zone example.org \
--dhcp true \
--dhcp-interface virbr1 \
--pulp false \
--tftp true \
--tftp-servername $(hostname) \
--puppet true \
--puppetca true \
--register-in-foreman true \
--foreman-oauth-secret "$OAUTH_SECRET"
Option 2 - Satellite Node as a Content Node: T his installs a Satellite Node with content
management features and a Puppet Master. Run the following commands as the root user on
the Satellite server:
26
# SATELLITE_6=[hostname of satellite 6 server]

# OAUTH_SECRET=$(cat /etc/katello/oauth_token-file)
# node-install -v \
--parent-fqdn "$SATELLITE_6" \
--pulp true \
--pulp-oauth-secret "$OAUTH_SECRET" \
--puppet true \
--puppetca true \
--foreman-oauth-secret "$OAUTH_SECRET" \
--dns false \
--dhcp false \
--tftp false
Option 3 - Satellite Node as a Content Node with Smart Proxy: T his installs a Satellite
Node with all features. Run the following commands as the root user on the Satellite server:
SATELLITE_6=[hostname of satellite 6 server]
OAUTH_SECRET=$(cat /etc/katello/oauth_token-file)
FORWARDERS=$(for i in $(cat /etc/resolv.conf |grep nameserver|awk '{print
$2}'); do echo --dns-forwarders $i; done)
node-install -v \
--parent-fqdn "$SATELLITE_6" \
--dns true $FORWARDERS \
--dns-interface virbr1 \
--dns-zone example.org \
--dhcp true \
--dhcp-interface virbr1 \
--tftp true \
--tftp-servername $(hostname) \
--puppet true \
--puppetca true \
--foreman-oauth-secret "$OAUTH_SECRET" \
--pulp true \
--pulp-oauth-secret "$OAUTH_SECRET"
Note
T o test that the child node or nodes exist on the parent server run the following command:
# katello -u admin -p admin node list
27
Note
T o test if the configuration is successful, run this command as the user on the node:
# echo $?
T his command should return a "0" to indicate success. If it does not, check /var/log/kafo to
debug the cause of failure. /var/log/kafo is the log file for the output generated by the
commands node-certs-generate and node-install.
Result:
T he Satellite Node is now configured and registered with the Red Hat Satellite server.
Report a bug
6.3. Adding Environments to a Satellite Node

If the newly created Satellite Node has Content Node features enabled, use the following procedure to
choose a set of environments that consume content from the Node:
Procedure 6.3. T o add environments to a Satellite Node
1. Log in to the Satellite command shell on the Satellite server as the root user:
# katello -u admin -p admin shell
2. List the available nodes with the node list command:

katello> node list
--------------------------------------------------------------------------Node List
ID Name
Environments
--------------------------------------------------------------------------3 satnode.example.com
3. Add the desired environments to the nodes:

katello> node add_environment --org "Satellite Infrastructure" --environment
Library --id 3
katello> node add_environment --org "Satellite Infrastructure" --environment
dev --id 3
4. Confirm the environment additions with the node list command:
28
katello> node list

--------------------------------------------------------------------------Node List
ID Name
Environments
--------------------------------------------------------------------------3 satnode.example.com Satellite Infrastructure: [Library,dev]
5. Perform a content/environment synchronization on the child node. Run the following command
from the parent server:
# katello -u admin -p admin node sync --name [fqdn.of.child.node] -environment [environment] --org "Satellite Infrastructure"
Instead of --nam e, the option --id [child_id] can be used.

Result:
T he chosen environments now consume packages from repositories on the desired Satellite Node.
Report a bug
6.4. Using a Satellite Node

Systems can be registered to the parent host while using a Satellite node as a content source. T o do
this, register the system to the parent node through subscription-m anager but reference the child
node by using the --baseurl flag provided by the tool.
Report a bug
29
Revision History
Revision 0-28.4 04
Rebuild with Publican 4.0.0
Mon Nov 25 2013
Rdiger Landmann
Revision 0-28
Fixing
Mon Nov 11 2013
Dan Macpherson
Revision 0-27
Preparation for MDP2.
Mon 11 Nov 2013
Dan Macpherson
Revision 0-26
Mon 11 Nov 2013
Athene Chan
BZ #1024530, 1027466 Additional edits to steps for Satellite nodes.
Revision 0-25
T hu 7 Nov 2013
Megan Lewis
BZ #1027461 Added steps to create activation key and retrieve oauth secret. Added note to verify nodes
exist.
Revision 0-24
T hu 7 Nov 2013
Athene Chan
BZ #1027466 Added a small seciton on using Satellite nodes. Added synchronization step.
Revision 0-23
Wed 30 Oct 2013
Athene Chan
BZ #1024438 changed procedures to accommodate yum-utils installation.
BZ #1024529 removed katello.yml instructions as this is not preferred way of LDAP configuration.
BZ #1024559 Added foreman-libvirt to the yum install command.
BZ #1024530 Added new information to the section on Satellite Nodes.
Revision 0-22
T ue 29 Oct 2013
BZ #1024094 yum-utils command updated.
Athene Chan
Revision 0-21
Wed 09 Oct 2013
Finalizing QE review implementation
Dan Macpherson
Revision 0-20
Wed 2 Oct 2013
BZ #1014402 Installation requirements updated.
Athene Chan
Revision 0-19
Wed 2 Oct 2013
BZ #1014402 Prerequisites for installation updated.
Athene Chan
Revision 0-18
T ue 1 Oct 2013
BZ #1009719, 971944 Minor spelling and grammar edits.
Athene Chan
Revision 0-17
T hu 19 Sep 2013
Athene Chan
BZ #1009719 Updated the Prerequisites and the install instructions.
Revision 0-16
T ue 17 Sep 2013
BZ #971944 Added storage requirements for Satellite.
Athene Chan
Revision 0-15
Megan Lewis
30
Wed 11 Sep 2013
Revision History
Integrating QE feedback.
Revision 0-14
Removing draft watermark.
Mon 12 Aug 2013
Dan Macpherson
Revision 0-13
Mon 12 Aug 2013
Preparing documentation for technical review.
Dan Macpherson
Revision 0-09
T hu 20 June 2013
Correction to repo label for installation.
Dan Macpherson
Revision 0-08
Added MDP1 status.
Dan Macpherson
T hu 20 June 2013
Revision 0-07
Wed 19 June 2013
Revised channel for installation.
Athene Chan
Revision 0-06
T hu 13 June 2013
Edited book for grammatical errors and sentence structure.
Athene Chan
Revision 0-05
T ue 11 June 2013
Added Chapters for manifests and for synchronization.
Edited sections based on technical review feedback.
Athene Chan
Revision 0-04
Fri 31 May 2013
Changed field names in the Satellite:Provisioning LDAP section.
Athene Chan
Revision 0-03
T hu 30 May 2013
Athene Chan
Renamed all web application components to the rebranded names of "Red Hat Satellite: Content and
Entitlement" and "Red Hat Satellite: Provisioning and Configuration".
Revision 0-02
T ue 28 May 2013
Incorporated technical review edits.
Updated commands for installing Red Hat Satellite.
Standardized tagging of components.
Athene Chan
Revision 0-01
Initial book creation
Athene Chan
Fri 17 May 2013
31

Red Hat Satellite 6.0 Installation Guide en US

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Red Hat Satellite 6.0 Installation Guide en US

Hochgeladen von

Copyright:

Verfügbare Formate

Red Hat Satellite Red Hat Satellite

6.0 Managed Design Program 2

Installing and Configuring Satellite: Technical Preview for Managed

Red Hat Satellite 6 Documentation Team

Installing and Configuring Satellite: Technical Preview for Managed

Red Hat Satellite 6 Do cumentatio n Team

1.1. Typographic Conventions

1.2. Pull-quote Conventions

static int kvm_vm_ioctl_deassign_device(struct kvm *kvm,

1.3. Notes and Warnings

2. Getting Help and Giving Feedback

Portal at http://access.redhat.com. T hrough the customer portal, you can:

2.2. We Need Feedback!

Required Network Ports

Chapter 2. Red Hat Satellite Installation