Red Hat Satellite 6 Administration
- Section Describe Red Hat Satellite
- Quiz: Describe Red Hat Satellite
- Plan a Red Hat Satellite Deployment
- Guided Exercise: Plan a Red Hat Satellite Deployment
- Install Red Hat Satellite
- Guided Exercise: Validate a Red Hat Satellite Installation
- Administer Red Hat Satellite with Hammer
- Guided Exercise: Administer Red Hat Satellite with Hammer
- Configure Organizations and Content Manifests
- Guided Exercise: Configure Organizations and Content Manifests
- Lab: Plan and Deploy Red Hat Satellite
- Summary
Abstract
| Goal |
Plan a Red Hat Satellite deployment, installation, and initial configuration of Red Hat Satellite servers. |
| Objectives |
|
| Sections |
|
| Lab |
|
Red Hat Satellite 6 is a system management solution to deploy, configure, and maintain systems across physical, virtual, and cloud environments. Satellite provides provisioning, remote management, and monitoring of Red Hat Enterprise Linux (RHEL) systems. Satellite Server synchronizes content from the Red Hat Customer Portal and other sources, and provides functions for lifecycle management, role-based access control, and subscription management.
The Red Hat Satellite architecture consists of four major components that define the stages of content distribution from the original sources to the managed host destinations.
- External Content Sources
Red Hat Satellite supports multiple types of content sources. Originally, Satellite was designed as an on-premise replica of selected content from the Red Hat Customer Portal, which is the primary source of software packages, errata, container images, and subscription management services. Today, Satellite supports additional content sources, such as Git repositories, Docker Hub, Puppet Forge, Security Content Automation Protocol (SCAP) repositories, and private repositories for an organization's custom packages and images.
- Satellite Server
The Satellite Server is the central component where you manage the content lifecycle. A typical Red Hat Satellite deployment has one central Satellite Server. The Satellite Server uses one or more organizations to isolate lifecycle management for groups of hosts in separate administrative realms. The Satellite Server configures Capsule Servers and delegates content distribution, host provisioning, and communication to the Capsule Servers, including a default, integrated Capsule Server in the central Satellite Server.
You can administer and configure Red Hat Satellite by accessing the Satellite Server only. The Satellite Server includes a REST API for interfacing custom scripts, applications, and management tools, including the two main administration interfaces:
Satellite Server web UI: A web-based tool to maintain all functions of Red Hat Satellite.
Hammer: A command-line tool that provides parity with most functions of the web UI.
- Capsule Servers
Capsule Servers mirror content from Satellite Server to enable managed host systems to pull content and configuration from servers that are geographically closer than the Satellite Server. Capsule Servers also provide multiple services, such as provisioning and configuration management, to their assigned managed hosts.
- Managed Hosts
Hosts are the managed systems that receive distributed content from Capsule Servers. Hosts can be either physical or virtual. Satellite Server can have directly managed hosts, because the central Satellite Server is running an integrated Capsule Server. A remote Capsule Server is configured first as a managed host of the central Satellite Server, and then as a Capsule Server.
Red Hat Satellite consists of several open-source projects that are integrated and supported as Red Hat Satellite. Red Hat Smart Management combines the Red Hat Satellite infrastructure management with Red Hat Insights remediation.
Satellite Server and Capsule Servers are installed on dedicated RHEL systems. Each RHEL host must include the Red Hat Subscription Manager to manage Satellite Server updates.
SectionFigure 1.1: Red Hat Satellite 6 architecture illustrates the architecture of Red Hat Satellite 6:
- Foreman
Foreman is an open-source application for provisioning and lifecycle management of physical and virtual hosts. Foreman provides automatic host configuration by using multiple methods, including kickstart, Ansible Playbooks, and Puppet modules.
- Katello
Katello is a Foreman plug-in for subscription and repository management. Katello provides methods to subscribe to Red Hat repositories, and to download content. Content versions can be applied to specific hosts to match their stage in an application lifecycle.
- Candlepin
Candlepin is a Katello service that handles subscription management.
- Pulp
Pulp is a Katello service that handles repository and content management. Pulp manages content views, sync plans, and the synchronous or delayed content transfer to Capsule Servers. Pulp ensures efficient storage space by not duplicating RPM packages even when requested by content views in different organizations.
- Hammer
Hammer is a CLI tool that provides command-line and shell equivalents for most functions that are available through the Satellite Server web UI. Hammer uses environment variables, aliases, and redirection to other CLI tools to expedite interaction with Satellite Server.
- REST API
Red Hat Satellite includes a RESTful API service that is accessed by the web UI and Hammer.
Red Hat Satellite provides content for many types of deployment and build methods, including legacy enterprise and cloud-native environments. Satellite handles these content types, with the content stored in the file system and the metadata indexed in the Satellite database:
RPM packages: Software in RPM format from the Red Hat Content Delivery Network or from third-party vendor repositories.
Kickstart trees: Bootable operating system trees for network host provisioning.
Puppet modules: For state configuration of hosts by using Puppet.
Container images: Imported container images for distribution to external containers.
ISO images: ISO images from Red Hat or other sources, or virtual machine image files for publishing from a repository.
Custom file type: For distributing source code, configuration, or other custom files.
Note
For more information about Red Hat Satellite components and its versions, refer to this article at https://access.redhat.com/articles/1343683
A Capsule Server mirrors content from Satellite Server to provide content federation and localized services in remote geographical locations. Host systems pull content and configuration from Capsule Server in their location. Additional Capsule Servers can be created to provide managed host scaling in a local or remote location, or to provide managed host isolation.
A Capsule Server provides these content-related features, which are further discussed in a later chapter:
Repository synchronization: Content from selected Satellite Server lifecycle environments is pulled to Capsule Server for later content delivery to managed hosts.
Content delivery: Hosts that are assigned to a Capsule Server download content from that Capsule rather than from the central Satellite Server.
Host action delivery: Capsule Server executes scheduled actions on hosts.
Red Hat Subscription Management (RHSM) proxy: Hosts register to their associated Capsule Servers rather than to the central Satellite Server or to the Red Hat Customer Portal.
A Capsule Server provides these infrastructure and host management services, which are further discussed in a later chapter:
DHCP: Capsule can manage a DHCP server, including integration with an existing solution such as ISC DHCP servers, Active Directory, and Libvirt instances.
DNS: Capsule can manage a DNS server, including integration with an existing solution such as ISC BIND and Active Directory.
TFTP: Capsule can integrate with any UNIX-based TFTP server.
Realm: Capsule can manage Kerberos realms or domains so that hosts can join them automatically during provisioning. Capsule can integrate with an existing infrastructure, including Red Hat Identity Management and Active Directory.
Baseboard Management Controller (BMC): Capsule can provide power management for hosts that use IPMI or Redfish.
Provisioning template proxy: Capsule can serve provisioning templates to hosts.
OpenSCAP: Capsule can scan for security compliance on hosts.
Puppet Master: Capsule can act as a configuration management server by running Puppet Master.
Puppet Certificate Authority (Puppet CA): Capsule can integrate with Puppet's CA to provide certificates to hosts.
Note
Starting in Red Hat Satellite 6.11, puppet integration is optional and disabled by default.
Capsule Servers facilitate scaling your Satellite environment as the number of managed host systems increases. Capsule Servers decrease the load on the central Satellite Server, increase redundancy, and reduce bandwidth usage.
Red Hat Satellite provides a RESTful API service on the central Satellite Server for system administrators and developers to write custom scripts and third-party applications that interface with Red Hat Satellite. Because the Satellite Server web UI and the Hammer CLI connect through the same RESTful API, tasks that are performed with either tool create equivalent results.
Satellite administrators are restricted to performing only those tasks that their assigned organizations and roles allow. Because the Satellite Server provides the authentication and authorization, administrators have equivalent permissions and access with either tool.
Similar to other Red Hat products that have fully featured graphical and command-line interfaces, Satellite administrators can use whichever tool they prefer. Red Hat recommends the web UI for new learners, and for candidates who are practicing for the Red Hat Certified Specialist in Deployment and Systems Management (EX403) exam, because it can be easier to achieve product competency with the graphical interface.
Satellite Server web UI is based on Cockpit technology, similar to the RHEL web console. Managed host web consoles can be enabled and configured for access through the Satellite Server web UI. The web console provides a single interface for almost all systems management, configuration management, and provisioning tasks for Satellite-managed hosts.
To work effectively in the Satellite Server web UI, set your screen resolution to 1600 x 1200 or higher. Red Hat recommends a minimum screen resolution of 1920 x 1080.
Important
To view all of the default content and the user information, set the width of the browser window to at least 1400 pixels.
Red Hat recommends the Hammer CLI for experienced Satellite administrators, and for those who need to scale tasks in organizations with many managed hosts. You can efficiently scale your systems management by gaining familiarity with Hammer functions and adding scripting skills and integration with other programming languages.
Compared to navigating the web UI, using Hammer can result in faster interaction with the Satellite Server.
You can also incorporate Hammer commands into reusable scripts for automating tasks of varying complexity.
Output from hammer commands can be redirected to other tools, which allows for integration with your existing environment.
The hammer command provides the -d option to test responses to API calls before using them in scripts.
Hammer also provides an interactive shell.
Typically, Hammer commands are issued directly on the base operating system host that runs Red Hat Satellite.
A Satellite user must provide Satellite credentials for authentication when entering hammer commands.
A user can provide credentials on each command, or once per session if the Foreman session feature is enabled.
Alternatively, store your credentials in the ~/.hammer/cli.modules.d/foreman.yml configuration file in this format:
:foreman: :username: 'username' :password: 'password'
Note
This course runs hammer commands on the Satellite Server, and not from the workstation system.
You can install and use Hammer on a host other than the central Satellite Server, and use it to manage a remote Satellite.
View the tool installation procedure in the Hammer CLI Guide.
The configuration requires that the host is registered to a Satellite Server or Capsule Server, which is a configuration conflict for the classroom workstation system.
Hammer provides many subcommands to interact with your Satellite Server.
The hammer --help command is a comprehensive resource for viewing options, subcommands, and syntax requirements.
[root@satellite ~]# hammer --help
Usage:
hammer [OPTIONS] SUBCOMMAND [ARG] ...
...output omitted...
Subcommands:
activation-key Manipulate activation keys
admin Administrative server-side tasks
ansible Manage foreman ansible
...output omitted...
Options:
--[no-]use-defaults Enable/disable stored defaults. Enabled by default
--autocomplete LINE Get list of possible endings
--csv Output as CSV (same as --output=csv)
...output omitted...The --help option also views extended syntax requirements for subcommands.
For example, for syntax help to create an activation key, use the following command:
[root@satellite ~]# hammer activation-key create --help
Usage:
hammer activation-key create [OPTIONS]
Options:
--auto-attach AUTO_ATTACH Auto attach subscriptions upon registration
One of true/false, yes/no, 1/0.
--content-view[-id] Content view name/id
--description DESCRIPTION Description
--environment[-id] (--environment-id is deprecated: Use --lifecycle-environment-id instead)
--lifecycle-environment[-id] Name/Id of associated lifecycle environment
...output omitted...References
For more information, refer to the Satellite Architecture chapter in the Planning Satellite Deployment guide at https://access.redhat.com/documentation/en-us/red_hat_satellite/6.11/html-single/satellite_overview_concepts_and_deployment_considerations/index#part-Architecture
For more information, refer to the Introduction to Hammer section in the Red Hat Satellite Hammer CLI Guide at https://access.redhat.com/documentation/en-us/red_hat_satellite/6.11/html-single/hammer_cli_guide/index#chap-CLI_Guide-Introduction_to_Hammer
