Chapter 2. Configuring Red Hat Satellite Services
In this example configuration, the Satellite is responsible for provisioning hosts in the 172.17.13.0/24 subnet. This section describes how to configure DNS, DHCP, and TFTP to service the clients that are being provisioned on the subnet.
2.1. Configuring DNS, DHCP, and TFTP
This section describes how to configure Satellite to run BIND (
named
) to provide authoritative DNS services for the example.org
domain and the 172.17.13.x subnet. This requires setting up a DNS zone for forward lookups, which will be contained in the example.org
zone file. Additionally, a DNS zone for reverse lookups will be created for the 172.17.13.x subnet, which will be contained in the 13.17.172.in-addr.arpa
reverse zone file. This ensures that hosts provisioned from Satellite use the correct name resolution parameters. This section also describes how to configure the TFTP proxy so that hosts can boot using PXE.
Clients on this network will have the following characteristics:
- Have access to IP addresses in the range 172.17.13.100 to 172.17.13.150 for DHCP.
- Use the Satellite (
satellite.example.org
at 172.17.13.2) for DNS. - Receive a
pxelinux.0
file from Satellite (satellite.example.org
at 172.17.13.2) to enable PXE-booting. - Have host names of
hostname.example.org
, where hostname is configured when the host is provisioned.
Important
This example enables DHCP services on the Satellite server. Consult your network administrator before proceeding.
2.1.1. Satellite Configuration Options
The following table describes the various options and the values required to correctly configure the Satellite server. The
katello-installer
command uses Puppet; consequently, it will install additional packages (bind, dhcp, xinetd, and so on) and configure them to add the requested functionality.
For a complete list of available options, run
katello-installer --help
.
Option
|
Description
|
Value
|
---|---|---|
--foreman-admin-username | The user name for the initial administrator. | (User specified) |
--foreman-admin-password | The password for the initial administrator. | (User specified) |
--capsule-dns | Enable DNS proxy capability. | yes |
--capsule-dns-interface | Which interface named should listen on. | eth0 |
--capsule-dns-zone | The Forward DNS zone that the Satellite will host. | example.org |
--capsule-dns-forwarders | The DNS server that unknown queries are forwarded to. | 172.17.13.1 |
--capsule-dns-reverse | The Reverse DNS zone the Satellite hosts. This is usually the first three octets of the IP address (172.17.13) reversed, and appended with ".in-addr.arpa". | 13.17.172.in-addr.arpa |
--capsule-dhcp | Enable DHCP proxy capability. | yes |
--capsule-dhcp-interface | The interface that DHCP listens on. | eth0 |
--capsule-dhcp-range | The range of IP addresses to issue to clients. | 172.17.13.100 172.172.13.150 |
--capsule-dhcp-gateway | The default gateway IP to issue to clients. | 172.17.13.1 |
--capsule-dhcp-nameservers | The host that the clients should use for name resolution. This should be configured with the Satellite's IP in this deployment model. | 172.17.13.2 |
--capsule-tftp | Enable TFTP proxy capability. This is needed to PXE boot the clients. | yes |
--capsule-tftp-servername | Set the TFTP host name. Set this to match the server's host name (satellite.example.org). | $(hostname) |
--capsule-puppet | Enable the Puppet Master. | yes |
--capsule-puppetca | Enable the Puppet CA. | yes |
2.1.2. Configuring Satellite Services
Run the following
katello-installer
command as root, using the specified options to configure the required services on the Satellite server. Remember to substitute your desired administrator user name and password.
Important
- If you have already installed Satellite using the instructions in the Installation Guide, do not include the
--foreman-admin-username
and--foreman-admin-password
options in the following command. - If you do not specify the administrator user name and password, the default user
admin
is created, and the password is automatically generated. The credentials are displayed at the end of the installation process. Make a note of this password. You can also retrieve the password fromadmin_password
parameter in the/etc/katello-installer/answers.katello-installer.yaml
file.
katello-installer \ --foreman-admin-username admin-username \ --foreman-admin-password admin-password \ --capsule-dns true \ --capsule-dns-interface eth0 \ --capsule-dns-zone example.org \ --capsule-dns-forwarders 172.17.13.1 \ --capsule-dns-reverse 13.17.172.in-addr.arpa \ --capsule-dhcp true \ --capsule-dhcp-interface eth0 \ --capsule-dhcp-range "172.17.13.100 172.17.13.150" \ --capsule-dhcp-gateway 172.17.13.1 \ --capsule-dhcp-nameservers 172.17.13.2 \ --capsule-tftp true \ --capsule-tftp-servername $(hostname) \ --capsule-puppet true \ --capsule-puppetca true
At the end of the installation process,
katello-installer
displays the status of the installation.
Success! * Katello is running at https://satellite.example.org Default credentials are 'admin:*******' * Capsule is running at https://satellite.example.org:9090 * To install additional capsule on separate machine continue by running:" capsule-certs-generate --capsule-fqdn "$CAPSULE" --certs-tar "~/$CAPSULE-certs.tar" The full log is at /var/log/katello-installer/katello-installer.log
Use a web browser to navigate to https://satellite.example.org to display the Satellite home page. This example uses the default organization (Default_Organization) and the default location.