====== The Foreman installation with Katello support ======
//Katello// is a content manager which allows to create, organize and manage Yum and Puppet repositories. Sync remote repositories or upload content directly to build your own custom content.
Katello is now fully integrated to //The Foreman//, the provisioning and configuration solution.
{{ :pages_it:provisioning:katello_archi.jpg?direct&400 |}}
Katello permits to keep in sync many external sources :
* Yum repositories,
* Puppet forges,
* Docker registries,
* Red Hat CDN (with a subscription manifest)
More readings :
* https://theforeman.org/
* https://theforeman.org/plugins/katello/index.html
* https://access.redhat.com/documentation/fr-FR/Red_Hat_Satellite/6.0/html-single/Installation_Guide/
* https://www.linuxtechi.com/katello-download-yum-repositories-register-clients-for-patching/
===== Prerequisites =====
=== Software ===
Foreman/Katello install on amd64 arch excusively, and can run on RHEL/CentOS 6 or 7.
=== Hardware ===
12GB are highly recommended.
^ ^ minimum ^ recommended ^
^ RAM | 8GB | 12GB |
^ CPU | 2 cores | 4 cores |
=== Storage ===
Red Hat strongly recommends to use **LVM** for partitioning, and **XFS** as filesystem for storage and database.
^ mountpoint ^ size ^ comments ^
| / | 10GB | base system |
| /var/lib/pulp | 500GB+ | storage for mirrored repositories |
| /var/lib/mongodb | 20GB-100GB | storage database |
| /var/lib/pgsql | 2GB-50GB | storage database |
===== Installation =====
=== storage & filesystem ===
* Create and format XFS filesystem for Foreman data
lvcreate -n pulp -L 500G vg_foreman
lvcreate -n mongodb -L 50G vg_foreman
lvcreate -n pgsql -L 50G vg_foreman
mkfs.xfs /dev/vg_foreman/pulp
mkfs.xfs /dev/vg_foreman/mongo
mkfs.xfs /dev/vg_foreman/pgsql
* Create mountpoints
mkdir /var/lib/mongodb /var/lib/pulp /var/lib/pgsql
cat <> /etc/fstab
/dev/vg_foreman/pulp /var/lib/pulp xfs defaults 0 0
/dev/vg_foreman/mongo /var/lib/mongodb xfs defaults 0 0
/dev/vg_foreman/pgsql /var/lib/pgsql xfs defaults 0 0
EOF
mount -a
=== Software dependencies ===
* Add EPEL repository
yum install -y epel-release
yum update -y
* Add Katello/Puppet/Foreman repositories
# Katello
yum -y localinstall http://fedorapeople.org/groups/katello/releases/yum/3.4/katello/el7/x86_64/katello-repos-latest.rpm
# The Foreman
yum -y localinstall http://yum.theforeman.org/releases/1.15/el7/x86_64/foreman-release.rpm
# Puppet 4
yum -y localinstall https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm
=== Software installaton ===
* Install Foreman with Katello software and dependencies
yum -y install foreman-release-scl
yum update -y
yum install -y katello
* Deploy Foreman with Katello
foreman-installer --scenario katello
* Configure firewall
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --permanent --zone=public --add-service=tftp
firewall-cmd --permanent --zone=public --add-service=puppetmaster
firewall-cmd --permanent --zone=public --add-port=8080/tcp
firewall-cmd --reload
===== Configuration =====
==== Mirror a Yum repository ====
In the below example, we'll mirror //CentOS 7// base repository.
=== Organization ===
On a fresh Foreman install, the very first step is to create an //organization//
On the Menu bar, click on //**Any Context**//, then on //**Manage Organizations**// menu item
{{ :pages_it:provisioning:foreman_orga_1.png?direct|}}
----
Click on //**New Organization**// Button
{{ :pages_it:provisioning:foreman_orga_2.png?direct&600|}}
----
Fill the fields accordingly to your need :
* Name is the display name of your organization,
* Label is the internal name used by Foreman and Katello
* description is a free form where you can describe the organization
{{ :pages_it:provisioning:foreman_orga_3.png?direct&600|}}
----
=== Sync plan ===
On the Menu bar, click on //**Content**//, then on //**Sync Plans**// menu item
{{ :pages_it:provisioning:foreman_sync_1.png?direct|}}
----
Click on //**Create Sync Plan**// Button
{{ :pages_it:provisioning:foreman_sync_2.png?direct&600|}}
----
Fill the form with the following informations :
* **Name** : a name for the sync plan,
* **Description** : a description for the sync plan,
* **Interval** : the scheduling interval for the sync plan (hourly, daily, weekly)
* **Start Date** : a start date
Then click on //**Save**// button.
{{ :pages_it:provisioning:foreman_sync_3.png?direct|}}
----
=== GPG key ===
We need to import the GPG key used by the remote repository. In our case, the GPG key is accessible on
http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7
On the Menu bar, click on //**Content**//, then on //**GPG Keys**// menu item
{{ :pages_it:provisioning:foreman_gpg_1.png?direct|}}
----
Click on //**Create GPG Key**// Button
{{ :pages_it:provisioning:foreman_gpg_2.png?direct&600|}}
----
Fill the form with the following informations :
* **Name** : a name for the GPG key to create,
* **GPG Key content** : you can copy & paste the content of the GPG key in the form, of you can use the //**Upload**// button to upload the GPG key.
Then click on //**Save**// button.
{{ :pages_it:provisioning:foreman_gpg_3.png?direct|}}
----
=== Product ===
On the Menu bar, click on //**Content**//, then on //**Products**// menu item
{{ :pages_it:provisioning:foreman_product_1.png?direct|}}
----
Click on //**Create Product**// Button
{{ :pages_it:provisioning:foreman_product_2.png?direct&600|}}
----
Fill the form with the following informations :
* **Name** : the name for the product,
* **Label** : the label used internammy by Foreman,
* **GPG Key** : select with the drop-down list the relevant GPG key,
* **Sync Plan** : select with the drop-down list the relevant sync pla to apply to this product,
* **Description** : put a description for this product.
Then click on //**Save**// button.
{{ :pages_it:provisioning:foreman_product_3.png?direct|}}
----
One the product is created, the user is automatically directed to the //**Repositories**// pane. At this time there is not yet any configured repository, so let's create one by clicking on the //**New Repository**// button :
{{ :pages_it:provisioning:foreman_product_4.png?direct|}}
----
Fill the form with the following informations :
* **Name** : a name for the repository,
* **Label** : the label used internammy by Foreman,
* **Type** : select //**yum**// on the drop-down menu,
* **URL** : enter here the URL of the Yum repository to mirror
* **Dowbload policy**
* **On demand** : only repo's metadata are downloaded from the remote repository, then packages are fetched and stored on local FS only when clients request them,
* **Background** : repo's metadata are downloaded from the remote repository, then packages are downloaded as a background task after the initial sync,
* **Immediate** : both repo's metadata and packages are downloaded.
* **GPG Key** : Select with the drop-down menu the GPG key to use with this repository.
Then click on //**Save**// button.
{{:pages_it:provisioning:foreman_product_5.png?direct|}}
{{:pages_it:provisioning:foreman_product_6.png?direct|}}
----
=== Lifecycle Environments ===
On the Menu bar, click on //**Content**//, then on //**LifeCycle Environments**// menu item
{{ :pages_it:provisioning:foreman_lifecycle_1.png?direct|}}
----
Click on //**Create Environment Path**// Button
{{ :pages_it:provisioning:foreman_lifecycle_2.png?direct&600|}}
----
Fill the form with the following informations :
* **Name** : a name for the environment,
* **Label** : the label used internammy by Foreman,
* **Description** : a description
Then click on //**Save**// button.
{{ :pages_it:provisioning:foreman_lifecycle_3.png?direct|}}
----
=== Content View ===
On the Menu bar, click on //**Content**//, then on //**Content Views**// menu item
{{ :pages_it:provisioning:foreman_contentview_1.png?direct|}}
----
Click on //**Create New View**// Button
{{ :pages_it:provisioning:foreman_contentview_2.png?direct|}}
----
Fill the form with the following informations :
* **Name** : a name for the view,
* **Label** : the label used internammy by Foreman,
* **Description** : a description
Then click on //**Save**// button.
{{ :pages_it:provisioning:foreman_contentview_3.png?direct|}}
----
Once the view is created, go on the //**Yum Content**// pane, then select the //**Add**// pane from the //**Repository Selection**//
Then select the repositories to include into the view (in the example below, //base// and //updates// repositories from CentOS 7 Product are selected.
Finally, click on //**Add Repositories**// button.
{{ :pages_it:provisioning:foreman_contentview_4.png?direct|}}
----
go on the //**Versions**// pane, then click on //**Publish New Version**// button.
{{ :pages_it:provisioning:foreman_contentview_5.png?direct|}}
----
Fill the //**Description**// form, then click on //**Save**// button.
{{ :pages_it:provisioning:foreman_contentview_6.png?direct|}}
----
The version is going to be published. This may take a while.
When the publshing procedure is completed, you can click on the //**Promote**// button for the Version 1.0.
{{ :pages_it:provisioning:foreman_contentview_7.png?direct|}}
----
Select the right //library// by clicking on the checkbox, then click on //**Promote Version**//.
{{ :pages_it:provisioning:foreman_contentview_8.png?direct|}}
----
=== Activation keys ===
On the Menu bar, click on //**Content**//, then on //**Activation Keys**// menu item
{{ :pages_it:provisioning:foreman_activationkeys_1.png?direct|}}
----
Click on //**Create Activation Key**// Button
{{ :pages_it:provisioning:foreman_activationkeys_2.png?direct|}}
----
Fill the form with the following informations :
* **Name** : The name of the activation key,
* **Unlimited Hosts** : check the box if you don't need to restrict the ammount of clients registered,
* **Description** : put a descriptive text,
* **Environment** : select the desired environments.
Then click on //**Save**// button.
{{ :pages_it:provisioning:foreman_activationkeys_3.png?direct|}}
----
Once the key is created, it can be used to register client hosts to this system by using the following command :
subscription-manager register --org="orga_axians_aix" --activationkey="Axians Aix production key"
{{ :pages_it:provisioning:foreman_activationkeys_4.png?direct|}}
----
==== Configure client host ====
=== Prerequisites ===
The target system must have the required package installed prior registration :
* **subscription-manager** normally comes from distribution's official repository or installation media,
* **katello-ca-consumer-katello.xxx** must by downloaded from the Katello server itself.
In the following example, the Foreman/Katello server IP address is **192.168.122.178** and its FQDN is **katello.internal.lan** :
yum install -y subscription-manager
yum localinstall -y http://192.168.122.178/pub/katello-ca-consumer-katello.internal.lan-1.0-1.noarch.rpm
=== Client registration ===
In order to register a client host to Katello, you need to provide the following elements :
* the **oraganization** name, in our example, the organization name is //**orga_axians_aix**//,
* the **activation key**. in our axample, the key is "**Axians Aix production key**"
subscription-manager register --org="orga_axians_aix" --activationkey="Axians Aix production key"
The system has been registered with ID: c21106ec-9991-4246-b101-966b2dda99a8
No products installed.
=== List available subscriptions ===
subscription-manager list --available --all
+-------------------------------------------+
Available Subscriptions
+-------------------------------------------+
Subscription Name: EPEL7 for CentOS/RHEL
Provides:
SKU: 884388902125
Contract:
Pool ID: 4028fa325e577a77015e5b0d989a0025
Provides Management: No
Available: Unlimited
Suggested: 1
Service Level:
Service Type:
Subscription Type: Standard
Ends: 08/31/2047
System Type: Physical
=== Attach to a subscription ===
subscription-manager attach --pool=4028fa325e577a77015e5b0d989a0025
Successfully attached a subscription for: EPEL7 for CentOS/RHEL