Red Hat Satellite 6 Administration
Abstract
| Goal |
Register and configure your Red Hat Enterprise Linux systems to use Red Hat Satellite, and organize those systems into groups for easier management. |
| Objectives |
|
| Sections |
|
| Lab |
|
Register a system with Red Hat Satellite and configure it to use a particular organization, location, subscription, and lifecycle environment.
A content host is a Satellite-registered system with hosted applications or other software that is controlled and managed from Satellite.
For registration, the following methods exist for different cases. The two last methods are deprecated, but are still used in some cases.
- curl command
(Default method) Generate a
curlcommand from Satellite and run it from an unlimited number of hosts to register them by using the global registration template. This method is suitable for both freshly installed hosts and for previously registered hosts, for example on previous Satellite versions.- Installing the consumer RPM
(Deprecated) Download and install the consumer RPM from satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm and run the
subscription-managercommand. This method is suitable for freshly installed hosts.- bootstrap script
(Deprecated) Download and run the
bootstrapscript from satellite.example.com/pub/bootstrap.py. This method is suitable for both freshly installed hosts and for previously registered hosts, for example on previous Satellite versions.
The default method is preferred over the bootstrap method, because you can configure Red Hat Insights and deploy the required Satellite SSH keys to run remote execution jobs.
After you register a host, it gets a unique ID, which is stored on the managed host. If you re-register a host, then Satellite creates an entity, which starts a new activity history that is unrelated to the host entry with the older ID. The old historical activity remains, orphaned in Satellite. When a host is re-registered, an administrator can manually edit the UUID on managed hosts by reverting them to the old ID if the re-registration was an error.
Note
If you build and repopulate a new Satellite Server from a previous Satellite version, such as in a major Satellite migration, then re-register the systems and verify that they are not duplicated by mistake.
Where Satellite warns that a host is already registered, do not proceed with a new registration unless it is clear that the old UUID and all historical activity are no longer needed.
In this situation, the --force option might be necessary to re-register the host.
To ensure proper interaction between the Satellite Server and the host, use the timedatectl command and the chronyd tool to verify the date and time synchronization on both systems.
[root@host ~]#timedatectlLocal time: Sat 2022-07-02 00:46:59 UTC Universal time: Sat 2022-07-02 00:46:59 UTC RTC time: Sat 2022-07-02 00:46:59 Time zone: Etc/UTC (UTC, +0000) System clock synchronized: yes NTP service: active RTC in local TZ: no [root@host ~]#chronyc -n trackingReference ID : AABB9E51 (170.187.158.81) Stratum : 3 Ref time (UTC) : Sat Jul 02 00:48:11 2022 System time : 0.000105229 seconds fast of NTP time Last offset : +0.000024272 seconds RMS offset : 0.000482713 seconds Frequency : 3.516 ppm fast Residual freq : -0.001 ppm Skew : 0.049 ppm Root delay : 0.079555474 seconds Root dispersion : 0.002648601 seconds Update interval : 1029.6 seconds Leap status : Normal
On the host, update the subscription-manager and dnf packages to the latest versions.
[root@host ~]# dnf update subscription-manager dnfTo use the registration method by installing the RPM consumer certificate, download the RPM from the Satellite Server. Satellite generates this RPM package when you install it and provides correctly signed certificates for secure communication between the content host and Satellite Server. The consumer certificate RPM updates the content source location of the host and allows the host to download content from the specified content source in Satellite.
[root@host ~]# dnf localinstall \
http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpmThe method of generating a curl command to run on the host uses two templates: the global registration template and the host initial configuration template.
To set up these templates by default, navigate to → and click the tab.
To generate a curl command, as the admin user on the Satellite Server web UI, ensure that the correct organization and location are set, and navigate to → .
You can customize different options for the host registry in this menu, such as , , , and .
After you select the chosen options, click .
Run the curl command as the root user on the host to register.
[root@host ~]# curl -sS https://satellite.example.com/register ...To register the host by installing the downloaded RPM with the consumer certificate, clean old registration data from the host.
[root@host ~]# subscription-manager cleanRegister the host to a chosen organization on Satellite Server by using a username and password with sufficient privileges.
For example, enter the authentication information for the admin user on Satellite Server.
[root@host ~]#subscription-manager register --orgRegistering to: satellite.example.com:443/rhsm Username:organization_labeladminPassword:passwordThe system has been registered with ID: f134704d-3b8d-4a03-b0c1-e2b8491c4bdc The registered system name is: host.example.com
Important
The argument to the --org option is the organization's label, not the organization name.
After registering to Satellite Server, a host gains access to the repository contents.
The remote execution feature works as the preferred way to manage the package content on hosts. Remote execution uses the SSH service and SSH keys for authenticating connections. The SSH service must be enabled and running on the target host for the remote execution feature to work. To run commands in a remote host, you must first define them as a job template. You can run this job template multiple times and you can customize the job with variables in your commands for more granular control over the jobs that you run, besides the use of host facts and parameters to populate the variable values.
However, in this Satellite version, you can still use the Katello agent to manage packages and errata on managed hosts. The Katello Agent is deprecated and will be removed in a future Satellite version.
Install and use the Katello agent to manage packages and errata on the managed host.
[root@host ~]# dnf install katello-agentTo verify the successful registration of a host to Satellite Server, ensure that the organization and location context are set. Then, navigate to → . If the registration was successful, then the host is listed in the table.
After the host is registered with Satellite Server, use the Satellite web UI to set various aspects of the host's profile, such as its Basic Information, including its name, description, system purpose, service level, usage type, role, plus content views and its lifecycle environment.
To modify a content host's properties, in the Satellite web UI as the admin user, use the context menu to select the registered host's organization.
Click → and click the name of the host to modify.
Then, click the tab, make the changes, and click .
If Simple Content Access (SCA) is enabled for the organization, then hosts no longer require subscriptions to be attached to access repositories. If the organization is not using SCA, then all relevant subscriptions that the content host requires must be handled. You can also add subscriptions later; they are not required with SCA.
Activation keys simplify initial content host configuration and apply it consistently across hosts for repeated use, providing a method to automate host registration. You can create these keys by associating them with different lifecycle environments and content views. Activation Keys are discussed in a later section in this chapter.
Using the --environment option overrides the environment lifecycle and content view that the activation key defines.
[root@host ~]#subscription-manager register --orgorganization_label\--environmentDevelopment/MyView\--activationkeyMyKey
Creating and managing activation keys is discussed in a later section.
Subscriptions originate from the subscription manifest that is uploaded to an organization.
Simple Content Access changes subscription management from a per-system model to a per-organization model. When this optional feature is enabled for a Satellite organization, entitlement subscriptions no longer need to be individually attached to each host for each required repository. Instead, an organization's entitled repositories are enabled at the organization level, and become available for immediate use on all registered hosts in that organization, with necessary limitations from your content views.
In the per-system model, hosts must be attached to subscriptions to access product content.
To modify a content host's subscription, on the Satellite web UI as the admin user, use the context menu to select the registered host's organization.
Click → and click the name of the host to modify.
In the section, make the changes to the host's subscription.
To remove a subscription, select its checkbox on the tab and click . To add a subscription, select its checkbox on the tab and click .
Subscriptions grant hosts access to Red Hat products and their repositories. Not all repositories are enabled by default. Select which repositories to enable for a host by modifying the product content settings in the Satellite web UI.
Use the context menu to select the registered host's organization. Navigate to → and click the name of the host to modify. Then, click the tab. The available products and repositories are displayed. Update the status entry and select the checkbox next to the repository to modify. Then, select the appropriate setting from the list.
Important
When using the Satellite web UI to change the configuration of a host, such as subscription content and products, it might take time for the changes to be reflected on the managed host.
Use the subscription-manager command on the host to force an update and to see the changes:
[root@host ~]# subscription-manager refresh
All local data refreshedReferences
For more information, refer to the Registering Hosts chapter in the Red Hat Satellite 6.11 Managing Hosts Guide at https://access.redhat.com/documentation/en-us/red_hat_satellite/6.11/html-single/managing_hosts/index#Registering_Hosts_to_Server_managing-hosts
For more information, refer to the Enabling Simple Content Access with Red Hat Satellite chapter in the Getting Started with Subscription Watch with Simple Content Access Guide at https://access.redhat.com/documentation/en-us/subscription_central/2020-04/html-single/getting_started_with_subscription_watch_with_simple_content_access/index#proc-enabling-simplecontent-with-satellite_assembly-simplecontent-ctxt
For more information, refer to the Migrating from Katello Agent to Remote Execution section of the Registering Hosts chapter in the Red Hat Satellite 6.11 Managing Hosts Guide at https://access.redhat.com/documentation/en-us/red_hat_satellite/6.11/html-single/managing_hosts/index#Migrating_From_Katello_Agent_to_Remote_Execution_managing-hosts
