Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Deploying and managing RHEL systems in hybrid clouds

Red Hat Insights 1-latest

Deploying and managing your customized RHEL system images in hybrid clouds

Red Hat Customer Content Services

Abstract

Red Hat Insights enables you to perform and manage multiple services as part of one larger, connected workflow. You can define your third-party content source, create customized images, use your preferred system by setting customizations in the image, and launch the image to the target public or private cloud environments, such as Amazon Web Services and Microsoft Azure. You can monitor the system infrastructure you have created, and create and apply patches when needed. You can also report and audit any issues you find in your system infrastructure to improve security and stability.

Use Red Hat Insights to launch and manage your customized RHEL systems images in the open hybrid cloud environments. Currently, you can use Red Hat Insights to deploy and manage the RHEL systems in the following clouds:

  • Amazon Web Services
  • Microsoft Azure
  • Google Cloud Platform

You can access the Red Hat Insights with your Red Hat account, a RHEL subscription, and an activation key. No additional SKUs are required. See Creating an activation key.

As part of the deployment, by using Red Hat Insights, you can follow an end-to-end workflow to:

  1. Define or use existing repositories.
  2. Build customized images.

In addition, you can manage your systems by granting users access, monitoring the inventory of your system infrastructure, and applying patches to improve security and stability.

You can define your customized repositories with third-party content without having to manage their lifecycle. You can use your third-party content to build an image, and when you launch that image to the public cloud environment, you can use those repositories with the dnf tool.

2.1. Adding a custom repository
Copy link

Define your repository to be able to add packages from this repository to your customized images.

Prerequisites

  • You have a RHEL subscription.
  • You have administrator access to the Red Hat Hybrid Cloud Console web user interface or repository administrator role.
  • You have the URL link to your repository content.

Procedure

  1. Access Hybrid Cloud Console Insights, click ContentRepositories. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Click Add repositories. The Add custom repositories wizard opens.
  3. In the Name field provide a name for your custom repository.

  4. In the Repository type, select:

    Snapshotting
    Enables creating a daily snapshot of this repository if this repository has updates since the last snapshot. That enables you to create Image Blueprints with consistent repository content.
    Introspect only
    Disables snapshots for this repository.
    Upload

    Enables uploading packages to your custom repository. The file must have an rpm extension.

    Note, the Upload option is available only in the Preview mode.

  5. If you selected Snapshotting or Introspect only, in the URL field, provide the URL to your repository.
  6. Optional: In the Restrict architecture drop-down menu, select an architecture. You can allow all the architectures or restrict it to your system architecture to prevent incorrect repositories availability.
  7. Optional: In the Restrict OS version drop-down menu, select an operating system (OS). You can allow all the RHEL versions or select one for your system version to prevent incorrect repositories being available.
  8. Optional: Disable Modularity filtering option. When the Modularity filtering option is disabled, you can update packages in this repository even if the packages are part of a module.
  9. Optional: In the GPG key field, upload the .txt file with a GPG key or paste the URL or value of an existing GPG key. The GPG key can be used to verify the signed packages of a repository. If you do not provide the GPG key for a repository, your system cannot perform the verification.
  10. If you selected Snapshotting or Introspect only, click Save. The Red Hat Hybrid Cloud Console validates the project status. If your repository is marked as Invalid, check the repository URL that you added. For details about the repository status, see Repository status section.

  11. If you selected Upload:

    1. Click Save and upload content. The Upload content window opens.
    2. Click Upload, select the rpm files you want to upload, and click Open.
    3. Click Confirm changes when your file uploading is complete.

Verification

  • Open the list of custom repositories and verify that the repository you added is listed.

2.2. Modifying a custom repository
Copy link

You can modify a custom repository when you need to update information for that repository.

Prerequisites

  • You have a RHEL subscription.
  • You have administrator access to the Red Hat Hybrid Cloud Console web user interface or repository administrator role.

Procedure

  1. Access Hybrid Cloud Console Insights, click ContentRepositories. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Find a repository you want to modify and click Edit in the Options menu.
  3. In the Edit custom repository wizard, modify the information you need. Click Save changes.

2.3. Removing a custom repository
Copy link

When you no longer need a custom repository you can delete it.

Prerequisites

  • You have a RHEL subscription.
  • You have administrator access to the Red Hat Hybrid Cloud Console web user interface or repository administrator role.

Procedure

  1. Access Hybrid Cloud Console Insights, click ContentRepositories. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Find a repository to delete and click Delete in the Options menu.

Verification

  • Open the list of custom repositories, and verify that the repository no longer exists.

The Red Hat Hybrid Cloud Console has pre-configured repositories that you can use to build your customized RHEL image.

Prerequisites

  • You have a RHEL subscription.
  • You have administrator access to the Red Hat Hybrid Cloud Console web user interface or repository administrator role.

Procedure

  1. Access Hybrid Cloud Console Insights, click ContentRepositories. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. On the Custom repositories page click the Popular repositories tab.
  3. Search for the repository you want to add and click Add.

Verification

  • Select the Your repositories tab and verify that the new repository is displayed in the list of custom repositories.

2.5. Removing snapshots from a repository
Copy link

You can delete snapshots from your custom repository to avoid broken functionality or security vulnerabilities that the old content might introduce.

Important

Snapshots get removed automatically after 365 days unless there is no newer snapshot of this repository. If a repository has multiple snapshots and the snapshot for removal is used in a content template, this snapshot will be replaced with the newer snapshot in the content template.

Prerequisites

  • You have a RHEL subscription.
  • You have administrator access to the Red Hat Hybrid Cloud Console web user interface or repository administrator role.
  • You have added a custom repository. See Adding a custom repository.

Procedure

  1. Access Hybrid Cloud Console Insights, click ContentRepositories. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. In the Your repositories tab, find the repository containing the snapshot to be removed, and click View all snapshots in the Option menu.
  3. In the Snapshot window, select all snapshots that you want to remove from this repository, and click Remove selected snapshots.
  4. In the Remove snapshot window, confirm the removal of the selected snapshots and click Remove.

2.6. Updating custom repository after changes
Copy link

When you make changes to your repository you can trigger a refresh of that repository in the Red Hat Hybrid Cloud Console.

Prerequisites

  • You have a RHEL subscription.
  • You have administrator access to the Red Hat Hybrid Cloud Console web user interface or repository administrator role.
  • You updated your custom repository.

Procedure

  1. Access Hybrid Cloud Console Insights, click ContentRepositories. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Find a repository you want to modify and click Introspect Now in the Options menu.

  3. The status of that repository changes to In progress that indicates the Hybrid Cloud Console is connecting to the repository and checking for changes.

    The Red Hat Hybrid Cloud Console checks the status of the repositories every 24 hours and again every 8 hours if the status check fails.

The repository status shows if the repository is available. The Red Hat Hybrid Cloud Console checks the repository status periodically and can change it. The following table describes the repository status in the Red Hat Hybrid Cloud Console.

Expand
Table 2.1. Repository status
StatusDescription

Valid

The Red Hat Hybrid Cloud Console has validated the repository and you can use it.

Invalid

The Red Hat Hybrid Cloud Console never validated this repository. You cannot use it.

Unavailable

The repository was valid at least once. The Red Hat Hybrid Console cannot reach this repository at the moment. You cannot use it.

In progress

The repository validation is in progress.

An image blueprint is a persistent definition of the required image customizations. that enables you to create multiple builds from it, without having to configure the blueprint for each image build. You can edit, rebuild, delete, and save a blueprint to keep rebuilding images from it. You can define and manage, by editing or deleting a blueprint, and to keep rebuilding it, removing the need to configure the build each time. When you rebuild a blueprint, all targets specified in the blueprint are rebuilt. The blueprint groups the images that were built from it, so that you can have access to all the related images when dealing with large amounts of images.

The blueprints are persistent and you can manage their customizations. Even if the resulting builds, and images from those builds have different content versions, the customizations stored in that blueprint are always applied across all builds resulting from this blueprint.

When creating an image from the blueprint, unless you define a name to the image, it takes the name of the parent blueprint.

3.1. Creating a blueprint
Copy link

You can create a blueprint with a name, specify the packages that you want to install and define other customizations. You can build images from this blueprint, and the resulting images have all customizations that you specified in this blueprint.

Prerequisites

Procedure

  1. Access Hybrid Cloud Console Insights, click InventoryImages. The Insights Images dashboard appears. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Click Create blueprint. The wizard for the blueprint creation opens.

  3. On the Image output page, select the following options and click Next:

    1. From the Release list, select the release that you want to use.

      Important

      The image builder builds the latest minor version of the selected release.

    2. From the Architecture list, select the architecture that you want to use.
    3. From the Select target environments options, select the environments that you want to use.

  4. On the Optional steps page, you can further configure your image with additional customizations. For a complete list, see Optional blueprint customizations.

    To finish creating your image blueprint, click Review and finish to proceed to the Review step.

  5. On the Details page, the blueprint name is prefilled in the <distribution>-<architecture>-<datetimeString> format. You can enter a name for the blueprint, and the system checks for validity and duplicity against already existing blueprint names. Click Next.

  6. On the Review page, verify the image details about the image creation and from the Create blueprint drop-down menu, select one of the following options:

    Create blueprint
    Create the blueprint and save the customizations for your blueprint.
    Create blueprint and build image(s)

    Create the blueprint, save the customizations for your blueprint and build images for the target environment or environments that you choose.

    The system verifies the build manifest of the image. After it reaches 100%, the image appears in the build queue.

    Insights Images service starts to compose a RHEL image for the selected architecture. After the image build is ready, you can see the images related to the parent blueprint in the Images dashboard.

3.2. Optional blueprint customizations
Copy link

To optimize runtime configuration of your image, you can customize and pre-configure your blueprint with optional settings, such as:

  • Automatically register your system.
  • Apply your custom compliance policies.
  • Configure the file system and partitioning.
  • Pre-install additional packages from your custom repositories.
  • Add your custom action script for the initial boot of the image.

The additional customizations help you to create your ready to deploy images with all the settings already in place.

Expand
Table 3.1. Optional customizations
CustomizationOptions

Register

Automatically register and enable advanced capabilities
This default option automatically populates the activation key, which you choose in the Activation key to use for this image field. While the activation key is loading, the Next button gets temporarily disabled.
Register later
Select this option to register your system after you launch the image.
Register with Satellite
Select this option to register your system with Satellite. For that option, enter the registration command into the Registration command from Satellite field, and provide the Certificate authority (CA). For more details on how to register a system with Satellite, see Registering a host.

Compliance

Compliance policies
Select this option to set up your custom policy from the drop-down Policy menu. The images you build with the image builder will automatically appear under the SCAP policy of the system. You must have an existing set of policies to choose from. See Creating new SCAP policies on how to create your policy. If you have not yet created your set of policies, click Define new policies in Insights Compliance to create the policy, and refresh the Console to see the policy that you created under the Insights compliance drop-down menu. The system is attached to the customized policy. After you create the image, the system will show up under the compliance system. Note, this option is available only in the Preview mode.
OpenSCAP profile
Select this option to set up a default OpenSCAP profile from the drop down Profile menu.

File system configuration

Use automatic partitioning
Select this option to enable the automatic partitioning for your image.
Manual configuration
Select this option to manually configure the file system for your image. Note, if you select the Bare metal as your target environment, you must configure the file system manually during the installation process.

Repeatable build

Disable repeatable build
The image uses the latest state of the repository. Choose this option to let the images have the latest content from the repositories.
Enable repeatable build
The image selects a specific date of snapshot creation. Select this option to let the images have the static state of the repository based on a date you specify.
Use a content template
The image is built with the content template that you specify. Select this option if you plan to centrally manage your systems patching. For details about content templates, see Managing content templates. If you choose to register the system to Insights, it will be automatically associated with the template at the registration time. Note, this option is available only in the Preview mode.

Custom repositories

Select the custom repository to add it to your image.

Additional packages

Search and select additional packages to pre-install them to your image.

Users

Click Add a user to add a user, and follow the instruction on the wizard page.

Timezone

Timezone
From the drop-down menu, select a timezone for your image.
NTP servers
Add the desired NTP server to your image by adding address to the field and click +. You can add multiple NTP servers.

Locale

Languages
From the drop-down menu, select the language for your image. For example: “es_NI.UTF-8”.
Keyboard
From the drop-down menu, select the keyboard layout for your image. For example: “amiga-us”.

Hostname

Select a custom host name for your image in the Hostname field.

Kernel

Name
From the drop-down menu, select the package for the kernel to use in the image.
Append
This option allows you to configure the kernel booting. Fill in the kernel arguments into the Append filed and click +.

Firewall

Ports
Add the port numbers that you want the firewall to manage into the Ports field and click +.
Enabled service
Add the services that are enabled with the firewall to the Enabled services field and click +.
Disabled services
Add the services that are disabled with the firewall to the Disabled services field and click +.

Systemd services

Enabled services
Add the systemd service that you want to enable on your system to the field and click +. You can add multiple systemd services.
Disabled services
Add the systemd service that you want to disable on your system to the field and click +. You can add multiple systemd services.
Masked services

Add the systemd service that you want to disable permanently on your system to the field and click +. You can add multiple systemd services.

For more information about systemd services, see Managing systemd.

Ansible Automation Platform

Ansible Callback URL
Provide a provisioning callback URL for the job template that you want to execute at the launch of your image. To generate the link, you must select the Provisioning Callbacks in your Ansible Automation Platform. For more details about job templates, see Creating a job template.
Host Config Key
Provide a host config key for the job template. You can copy it from the Host config key on the job template page in your Ansible Automation Platform.
Certificate Authority (CA) for Ansible Controller
Upload a Certificate Authority (CA) for Ansible Controller.

First boot configuration

Add your custom script that is executed during the first boot of the image. It is useful when you want to enable your custom services or run an Ansible playbook at the boot time of the image.

Browse
Include a file with an action script.
Start from scratch
Write your action script in the </> SHELL field.

You must start your script with a shebang, for example the #!/bin/sh for Bash shell. The first boot feature supports Python, Bash and YAML syntax.

3.3. Editing an existing blueprint
Copy link

You can edit a blueprint. For example, to include an extra package. After you finish the blueprint editing, all the images related to the parent blueprint are rebuilt and updated with the new package.

Prerequisites

  • You have created a blueprint.

Procedure

  1. Access Hybrid Cloud Console Insights, click InventoryImages. The Insights Images dashboard appears. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Search for the blueprint that you want to edit. You can use the Search field to search for the blueprint name.
  3. Click the blueprint that you want to edit.
  4. Click Edit blueprint. You are redirected to the Review page.
  5. From the navigation menu, select the section that you want to edit.
  6. After making the changes, click the Review page.

  7. Click Save changes to the blueprint.

    The images related to the parent blueprint that you modified will be rebuilt and updated with the new changes.

3.4. Rebuilding an existing blueprint
Copy link

Every time that you edit your blueprint, it creates a new version of that blueprint. It also impacts the images that are related to that blueprint, making them out of sync with the blueprint. To fix this, and ensure that you have the least updates available on your parent blueprint and the related images, you can edit your blueprint and rebuild it with the latest updates. This action updates all the packages specified in the blueprint and rebuild the related images with the updated packages.

Prerequisites

  • You have created a blueprint.

Procedure

  1. Access Hybrid Cloud Console Insights, click InventoryImages. The Insights Images dashboard appears. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Search for the blueprint that you want to edit. You can use the Search field to search for the blueprint name.
  3. Click the blueprint that you want to edit.
  4. Click Edit blueprint. You are redirected to the Review page.

  5. Make the changes to the blueprint and select one of the options:

    Save
    Save the customizations for your blueprint.
    Save and build image
    Save the customizations for your blueprint and build images from the target environments that you chose.

3.5. Importing a blueprint
Copy link

You can import a blueprint from an external source to the Hybrid Cloud Console.

Important

The Import feature is only available in the Preview mode.

Prerequisites

  • You have created a blueprint in the JSON format.

Procedure

  1. Access Hybrid Cloud Console Insights, click InventoryImages. The Insights Images dashboard appears. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Click Import. The Import pipeline window opens.

  3. Optional: To add custom repositories from the blueprint to your repositories, select the Import missing custom repositories after file upload checkbox.

    Warning

    If the blueprint contains missing repositories, the images that you create from this blueprint might not work as expected.

  4. Upload the blueprint that you want to import either drag and drop or by selecting the file from your local storage.
  5. Click Review and finish.

3.6. Downloading a blueprint
Copy link

You can export a blueprint that you created in the Hybrid Cloud Console by downloading it in the JSON format.

Important

The ability to download a blueprint is only available in the "Preview" mode.

Prerequisites

  • You have created a blueprint.

Procedure

  1. Access Hybrid Cloud Console Insights, click menu:[Images]. The Insights Images dashboard appears. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Search for the blueprint that you want to download. You can use the Search field to search for the blueprint name.
  3. Click the blueprint that you want to download.

  4. From the More options menu, select the "Download blueprint" option.

    The blueprint is saved as a file in the .json format to the local storage that you define in your web browser.

3.7. Deleting a blueprint
Copy link

If you no longer need a blueprint, you can delete it. All the images related to this blueprint will also be deleted.

Prerequisites

  • You have created a blueprint.

Procedure

  1. Access Hybrid Cloud Console Insights, click InventoryImages. The Insights Images dashboard appears. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Search for the blueprint that you want to delete. You can use the Search field to search for the blueprint name.
  3. Click the blueprint that you want to delete.
  4. From the More options menu, select the "Delete blueprint" option.
  5. Confirm the deletion by clicking Delete.

You can use a blueprint to build customized RHEL images for a variety of deployment types by using Insights Images. You can build Conventional (RPM-DNF) images.

  • You can only launch customized images directly from the Hybrid Cloud Console to the AWS, GCP, and Microsoft Azure public clouds.
  • The VMDK customized images must first be uploaded to VMWare vSphere, deployed there, and then you can create a VM.
  • For the Guest image (.qcow2), and Installer (.iso), you can download these images and deploy them directly to virtual machines.
  • You can use Insights image builder to build images for the x86_64 and the aarch64 architectures.
Important

Red Hat Hybrid Cloud Console does not support uploading Amazon Web Services (AWS), Google Cloud Platform (GCP), and *Microsoft Azure images to GovCloud regions.

4.1. About building customized images
Copy link

You can build Conventional (RPM-DNF) images from a blueprint.

  • The Conventional (RPM-DNF) enables you to manage or modify the system software by using the DNF package manager and updated RPM packages.

The image artifacts are saved for 14 days and expire after that. To avoid losing the image, transfer the image to your account before the expiration date. If an image has already expired, you can also re-create the exact image based on an existing blueprint to reuse the previous configuration.

You can also download the compose request of your image and use the image builder API to automate your image building tasks.

4.2. Building customized RHEL system image
Copy link

Create customized RHEL system images from a blueprint by using Insights Images, and deploy the images on your target environment.

Prerequisites

Procedure

  1. Access Hybrid Cloud Console Insights, click InventoryImages. The list of existing blueprints appears. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.

  2. Select the blueprint that you want to build an image from.

    1. Optionally, you can select the blueprint version from the dropdown menu.

  3. Click Build images. A pop-up alert informs that the image is being built.

    After the image process status is marked as Ready, you can use it in your deployments.

After you built your image, uploaded it to AWS, and the cloud registration process status is marked as Ready, you can access the image that you created and shared with your AWS EC2 account.

The shared image expire within 14 days. To permanently access your image, copy the image to your own AWS account.

Prerequisites

Procedure

  1. Access your AWS account and navigate to ServiceEC2.
  2. In the navigation bar, verify if you are under the correct region: us-east-1.
  3. Click Images, and choose AMIs. The dashboard with the Owned by me images opens.

  4. From the drop-down menu, choose Private images.

    You can see the image successfully shared with the AWS account you specified.

Launch the image that you shared with your AWS account to the Amazon Elastic Compute Cloud(Amazon EC2) compute platform.

Prerequisites

Procedure

  1. From the drop-down menu, under Private images, locate the image that you shared to the AWS account you specified.
  2. Select the image you want to launch.
  3. On the top of the panel, click Launch. You are redirected to the Choose an Instance Type window.
  4. Choose the instance type according to the resources you need to launch your image. Click Review and Launch.
  5. Review your instance launch details. You can edit each section, such as Security, Storage, for example, if you need to make any changes. After you finish the review, click Launch.

  6. To launch the instance, you must select a public key to access it.

    Create a new key pair in EC2 and attach it to the new instance.

    1. From the drop-down menu list, select Create a new key pair.
    2. Enter the name to the new key pair. It generates a new key pair.
    3. Click Download Key Pair to save the new key pair on your local system.

  7. Then, you can click Launch Instance to launch your instance.

    You can check the status of the instance, it shows as Initializing.

  8. After the instance status is running, the Connect button turns available.

  9. Click Connect. A popup window appears with instructions on how to connect by using SSH.

    1. Select the preferred connection method to A standalone SSH client and open a terminal.

    2. In the location you store your private key, make sure that your key is publicly viewable for SSH to work. To do so, run the command: 

      $ chmod 400 <your-instance-name.pem>
      Copy to Clipboard Toggle word wrap

    3. Connect to your instance by using its Public DNS: 

      $ ssh -i "<your-instance-name.pem> ec2-user@<your-instance-IP-address>"
      Copy to Clipboard Toggle word wrap

    4. Type yes to confirm that you want to continue connecting.

      As a result, you are connected to your instance over SSH.

Verification

  • From a terminal, check if you are able to perform any action while connected to your instance by using SSH.

You can copy the image you successfully shared with the Amazon Web Services EC2 to your own account. Doing so, you grant that the image you shared and copied is available until you delete it, instead of expiring after some time. To copy your image to your own account, follow the steps:

Prerequisites

  • You have access to your customized image on AWS.

Procedure

  1. From the list of Private images, select the image you want to copy.
  2. On the top of the panel, click Actions.
  3. From the drop-down menu, choose Copy AMI. A pop-up window appears.

  4. Choose the Destination region and click Copy AMI.

    After the copying process is complete, you are provided with the new AMI ID. You can launch a new instance in the new region.

    Note

    When you copy an image to a different region, it results in a separate and new AMI in the destination region, with a unique AMI ID.

4.6. Sharing AWS images to other regions
Copy link

You can share an existing AWS image to a new region. Sharing the image configures it for the new regions to run on your AWS account. After configuring new regions, all these regions launch with the same configuration as the original AWS image.

Prerequisites

  • You created an AWS image.

Procedure

  1. From the Images table, select the image you want to share with other regions.
  2. From the Node options menu (⫶), select Share to new region. The Share to new region wizard opens.

  3. From the Select region dropdown menu, select the region to share the image.

    You can choose more than one region to share your image with.

  4. Click Share.

    Your image is built, uploaded to AWS, and shared to the regions you selected.

    Note

    The shared image expires in 14 days.

  5. To ensure that you can access the image permanently, copy the Red Hat image to your own AWS account.

You must authorize Insights image builder to push images to the Microsoft Azure cloud. This is a one-time action. he following are high-level steps:

  • Configure Insights Images as an authorized application for your tenant GUID

  • Give the role of Contributor to at least one resource group of the authorized application .

    To authorize Image Builder as an authorized application, follow the steps:

Prerequisites

  • You have an existing Resource Group in Microsoft Azure portal.
  • You have the User Access Administrator role rights.
  • Your Microsoft Azure subscription has Microsoft.Storage and Microsoft.Compute as a resource provider.

Procedure

  1. Access Hybrid Cloud Console Insights, click InventoryImages. The Insights image builder dashboard appears. For details on how to access the Red Hat Hybrid Cloud Console, see Getting started with the Red Hat Hybrid Cloud Console.
  2. Click Create blueprint. The Image output wizard opens.

  3. On the Image output page, complete the following steps:

    1. From the Release list, select the release that you want to use.

    2. From the Select target environments option, select Microsoft Azure.

      Click Next.

  4. On the Target Environment - Microsoft Azure window, to add Image Builder as an authorized application, select one of the following share method options:

    1. Use an account configured from Sources:

      1. From the Source name dropdown menu, select the source that you previously configured. See Connecting Microsoft Azure account to the Red Hat Hybrid Cloud Console.

  5. The Azure tenant GUID, the Subscription ID, and the Resource group are automatically completed, and the Authorize image builder button becomes available.

    Image builder checks if your Tenant GUID is correctly formatted and the Authorize image builder button becomes available.

    1. Manually enter the account information:

      1. Enter your Azure Tenant GUID.

        Image builder checks if your Tenant GUID is correctly formatted and the Authorize image builder button becomes available.

    2. One time action: Click Authorize image builder to authorize Image Builder to push images to the Microsoft Azure cloud.

      This redirects you to the Microsoft Azure portal.

      1. Login with your credentials.
      2. Click Accept the Permission requested. Note that, if you already went through the authentication process before, you will not see the Permission requested. It is already granted.

    3. Confirm that Image Builder is authorized for your tenant.

      1. In the search bar, search for Azure Active Directory.
      2. From the Services menu, click Microsoft Entra ID, from the left menu. The Azure Active Directory page opens.
      3. Search for Insights image builder and confirm it is authorized.
      4. In the Azure Active Directory, from the Services list, select Enterprise applications.
      5. In the Enterprise applications page, from the Manage list menu, click All applications. You can see Red Hat Image Builder is authorized in the Microsoft Azure cloud.

    4. Add the Red Hat Image Builder as a contributor to your Resource Group.

      1. In the search bar, type Resource Groups and select the first entry under Services. This redirects you to the Resource Groups dashboard.
      2. Search and select your Resource Group by name.
      3. On the lateral menu, click Access control (IAM) to add a permission to the Red Hat Image Builder application to access your resource group.
      4. From the menu, click the tab Role assignments.
      5. Click +Add.

      6. From the dropdown menu, choose Add role assignment. A menu appears on the left side.

        Select role
        Assign the Contributor role.
        Assign access to
        Select the option Assign access to user, group, and service principal.
        Members
        Click +Select members and type Red Hat in the search bar. Click enter.
        Select

        Red Hat Image Builder application.

        The Red Hat Image Builder application is now authorized to push images to the Microsoft Azure cloud.

        Note

        The Red Hat Image Builder application can locate resources only when the account administrator adds the shared application as a contributor under the IAM section of the resource group.

Verification

  • From the menu, click the tab Role assignments.

    You can see Red Hat Image Builder set as a Contributor of the Resource Group you selected.

After finishing to build and upload the image, and the cloud registration process status is marked as Ready, you can access the Azure Disk Image from your Microsoft Azure account.

Prerequisites

Procedure

  • Access your Microsoft Azure dashboard and navigate to the Resource group page.

Verification

  1. After you access your Microsoft Azure Account, you can see that the image successfully shared with the resource group account you specified.

    Note

    If the image is not visible there, you might have issues with the upload process. Return to the Insights image builder dashboard and check if the image is marked as Ready.

After the image is built, uploaded, and the cloud registration process status is Ready, you can create a Virtual Machine (VM) instance by using the GCP image.

Prerequisites

Procedure

  1. From the Insights image builder dashboard, copy the image UUID of the image that you created.
  2. Access /composes/{composeId} API endpoint.
  3. Click Try it Out to activate the composeId string path.
  4. Enter the UUID into the composes/{composeId} field in the API endpoint.

  5. Click Execute. The API endpoint generates a response in the Response body, for example: 

    {
  "image_status": {
    "status": "success",
    "upload_status": {
      "options": {
        "image_name": "composer-api-03f0e19c-0050-4c8a-a69e-88790219b086",
        "project_id": "red-hat-image-builder"
      },
      "status": "success",
      "type": "gcp"
    }
  }
}
    Copy to Clipboard Toggle word wrap
  6. From the Response body field, copy the image_name and project_id to access the image from the Google Cloud Platform environment.

  7. From your browser, access Google Cloud Shell and set your Google Cloud Platform Project ID as the default GCP project. You can find the Product ID of your project by accessing the Google Cloud Platform dashboard. 

    $ gcloud config set project PROJECT_ID
    Copy to Clipboard Toggle word wrap
  8. In the Authorize Cloud Shell window prompt, click Authorize to allow this and future calls that require your credentials.

  9. Create a VM instance with the image by using the gcloud command in the Google Cloud Shell: 

    $ gcloud compute instances create INSTANCE_NAME \
  --image-project PROJECT_ID_FROM_RESPONSE \
  --image IMAGE_NAME \
  --zone GCP_ZONE
    Copy to Clipboard Toggle word wrap

    Where:

    • INSTANCE_NAME is the name for your instance;
    • PROJECT_ID_FROM_RESPONSE is the project_id generated by Response body;
    • IMAGE_NAME is the image_name generated by Response body;
    • GCP_ZONE is the GCP zone in which the instance will be created.

Verification

  1. Verify that Compute Engine created the VM: 

    $ gcloud compute instances describe INSTANCE_NAME
    Copy to Clipboard Toggle word wrap

  2. Connect to the VM instance using SSH: 

    $ gcloud compute ssh --project=PROJECT_ID --zone=ZONE INSTANCE_NAME
    Copy to Clipboard Toggle word wrap

4.10. Copying the GCE image to your project group
Copy link

You can create a Virtual Machine (VM) instance using the GCE image.

Prerequisites

  • The universally unique identifier (UUID) of the image you created.
  • Access to the Image-builder service API endpoint.
  • Access to the Google Cloud Shell from your browser.

Procedure

  1. From the Images dashboard, copy the UUID image of the image you created.
  2. Access /composes/{composeId} API endpoint.
  3. Click Try it Out to activate the composeId string path.
  4. Enter the UUID into the composes/{composeId} field in the API endpoint.

  5. Click Execute. The API endpoint generates a response in the Response body, for example: 

    {
  "image_status": {
    "status": "success",
    "upload_status": {
      "options": {
        "image_name": "composer-api-03f0e19c-0050-4c8a-a69e-88790219b086",
        "project_id": "red-hat-image-builder"
      },
      "status": "success",
      "type": "gcp"
    }
  }
}
    Copy to Clipboard Toggle word wrap

  6. From the Response body field, copy the image_name and project_id to access the image from the Google Cloud Platform environment. From the Response body: 

    "image_name": "composer-api-03f0e19c-0050-4c8a-a69e-88790219b086",
"project_id": "red-hat-image-builder"
    Copy to Clipboard Toggle word wrap
  7. From your browser, access Google Cloud Shell.

  8. Set your Google Cloud Platform Project ID as the default GCP project. You can find the Product ID of your project by accessing the Google Cloud Platform dashboard. 

    $ gcloud config set project PROJECT_ID
    Copy to Clipboard Toggle word wrap
  9. In the Authorize Cloud Shell window prompt, click Authorize to allow this and future calls that require your credentials.

  10. Copy the image to your project by using the gcloud command: 

    $ gcloud compute images create MY_IMAGE_NAME \
  --source-image-project red-hat-image-builder \
  --source-image IMAGE_NAME
    Copy to Clipboard Toggle word wrap

    Where:

    • MY_IMAGE_NAME is the name you give to your instance;
    • red-hat-image-builder is the project_id generated by Response body;
    • IMAGE_NAME is the image_name generated by Response body;

Verification

Confirm that the image has been successfully copied to your project:

  • Using the Google Cloud Platform UI, by accessing the Compute Engine / Images section.

  • Using the gcloud tool, by running the command in Google Cloud Shell: 

    $ gcloud compute images list --no-standard-images
    Copy to Clipboard Toggle word wrap

4.11. Creating a new image from an existing build
Copy link

You can create a new image from an existing customized RHEL image by using Insights Images. The Insights Images re-creates the exact image, with a different UUID, which you can use to identify the image in the Hybrid Cloud Console. The new image also fetches package updates and refreshes the content with those updates. You can customize this new image to fit your requirements.

Note

You can re-create images from failed builds.

Prerequisites

  • You created an AWS image with Insights Images.

Procedure

  1. From the Images dashboard, select the image from which you want to create your customized image.

  2. Click the Node options menu (⫶) and select Re-create image. The Create image wizard opens.

    Note

    If the image status is Expired, click the Re-create image button.

    1. Optional: You can customize the new image by using the Navigation panel to open a step and making changes. Click Next.

    2. On the Review page, click Create image.

      The Insights Images dashboard opens. The image build starts to re-create the image and lists the following information:

      • Image name
      • UUID
      • Cloud target environment
      • Image operating system release
      • Status of the image creation

Verification

  • From the Status column, check if the image is Ready.
  • Optional: Click Image details to display additional information about the re-created image.

4.12. Downloading the JSON compose request
Copy link

If you download the .json compose request of your image, you can use the image builder API to automate your image building tasks, such as:

  • Customizing the image with extra packages
  • Customizing the partition layout
  • Embedding an activation key.

Prerequisites

  • You created an image with Insights Images.

Procedure

  1. From the Images table, select the image that you want to download as a .json compose request.

  2. Click the Node options () menu and select Download compose request (.json).

    The .json compose request is now saved to your host server. To use the image builder API, see Using hosted image builder via its API.

Chapter 5. Deploying your customized images
Copy link

After creating customized images for the VMWare vSphere private cloud, you can deploy the images to VMware vSphere. For the Guest image (.qcow2), and Installer (.iso), you can then download these images and deploy them to virtual machines.

Note

You can only launch customized images directly from Hybrid Cloud Console to the following public clouds: AWS, GCP, and Azure. The VMDK customized images must first be uploaded to VMWare vSphere, deployed there, and then you can create a VM. For the Guest image (.qcow2), and Installer (.iso), you can then download these images and deploy them directly to virtual machines.

You cannot add a username and password to a blueprint by using the Red Hat Insights images UI interface. To add a username and password to your image, use the cloud-init tool.

The following example shows how to add credentials to a VMware OVA image type created with Insights image builder. You can add credentials to other image types by using this method.

The Open virtualization format (.ova) is a .vmdk image with additional metadata about the virtual hardware. The .ova image contains the cloud-init package installed that you can use to provision users by using a user-data file, for example.

Instead of sharing your login credentials to a hosted service, use cloud-init and open-vm-tools, that are installed within the image and enabled by default. For example, you can use it to pass the credentials to the VMware vSphere Cloud Director by using cloud-init.

Prerequisites

  • You created an image in the .ova format by using the Hybrid Cloud Console.

Procedure

  1. Access the directory where you downloaded your .ova image.

  2. Create a file named metadata.yaml and add the following information to this file: 

    instance-id: cloud-vm
local-hostname: vmname
    Copy to Clipboard Toggle word wrap

  3. Create a file userdata.yaml. Add the following information to the file: 

    #cloud-config
users:
- name: admin
  sudo: "ALL=(ALL) NOPASSWD:ALL"
  ssh_authorized_keys:
  - ssh-rsa AAA...fhHQ== your.email@example.com
    Copy to Clipboard Toggle word wrap

    This file contains the administrator or root user credentials with no password that you can use to access your system after the first boot and create additional users later. The ssh_authorized_keys field is your SSH public key. You can find your SSH public key in ~/.ssh/id_rsa.pub.

You cannot add a username and password to a blueprint by using the Red Hat Insights images UI interface. To add a username and password to your image, use the Image-builder service API.

The following example shows how to add credentials to a VMware OVA image type created with Insights image builder. You can also use this method to add credentials to other image types.

Prerequisites

Procedure

  1. Generate an access token for API queries by following the step in Generating an access token for the Image Builder API queries.

    Important

    Access tokens expire after fifteen (15) minutes. The expiration is included within the JSON response. You must repeat the process of obtaining an access token approximately every ten (10) minutes so that the token is rotated before it expires.

  2. In your system, create a file in the .json format to create an image. The following example shows how to create an up-to-date RHEL 9.4 ova image for x86_64 CPU architecture. 

    $ request.json
{
    "image_name": "ova_image_name",
    "distribution": "rhel-94",
    "image_requests": [
        {
            "architecture": "x86_64",
            "image_type": "vsphere-ova",
            "upload_request": {
                "type": "vmdk",
                "options": {}
            }
        }
    ],
    "customizations": {
        "users": [
            {
                "name": "user-name",
                "ssh_key": "ssh-rsa AAAAB...qfGI+vk",
                "password": "password"
            }
        ]
    }
}
    Copy to Clipboard Toggle word wrap

  3. Send the compose request to the image builder API: 

    $ curl --silent \
    --request POST \
    --header "Authorization: Bearer $access_token" \
    --header "Content-Type: application/json" \
    --data @request.json \
    https://console.redhat.com/api/image-builder/v1/compose
    Copy to Clipboard Toggle word wrap

    If the request is successful, you can see an output similar to the following, that is the image ID: 

    {"id":"fd4ecf3c-f0ce-43dd-9fcc-6ad11208b939"}
    Copy to Clipboard Toggle word wrap

  4. Check the status of the image building: 

    $ curl \
    --silent \
    --header "Authorization: Bearer $access_token" \
    "https://console.redhat.com/api/image-builder/v1/composes/$compose_id" \
  | image_ID.
    Copy to Clipboard Toggle word wrap

    If the request is successful, you can see an output similar to the following, that is the image ID: 

    {"id":"fd4ecf3c-f0ce-43dd-9fcc-6ad11208b939"}
    Copy to Clipboard Toggle word wrap

    You can also check the image building progress by accessing Red Hat Hybrid Cloud Console.

    After the image builds, you can see the following output:

    If the request is successful, you can see an output similar to the following, that is the image ID: 

    {
    "image_status": {
        "status": "success",
        "upload_status": {
            "options": {
                "url": "https://image-builder-service-production.s3.amazonaws.com/composer-api-76...-disk.ova?e42..."
            },
            "status": "success",
            "type": "aws.s3"
        }
    }
}
    Copy to Clipboard Toggle word wrap

  5. After finishing the image creation, download the image. 

    $ curl --location --output vsphere-ova.vmdk  \
    “https://image-builder-service-production.s3.amazonaws.com/composer-api-76...-disk.ova?e42...”
    Copy to Clipboard Toggle word wrap

    The image is saved to your system and ready to be used.

After creating and configuring your image, you can deploy it to VMware vSphere by using the CLI, and you can create a VM and log in to it.

Prerequisites

  • You configured credentials to access your deployed systems by using the cloud-init tool. See Configuring credentials to access your deployed systems.

  • You configured the govc VMware CLI tool client with the following values in the environment by setting the following values in the environment: 

    GOVC_URL
GOVC_DATACENTER
GOVC_FOLDER
GOVC_DATASTORE
GOVC_RESOURCE_POOL
GOVC_NETWORK
    Copy to Clipboard Toggle word wrap

Procedure

  1. Export the metadata.yaml and userdata.yaml files to the environment, compressed with gzip, encoded in base64 as follows. They will be used in further steps. 

    export METADATA=$(gzip -c9 <metadata.yaml | { base64 -w0 2>/dev/null || base64; }) \
USERDATA=$(gzip -c9 <userdata.yaml | { base64 -w0 2>/dev/null || base64; })
    Copy to Clipboard Toggle word wrap

  2. Launch the image on vSphere with the metadata.yaml and userdata.yaml files:

    1. Import the .vmdk image in to vSphere: 

      $ govc import.vmdk ./composer-api.vmdk foldername
      Copy to Clipboard Toggle word wrap

    2. Create the VM in vSphere without powering it on: 

      govc vm.create \
-net.adapter=vmxnet3 \
-m=4096 -c=2 -g=rhel8_64Guest \
-firmware=bios -disk=”foldername/composer-api.vmdk” \
-disk.controller=ide -on=false \
 vmname
      Copy to Clipboard Toggle word wrap

    3. Change the VM to add ExtraConfig variables, the cloud-init config: 

      govc vm.change -vm vmname \
-e guestinfo.metadata="${METADATA}" \
-e guestinfo.metadata.encoding="gzip+base64" \
-e guestinfo.userdata="${USERDATA}" \
-e guestinfo.userdata.encoding="gzip+base64"
      Copy to Clipboard Toggle word wrap

    4. Power-on the VM: 

      govc vm.power -on vmname
      Copy to Clipboard Toggle word wrap

    5. Retrieve the VM IP address: 

      HOST=$(govc vm.ip vmname)
      Copy to Clipboard Toggle word wrap

    6. Use SSH to log in to the VM, using the user-data specified in cloud-init file configuration: 

      $ ssh admin@HOST
      Copy to Clipboard Toggle word wrap

5.4. Deploying OVA VMDK images to the vSphere GUI
Copy link

After creating your .vmdk image in the open virtualization format (.ova), you can deploy it to VMware vSphere by using the vSphere GUI client. It will create a VM which can be customized further before booting.

Prerequisite

  • You logged in to the vSphere UI in a browser.
  • You downloaded your (.ova) image.

Procedure

  1. In the vSphere Client, from the Actions menu, select Deploy OVF Template.
  2. On the Deploy OVF Template page, complete the settings for each configuration option and click Next.

  3. Click Finish. The .ova image starts to be deployed.

    After the image deployment is complete, you have a new virtual machine (VM) from the .ova image.

  4. In the deployed image page, perform the following steps:

    1. From the Actions menu, select Edit Setting.

    2. On the Virtual Hardware tab, configure resources such as CPU, memory, add a new network adapter, between others of your choice.

      1. On the CD/DVD drive 1 option, attach a CD or DVD Drive that contains a cloud-init.iso, to provision a user on startup.

        The VM is now ready to boot with the username and password from the cloud-init.iso file.

Additional resources

You can create a virtual machine (VM) from the QCOW2 image that you created by using Insights Images.

Prerequisites

  • You created and downloaded a QCOW2 image by using Insights Images.

Procedure

  1. Access the directory where you downloaded your QCOW2 image.

  2. Create a file named meta-data. Add the following information to this file: 

    instance-id: nocloud
local-hostname: vmname
    Copy to Clipboard Toggle word wrap

  3. Create a file named user-data. Add the following information to the file: 

    #cloud-config
user: admin
password: password
chpasswd: {expire: False}
ssh_pwauth: True
ssh_authorized_keys:
  - ssh-rsa AAA...fhHQ== your.email@example.com
    Copy to Clipboard Toggle word wrap
    • ssh_authorized_keys is your SSH public key. You can find your SSH public key in ~/.ssh/id_rsa.pub.

  4. Use the genisoimage command to create an ISO image that includes the user-data and meta-data files. 

    # genisoimage -output cloud-init.iso -volid cidata -joliet -rock user-data meta-data

I: -input-charset not specified, using utf-8 (detected in locale settings)
Total translation table size: 0
Total rockridge attributes bytes: 331
Total directory bytes: 0
Path table size(bytes): 10
Max brk space used 0
183 extents written (0 MB)
    Copy to Clipboard Toggle word wrap

  5. Create a new VM from the KVM Guest Image using the virt-install command. Include the ISO image you created on step 4 as an attachment to the VM image. 

    # virt-install \
    --memory 4096 \
    --vcpus 4 \
    --name myvm \
    --disk composer-api.qcow2,device=disk,bus=virtio,format=qcow2 \
    --disk cloud-init.iso,device=cdrom \
    --os-variant rhel1-latest \
    --virt-type kvm \
    --graphics none \
    --import
    Copy to Clipboard Toggle word wrap

    Where,

    • --graphics none - indicates that it is a headless RHEL Virtual Machine.
    • --vcpus 4 - indicates that it uses 4 virtual CPUs.
    • --memory 4096 - indicates that it uses 4096 MB RAM.

  6. The VM installation starts: 

    Starting install...
Connected to domain myvm
...
[  OK  ] Started Execute cloud user/final scripts.
[  OK  ] Reached target Cloud-init target.

Red Hat Enterprise Linux 1-latest (Ootpa)
Kernel 4.18.0-221.el8.x86_64 on an x86_64
    Copy to Clipboard Toggle word wrap

You can create a virtual machine (VM) from the ISO image that you created using the Insights image builder.

Prerequisites

  • You created and downloaded an ISO image by using Insights image builder.
  • A 8 GB USB flash drive.

Procedure

  1. Access the directory where you downloaded your ISO image.
  2. Place the bootable ISO image file on a USB flash drive.
  3. Connect the USB flash drive to the port of the computer you want to boot.
  4. Boot the ISO image from the USB flash drive.

  5. Perform the steps to install the customized bootable ISO image.

    The boot screen shows you the following options:

    • Install Red Hat Enterprise Linux 1-latest
    • Test this media & install Red Hat Enterprise Linux 1-latest

5.7. Importing and running QCOW2 images on OCI
Copy link

You can import your customized .qcow2 image to the Oracle Cloud Infrastructure (OCI). Then, you can launch the customized .qcow2 image on a virtual machine.

Prerequisites

  • You logged in to the Oracle Cloud UI in a browser.
  • You downloaded your .qcow2 image.
  • You have copied the .qcow2 image Image Link URL from Insights Instance column, in the Images dashboard.

Procedure

  1. In the Oracle Cloud UI dashboard, click Compute > Custom Images.
  2. On the Custom Images dashboard, click Import image.

  3. On the Import image window, set the following configuration:

    1. Select the Import from an object storage URL option.
    2. In the Object Storage URL field, paste the URL given by Insights Images into it.
    3. Choose the QCOW2 image type.
    4. Under Launch mode, select the Paravirtualized mode option.
  4. Click Import Image.

You can launch your customized RHEL image to the public cloud platforms by using the tools that are available from the cloud providers.

You can launch your customized image on the Amazon Web Service (AWS) by using AWS Management Console.

Prerequisites

  • You have already built a custom image for your target environment on AWS.
  • You have access to your custom image on AWS.

Procedure

  1. In the AWS Management Console, navigate to ComputeEC2Images.
  2. Copy your custom image to your AWS account to create a permanent copy. For details, follow the Copying your customized RHEL system image for AWS to a different region on your AWS EC2 procedure.
  3. From the AWS Management Console, launch your image as an instance.

Verification

  • From your terminal, connect to your instance with the ssh command, and using the ec2-user username.

You can launch your custom image on the Microsoft Azure using Microsoft Azure portal.

Prerequisites

Procedure

  1. Access the Images on the Microsoft Azure portal, and click on your custom image.
  2. On the Overview dashboard, click Create VM.
  3. In the Microsoft Azure wizard, configure the settings for the new virtual machine that you want to launch.
  4. On the Review + create tab, review the information about your image and click Create.

Verification

  • After the deployment is complete, access InfrastructureVirtual machines, and locate your new VM.

You can launch your custom image on the Google Cloud Platform (GCP) by using the Google Cloud command line interface.

Prerequisites

  • You have the gcloud cli installed.
  • You have already built a custom image for your target environment on Google Cloud.

Procedure

  1. Log in to your Google Cloud account from your terminal: 

    $ gcloud auth login
    Copy to Clipboard Toggle word wrap

  2. Set the Google project where you want to create your image: 

    $ gcloud config set project your-project-name
    Copy to Clipboard Toggle word wrap

  3. Create the custom image: 

    $ gcloud compute images create image-name --source-image composer-api-image-builder-uuid --source-image-project red-hat-image-builder
    Copy to Clipboard Toggle word wrap

    Copy the image-builder-uuid from the ComposeID API endpoint.

  4. Access the Google Cloud Console from your browser, and locate your new image in Compute EngineImages.
  5. To launch a new virtual machine from your image, click ActionsCreate Instance.

Verification

  • In the Google Cloud console, navigate to the VM instances page. The Status of your new instance is running with a green check mark icon.

Chapter 7. Using Image Builder API
Copy link

The Image Builder API contains examples for using various types of request. Administrators and developers can use the Image Builder API to write custom scripts to integrate Image Builder services with third-party applications.

The Image Builder API queries require an active access token. The access token expires after 900 seconds after its creation. To generate the access token, follow the steps below.

Prerequisites

  • You have a RHEL subscription.
  • You have a service account in the Red Hat Hybrid Cloud Console. For details, see Creating a service account.

Procedure

  • To generate the access token, include the following code in your script in the Authorization header with the value Bearer $ACCESS_TOKEN: 

    CLIENT_ID="YOUR_CLIENT_ID"
CLIENT_SECRET="YOUR_CLIENT_SECRET"
ACCESS_TOKEN=$( \
    curl -d "client_id=$CLIENT_ID" \
        -d "client_secret=$CLIENT_SECRET" \
        -d "grant_type=client_credentials" \
        "https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token" \
        -d "scope=api.console" \
    | jq -r .access_token \
)
    Copy to Clipboard Toggle word wrap

    Replace YOUR_CLIENT_ID with the client ID, and YOUR_CLIENT_SECRET with the client secret from your service account.

Providing feedback on Red Hat documentation
Copy link

We appreciate and prioritize your feedback regarding our documentation. Provide as much detail as possible, so that your request can be quickly addressed.

Prerequisites

  • You are logged in to the Red Hat Customer Portal.

Procedure

  1. Click the following link: Create Issue.
  2. Describe the issue or enhancement in the Summary text box.
  3. Provide details about the issue or requested enhancement in the Description text box.
  4. Type your name in the Reporter text box.

  5. Click the Create button.

    This action creates a documentation ticket and routes it to the appropriate documentation team. Thank you for taking the time to provide feedback.

Opening a support case at Red Hat Support
Copy link

Create a support case from Red Hat Insights at Red Hat Support by performing the following steps:

Prerequisites

  • You are logged in to the Red Hat Customer Portal.

Procedure

  1. Access the Red Hat Hybrid Cloud Console:

  2. Click Help ? and select Open a support case.

    You are redirected to the Customer support page.

  3. From the Get Support page, select the type of issue that you want to report and click Continue.

  4. From the Summarize page, perform the following steps:

    1. On the Summary field, describe the issue.

      Note

      If Red Hat Insights is not auto-selected, you must manually select the product.

    2. From the Product dropdown menu, select Red Hat Insights.
    3. From the Version dropdown menu, select the component you have issues with.

    4. From the Review page, click Submit.

      A support case is created.

Legal Notice
Copy link

Copyright © 2025 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat