The Foreman installation with Katello support

Katello is a content manager which allows to create, organize and manage Yum and Puppet repositories. Sync remote repositories or upload content directly to build your own custom content. Katello is now fully integrated to The Foreman, the provisioning and configuration solution. Katello permits to keep in sync many external sources :

• Yum repositories,
• Puppet forges,
• Docker registries,
• Red Hat CDN (with a subscription manifest)

More readings :

• https://theforeman.org/
• https://theforeman.org/plugins/katello/index.html
• https://access.redhat.com/documentation/fr-FR/Red_Hat_Satellite/6.0/html-single/Installation_Guide/
• https://www.linuxtechi.com/katello-download-yum-repositories-register-clients-for-patching/

Foreman/Katello install on amd64 arch excusively, and can run on RHEL/CentOS 6 or 7.

12GB are highly recommended.

Red Hat strongly recommends to use LVM for partitioning, and XFS as filesystem for storage and database.

• Create and format XFS filesystem for Foreman data

lvcreate -n pulp -L 500G vg_foreman
lvcreate -n mongodb -L 50G vg_foreman
lvcreate -n pgsql -L 50G vg_foreman
 
mkfs.xfs /dev/vg_foreman/pulp
mkfs.xfs /dev/vg_foreman/mongo
mkfs.xfs /dev/vg_foreman/pgsql

• Create mountpoints

mkdir /var/lib/mongodb /var/lib/pulp /var/lib/pgsql
 
cat <<EOF >> /etc/fstab
/dev/vg_foreman/pulp   /var/lib/pulp     xfs  defaults 0 0
/dev/vg_foreman/mongo  /var/lib/mongodb  xfs  defaults 0 0
/dev/vg_foreman/pgsql  /var/lib/pgsql    xfs  defaults 0 0
EOF
 
mount -a

• Add EPEL repository

yum install -y epel-release
yum update -y

• Add Katello/Puppet/Foreman repositories

# Katello
yum -y localinstall http://fedorapeople.org/groups/katello/releases/yum/3.4/katello/el7/x86_64/katello-repos-latest.rpm
# The Foreman
yum -y localinstall http://yum.theforeman.org/releases/1.15/el7/x86_64/foreman-release.rpm
# Puppet 4
yum -y localinstall https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm

• Install Foreman with Katello software and dependencies

yum -y install foreman-release-scl
yum update -y
yum install -y katello

• Deploy Foreman with Katello

foreman-installer --scenario katello

• Configure firewall

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --permanent --zone=public --add-service=tftp
firewall-cmd --permanent --zone=public --add-service=puppetmaster
firewall-cmd --permanent --zone=public --add-port=8080/tcp
firewall-cmd --reload

In the below example, we'll mirror CentOS 7 base repository.

On a fresh Foreman install, the very first step is to create an organization

<columns - → On the Menu bar, click on Any Context, then on Manage Organizations menu item <newcolumn> </columns>

<columns - → Click on New Organization Button <newcolumn> </columns>

<columns - → Fill the fields accordingly to your need :

• Name is the display name of your organization,
• Label is the internal name used by Foreman and Katello
• description is a free form where you can describe the organization

<newcolumn> </columns>

<columns - → On the Menu bar, click on Content, then on Sync Plans menu item <newcolumn> </columns>

<columns - → Click on Create Sync Plan Button <newcolumn> </columns>

<columns - → Fill the form with the following informations :

• Name : a name for the sync plan,
• Description : a description for the sync plan,
• Interval : the scheduling interval for the sync plan (hourly, daily, weekly)
• Start Date : a start date

Then click on Save button. <newcolumn> </columns>

We need to import the GPG key used by the remote repository. In our case, the GPG key is accessible on http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7

<columns - → On the Menu bar, click on Content, then on GPG Keys menu item <newcolumn> </columns>

<columns - → Click on Create GPG Key Button <newcolumn> </columns>

<columns - → Fill the form with the following informations :

• Name : a name for the GPG key to create,
• GPG Key content : you can copy & paste the content of the GPG key in the form, of you can use the Upload button to upload the GPG key.

Then click on Save button. <newcolumn> </columns>

<columns - → On the Menu bar, click on Content, then on Products menu item <newcolumn> </columns>

<columns - → Click on Create Product Button <newcolumn> </columns>

<columns - → Fill the form with the following informations :

• Name : the name for the product,
• Label : the label used internammy by Foreman,
• GPG Key : select with the drop-down list the relevant GPG key,
• Sync Plan : select with the drop-down list the relevant sync pla to apply to this product,
• Description : put a description for this product.

Then click on Save button. <newcolumn> </columns>

<columns - → One the product is created, the user is automatically directed to the Repositories pane. At this time there is not yet any configured repository, so let's create one by clicking on the New Repository button : <newcolumn> </columns>

<columns - - → Fill the form with the following informations :

• Name : a name for the repository,
• Label : the label used internammy by Foreman,
• Type : select yum on the drop-down menu,
• URL : enter here the URL of the Yum repository to mirror
• Dowbload policy
  • On demand : only repo's metadata are downloaded from the remote repository, then packages are fetched and stored on local FS only when clients request them,
  • Background : repo's metadata are downloaded from the remote repository, then packages are downloaded as a background task after the initial sync,
  • Immediate : both repo's metadata and packages are downloaded.
• GPG Key : Select with the drop-down menu the GPG key to use with this repository.

Then click on Save button. <newcolumn> <newcolumn> </columns>

<columns - → On the Menu bar, click on Content, then on LifeCycle Environments menu item <newcolumn> </columns>

<columns - → Click on Create Environment Path Button <newcolumn> </columns>

<columns - → Fill the form with the following informations :

• Name : a name for the environment,
• Label : the label used internammy by Foreman,
• Description : a description

Then click on Save button. <newcolumn> </columns>

<columns - → On the Menu bar, click on Content, then on Content Views menu item <newcolumn> </columns>

<columns - → Click on Create New View Button <newcolumn> </columns>

<columns - → Fill the form with the following informations :

• Name : a name for the view,
• Label : the label used internammy by Foreman,
• Description : a description

Then click on Save button. <newcolumn> </columns>

<columns - → Once the view is created, go on the Yum Content pane, then select the Add pane from the Repository Selection

Then select the repositories to include into the view (in the example below, base and updates repositories from CentOS 7 Product are selected.

Finally, click on Add Repositories button. <newcolumn> </columns>

<columns - → go on the Versions pane, then click on Publish New Version button. <newcolumn> </columns>

<columns - → Fill the Description form, then click on Save button. <newcolumn> </columns>

<columns - → The version is going to be published. This may take a while.

When the publshing procedure is completed, you can click on the Promote button for the Version 1.0. <newcolumn> </columns>

<columns - → Select the right library by clicking on the checkbox, then click on Promote Version. <newcolumn> </columns>

<columns - → On the Menu bar, click on Content, then on Activation Keys menu item <newcolumn> </columns>

<columns - → Click on Create Activation Key Button <newcolumn> </columns>

<columns - → Fill the form with the following informations :

• Name : The name of the activation key,
• Unlimited Hosts : check the box if you don't need to restrict the ammount of clients registered,
• Description : put a descriptive text,
• Environment : select the desired environments.

Then click on Save button. <newcolumn> </columns>

<columns - → Once the key is created, it can be used to register client hosts to this system by using the following command :

subscription-manager register --org="orga_axians_aix" --activationkey="Axians Aix production key"

<newcolumn> </columns>

The target system must have the required package installed prior registration :

• subscription-manager normally comes from distribution's official repository or installation media,
• katello-ca-consumer-katello.xxx must by downloaded from the Katello server itself.

In the following example, the Foreman/Katello server IP address is 192.168.122.178 and its FQDN is katello.internal.lan :

yum install -y subscription-manager
yum localinstall -y http://192.168.122.178/pub/katello-ca-consumer-katello.internal.lan-1.0-1.noarch.rpm

In order to register a client host to Katello, you need to provide the following elements :

• the oraganization name, in our example, the organization name is orga_axians_aix,
• the activation key. in our axample, the key is “Axians Aix production key”

subscription-manager register --org="orga_axians_aix" --activationkey="Axians Aix production key"
The system has been registered with ID: c21106ec-9991-4246-b101-966b2dda99a8 
 
No products installed.

  subscription-manager list --available --all
  +-------------------------------------------+
      Available Subscriptions
  +-------------------------------------------+
  Subscription Name:   EPEL7 for CentOS/RHEL
  Provides:            
  SKU:                 884388902125
  Contract:            
  Pool ID:             4028fa325e577a77015e5b0d989a0025
  Provides Management: No
  Available:           Unlimited
  Suggested:           1
  Service Level:       
  Service Type:        
  Subscription Type:   Standard
  Ends:                08/31/2047
  System Type:         Physical

  subscription-manager attach --pool=4028fa325e577a77015e5b0d989a0025
  Successfully attached a subscription for: EPEL7 for CentOS/RHEL