Search

Chapter 3. Registering Hosts

download PDF

There are three main methods for registering hosts to Satellite Server or Capsule Server:

  1. (Default method) Generate a curl command from Satellite and run this command from unlimited number of hosts to register them using the global registration template. This method is suited for both freshly installed hosts and hosts that have been previously registered, for example, to Satellite 5 or another Satellite 6.

    By using this method you can also deploy Satellite SSH keys to hosts during registration to Satellite to enable hosts for remote execution jobs. For more information about the remote execution jobs, see Configuring and Setting up Remote Jobs.

    By using this method you can also configure hosts with Red Hat Insights during registration to Satellite. For more information about using Insights with Satellite hosts, see Monitoring Hosts Using Red Hat Insights.

  2. Download and install the consumer RPM server.example.com/pub/katello-ca-consumer-latest.noarch.rpm and then run Subscription Manager. This method is suited for freshly installed hosts.
  3. (Deprecated) Download and run the bootstrap script (server.example.com/pub/bootstrap.py). This method is suited for both freshly installed hosts and hosts that have been previously registered, for example, to Satellite 5 or another Satellite 6.

You can also register Atomic Hosts to Satellite Server or Capsule Server.

Use one of the following procedures to register a host:

Use the following procedures to install and configure host tools:

Supported Host Operating Systems

Hosts must use one of the following Red Hat Enterprise Linux versions:

  • 6.1 or later*
  • 7.0 or later
  • 8.0 or later
Note

Red Hat Enterprise Linux versions 6.1, 6.2, and 6.3 require subscription-manager and related packages to be updated manually. For more information, see https://access.redhat.com/solutions/1256763.

Supported Architectures

All architectures of Red Hat Enterprise Linux are supported:

  • i386
  • x86_64
  • s390x
  • ppc_64

3.1. Registering a Host to Red Hat Satellite

Hosts can be registered to Satellite by generating a curl command on Satellite and running this command on hosts. This method uses two templates: global registration template and host initial configuration template. That gives you complete control over the host registration process. You can set default templates by navigating to Administer > Settings, and clicking the Provisioning tab.

Prerequisites

  • The Satellite user that generates the curl command must have the create_hosts permission.
  • You must have root privileges on the host that you want to register.
  • You must have an activation key created.
  • Optional: If you want to register hosts to Red Hat Insights, you must synchronize the rhel-7-server-rpms repository and make it available in the activation key that you use. This is required to install the insights-client package on hosts.
  • Optional: If you want to register hosts through Capsule, ensure that the Registration feature is enabled on this Capsule.

    Navigate to Infrastructure > Capsules, click the Capsule that you want to use, and locate the Registration feature in the Active features list.

    Optional: If the Registration feature is not enabled on your Capsule, enter the following command on the Capsule to enable it:

    # satellite-installer \
    --foreman-proxy-registration true \
    --foreman-proxy-templates true \
    --foreman-proxy-template-url 'http://capsule.example.com'

Procedure

  1. Navigate to Hosts > Register Host.
  2. Optional: Select a different Organization.
  3. Optional: Select a different Location.
  4. Optional: From the Host Group list, select the host group to associate the hosts with. Fields that inherit value from Host group: Operating system, Activation Keys and Lifecycle environment.
  5. Optional: From the Capsule list, select the Capsule to register hosts through. You must select the internal Capsule if you do not want to use an external Capsule.
  6. Optional: From the Operating system list, select the operating system of hosts that you want to register.
  7. Optional: Select the Insecure option, if you want to make the first call insecure. During this first call, hosts download the CA file from Satellite. Hosts will use this CA file to connect to Satellite with all future calls making them secure.

    It is recommended to avoid insecure calls.

    If an attacker, located in the network between Satellite and a host, fetches the CA file from the first insecure call, the attacker will be able to access the content of the API calls to and from the registered host and the JSON Web Tokens (JWT). Therefore, if you have chosen to deploy SSH keys during registration, the attacker will be able to access the host using the SSH key.

    Instead, you can manually copy and install the CA file on each host before registering the host.

    To do this, find where Satellite stores the CA file by navigating to Administer > Settings > Authentication and locating the value of the SSL CA file setting.

    Copy the CA file to the /etc/pki/ca-trust/source/anchors/ directory on hosts and enter the following commands:

    # update-ca-trust enable
    # update-ca-trust

    Then register the hosts with a secure curl command, such as:

    # curl -sS https://satellite.example.com/register ...

    The following is an example of the curl command with the --insecure option:

    # curl -sS --insecure https://satellite.example.com/register ...
  8. Select the Advanced tab.
  9. From the Setup REX list, select whether you want to deploy Satellite SSH keys to hosts or not.

    If set to Yes, public SSH keys will be installed on the registered host. The inherited value is based on the host_registration_remote_execution parameter. It can be inherited, for example from a host group, an operating system, or an organization. When overridden, the selected value will be stored on host parameter level.

  10. From the Setup Insights list, select whether you want to install insights-client and register the hosts to Insights.

    The Insights tool is available for Red Hat Enterprise Linux only. It has no effect on other operating systems.

    You must enable the following repositories on a registered machine:

    • RHEL 6: rhel-6-server-rpms
    • RHEL 7: rhel-7-server-rpms
    • RHEL 8: rhel-8-for-x86_64-appstream-rpms

      The insights-client package is installed by default on RHEL 8 except in environments whereby RHEL 8 was deployed with "Minimal Install" option.

  11. Optional: In the Token lifetime (hours) field, change the validity duration of the JSON Web Token (JWT) that Satellite uses for authentication. The duration of this token defines how long the generated curl command works. You can set the duration to 0 - 999 999 hours or unlimited.

    Note that Satellite applies the permissions of the user who generates the curl command to authorization of hosts. If the user loses or gains additional permissions, the permissions of the JWT change too. Therefore, do not delete, block, or change permissions of the user during the token duration.

    The scope of the JWTs is limited to the registration endpoints only and cannot be used anywhere else.

  12. Optional: In the Remote Execution Interface field, enter the identifier of a network interface that hosts must use for the SSH connection. If you keep this field blank, Satellite uses the default network interface.
  13. Optional: In the Install packages field, list the packages (separated with spaces) that you want to install on the host upon registration. This can be set by the host_packages parameter.
  14. Optional: Select the Update packages option to update all packages on the host upon registration. This can be set by the host_update_packages parameter.
  15. Optional: In the Repository field, enter a repository to be added before the registration is performed. For example, it can be useful to make the subscription-manager package available for the purpose of the registration. For Red Hat family distributions, enter the URL of the repository, for example http://rpm.example.com/.
  16. Optional: In the Repository GPG key URL field, specify the public key to verify the signatures of GPG-signed packages. It needs to be specified in the ASCII form with the GPG public key header.
  17. In the Activation Keys field, enter one or more activation keys to assign to hosts.
  18. Optional: Select the Lifecycle environment.
  19. Optional: Select the Ignore errors option if you want to ignore subscription manager errors.
  20. Optional: Select the Force option if you want to remove any katello-ca-consumer rpms before registration and run subscription-manager with the --force argument.
  21. Click the Generate button.
  22. Copy the generated curl command.
  23. On the hosts that you want to register, run the curl command as root.

3.1.1. Customizing the Registration Templates

Use information in this section if you want to customize the registration process.

Note that all default templates in Satellite are locked. If you want to customize the registration process, you need to clone the default templates and edit the clones. Then, in Administer > Settings > Provisioning change the Default Global registration template and Default 'Host initial configuration' template settings to point to your custom templates.

Templates

The registration process uses the following registration templates:

  • The Global Registration template contains steps for registering hosts to Satellite. This template renders when hosts access the /register endpoint.
  • The Linux host_init_config default template contains steps for initial configuration of hosts after they are registered.

Global Parameters

You can configure the following global parameters by navigating to Configure > Global Parameters:

  • The host_registration_remote_execution parameter is used in the remote_execution_ssh_keys snippet, the default value is true.
  • The host_registration_insights parameter is used in the insights snippet, the default value is true.
  • The host_packages parameter is for installing packages on the host.
  • The remote_execution_ssh_keys, remote_execution_ssh_user, remote_execution_create_user and remote_execution_effective_user_method parameters are used in the remote_execution_ssh_keys. For more details se the details of the snippet.
  • The encrypt_grub parameter is to enable setting of an encrypted bootloader password for the host, the default value is false.

    To actually set the password, use the grub_pass macro in your template.

Snippets

Snippet is used in the Linux host_init_config default template:

  • The remote_execution_ssh_keys snippet deploys SSH keys to the host only when the host_registration_remote_execution parameter is true.
  • The insights snippet downloads and installs the Red Hat Insights client when global parameter host_registration_insights is set to true.
  • The puppetlabs_repo and puppet_setup snippets downloads and installs puppet agent on the host (only when puppet master is present)
  • The host_init_config_post is empty snippet for user’s custom actions on during host initial configuration.

Variables

This table describes what variables are used in the Global Registration template.

Table 3.1. The Global Registration Template Variables
VariableCommand argumentDescription

@user

none

Current authenticated user object.

@organization

organization_id

If organization_id is not set, then user’s default organization is set, or the first organization from user’s organizations list.

@location

location_id

If location_id is not set, user’s default location is set, or the first location from user’s locations list.

@hostgroup

hostgroup_id

Host group of the host.

@operatingsystem

operatingsystem_id

Host operating system.

@setup_insights

setup_insights

Override the value of the host_registration_insights global parameter for the registered host and install insights client.

@setup_remote_execution

setup_remote_execution

Override the value of host_registration_remote_execution global parameter for the registered host and deploy SSH keys for remote execution.

@setup_remote_execution

setup_remote_execution

Set default interface of host for the remote execution.

@packages

packages

Packages to install

@repo

repo

Add repository on the host

@repo_gpg_key_url

repo_gpg_key_url

Set repository GPG key form URL

@activation_keys

activation_keys

Host activation keys.

@force

force

Remove any katello-ca-consumer* rpms and run subscription-manager register command with --force argument.

@ignore_subman_errors

ignore_subman_errors

Ignore subscription-manager errors

@lifecycle_environment_id

lifecycle_environment_id

Life cycle environment id

@registration_url

none

URL for the /register endpoint.

3.2. Registering a Host to Red Hat Satellite Manually

Use the following procedure to manually register a host to Red Hat Satellite 6.

Prerequisites

  • Satellite Server, any Capsule Servers, and all hosts must be synchronized with the same NTP server, and have a time synchronization tool enabled and running.
  • The daemon rhsmcertd must be running on the hosts.
  • An activation key must be available for the host. For more information, see Managing Activation Keys in the Content Management Guide.
  • Subscription Manager must be version 1.10 or later. The package is available in the standard Red Hat Enterprise Linux repository.

Procedure

Red Hat Enterprise Linux hosts register to the Red Hat Content Delivery Network by default.

Update each host configuration so that they receive updates from the correct Satellite Server or Capsule Server:

  1. Note the fully qualified domain name (FQDN) of Satellite Server or Capsule Server, for example server.example.com.
  2. Log in to the host as the root user and download the katello-ca-consumer-latest.noarch.rpm package from Satellite Server or Capsule Server to which the host is to be registered. The consumer RPM configures the host to download content from the content source that is specified in Red Hat Satellite.

    # curl --insecure --output katello-ca-consumer-latest.noarch.rpm https://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm
  3. Install the katello-ca-consumer-latest.noarch.rpm package:

    # yum localinstall katello-ca-consumer-latest.noarch.rpm
    Note

    The RPM package is not signed. If required, you can add the --nosignature option to install the package. The katello-ca-consumer-hostname-1.0-1.noarch.rpm package is an additional katello-ca-consumer RPM that contains the server’s host name. The katello-ca-consumer-latest.noarch.rpm package always reflects the most recent version. Both serve the same purpose.

  4. Clear any old host data related to Red Hat Subscription Manager (RHSM):

    # subscription-manager clean
  5. Register the host using RHSM:

    # subscription-manager register --org=your_org_name \
    --activationkey=your_activation_key

    Example 3.1. Command Output after Registration:

    # subscription-manager register --org=MyOrg --activationkey=TestKey-1
    The system has been registered with id: 62edc0f8-855b-4184-b1b8-72a9dc793b96
Note

You can use the --environment option to override the Content View and life cycle environment defined by the activation key. For example, to register a host to the Content View "MyView" in a "Development" life cycle environment:

 # subscription-manager register --org=your_org_name \
 --environment=Development/MyView \
 --activationkey=your_activation_key
Note

For Red Hat Enterprise Linux 6.3 hosts, the release version defaults to Red Hat Enterprise Linux 6 Server and needs to be pointed to the 6.3 repository:

  1. In the Satellite web UI, navigate to Hosts > Content Hosts.
  2. Select the check box next to the host that needs to be changed.
  3. From the Select Action list, select Set Release Version.
  4. From the Release Version list, select 6.3.
  5. Click Done.

3.3. Registering an Atomic Host to Red Hat Satellite

Use the following procedure to register an Atomic Host to Red Hat Satellite 6.

Procedure

  1. Log in to the Atomic Host as the root user.
  2. Retrieve katello-rhsm-consumer from Satellite Server:

    # wget http://satellite.example.com/pub/katello-rhsm-consumer
  3. Change the mode of katello-rhsm-consumer to make it executable:

    # chmod +x katello-rhsm-consumer
  4. Run katello-rhsm-consumer:

    # ./katello-rhsm-consumer

    Register with Red Hat Subscription Manager:

    # subscription-manager register
Note

The Katello agent is not supported on Atomic Hosts.

3.4. Registering a Host to Red Hat Satellite Using The Bootstrap Script

Deprecated Use registration via Global registration feature.

Use the bootstrap script to automate content registration and Puppet configuration. You can use the bootstrap script to register new hosts, or to migrate existing hosts to Red Hat Satellite 6 from Satellite 5, RHN, SAM, or RHSM.

The katello-client-bootstrap package is installed by default on Satellite Server’s base operating system. The bootstrap.py script is installed in the /var/www/html/pub/ directory to make it available to hosts at satellite.example.com/pub/bootstrap.py. The script includes documentation in the /usr/share/doc/katello-client-bootstrap-version/README.md file.

To use the bootstrap script, you must install it on the host. As the script is only required once, and only for the root user, you can place it in /root or /usr/local/sbin and remove it after use. This procedure uses /root.

Prerequisites

  • You have a Satellite user with the permissions required to run the bootstrap script. The examples in this procedure specify the admin user. If this is not acceptable to your security policy, create a new role with the minimum permissions required and add it to the user that will run the script. For more information, see Section 3.4.1, “Setting Permissions for the Bootstrap Script”.
  • You have an activation key for your hosts with the Satellite Tools 6.10 repository enabled. For information on configuring activation keys, see Managing Activation Keys in the Content Management Guide.
  • You have created a host group. For more information about creating host groups, see Section 2.5, “Creating a Host Group”.

Puppet Considerations

If a host group is associated with a Puppet environment created inside a Production environment, Puppet fails to retrieve the Puppet CA certificate while registering a host from that host group.

To create a suitable Puppet environment to be associated with a host group, follow these steps:

  1. Manually create a directory and change the owner:

    # mkdir /etc/puppetlabs/code/environments/example_environment
    # chown apache /etc/puppetlabs/code/environments/example_environment
  2. Navigate to Configure > Environments and click Import environment from. The button name includes the FQDN of the internal or external Capsule.
  3. Choose the created directory and click Update.

Procedure

  1. Log in to the host as the root user.
  2. Download the script:

    # curl -O http://satellite.example.com/pub/bootstrap.py
  3. Make the script executable:

    # chmod +x bootstrap.py
  4. Confirm that the script is executable by viewing the help text:

    • On Red Hat Enterprise Linux 8:

      # /usr/libexec/platform-python bootstrap.py -h
    • On other Red Hat Enterprise Linux versions:

      # ./bootstrap.py -h
  5. Enter the bootstrap command with values suitable for your environment.

    For the --server option, specify the FQDN of Satellite Server or a Capsule Server. For the --location, --organization, and --hostgroup options, use quoted names, not labels, as arguments to the options. See Section 3.4.2, “Advanced Bootstrap Script Configuration” for advanced use cases.

    • On Red Hat Enterprise Linux 8, enter the following command:

      # /usr/libexec/platform-python bootstrap.py \
      --login=admin \
      --server satellite.example.com \
      --location="Example Location" \
      --organization="Example Organization" \
      --hostgroup="Example Host Group" \
      --activationkey=activation_key
    • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

      # ./bootstrap.py --login=admin \
      --server satellite.example.com \
      --location="Example Location" \
      --organization="Example Organization" \
      --hostgroup="Example Host Group" \
      --activationkey=activation_key
  6. Enter the password of the Satellite user you specified with the --login option.

    The script sends notices of progress to stdout.

  7. When prompted by the script, approve the host’s Puppet certificate. In the Satellite web UI, navigate to Infrastructure > Capsules and find the Satellite or Capsule Server you specified with the --server option.
  8. From the list in the Actions column, select Certificates.
  9. In the Actions column, click Sign to approve the host’s Puppet certificate.
  10. Return to the host to see the remainder of the bootstrap process completing.
  11. In the Satellite web UI, navigate to Hosts > All hosts and ensure that the host is connected to the correct host group.
  12. Optional: After the host registration is complete, remove the script:

    # rm bootstrap.py

3.4.1. Setting Permissions for the Bootstrap Script

Use this procedure to configure a Satellite user with the permissions required to run the bootstrap script. To use the CLI instead of the web UI, see the CLI procedure.

Procedure

  1. In the Satellite web UI, navigate to Administer > Users.
  2. Select an existing user by clicking the required Username. A new pane opens with tabs to modify information about the selected user. Alternatively, create a new user specifically for the purpose of running this script.
  3. Click the Roles tab.
  4. Select Edit hosts and Viewer from the Roles list.

    Important

    The Edit hosts role allows the user to edit and delete hosts as well as being able to add hosts. If this is not acceptable to your security policy, create a new role with the following permissions and assign it to the user:

    • view_organizations
    • view_locations
    • view_domains
    • view_hostgroups
    • view_hosts
    • view_architectures
    • view_ptables
    • view_operatingsystems
    • create_hosts
  5. Click Submit.

CLI procedure

  1. Create a role with the minimum permissions required by the bootstrap script. This example creates a role with the name Bootstrap:

    # ROLE='Bootstrap'
    hammer role create --name "$ROLE"
    hammer filter create --role "$ROLE" --permissions view_organizations
    hammer filter create --role "$ROLE" --permissions view_locations
    hammer filter create --role "$ROLE" --permissions view_domains
    hammer filter create --role "$ROLE" --permissions view_hostgroups
    hammer filter create --role "$ROLE" --permissions view_hosts
    hammer filter create --role "$ROLE" --permissions view_architectures
    hammer filter create --role "$ROLE" --permissions view_ptables
    hammer filter create --role "$ROLE" --permissions view_operatingsystems
    hammer filter create --role "$ROLE" --permissions create_hosts
  2. Assign the new role to an existing user:

    # hammer user add-role --id user_id --role Bootstrap

    Alternatively, you can create a new user and assign this new role to them. For more information on creating users with Hammer, see Managing Users and Roles in the Administering Red Hat Satellite guide.

3.4.2. Advanced Bootstrap Script Configuration

This section has more examples for using the bootstrap script to register or migrate a host.

Warning

These examples specify the admin Satellite user. If this is not acceptable to your security policy, create a new role with the minimum permissions required by the bootstrap script. For more information, see Section 3.4.1, “Setting Permissions for the Bootstrap Script”.

Migrating a host from one Satellite 6 to another Satellite 6

Use the script with --force to remove the katello-ca-consumer-* packages from the old Satellite and install the katello-ca-consumer-* packages on the new Satellite.

  • On Red Hat Enterprise Linux 8, enter the following command:

    # /usr/libexec/platform-python bootstrap.py \
    --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --force
  • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

    # bootstrap.py --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --force

Migrating a host from Red Hat Network (RHN) or Satellite 5 to Satellite 6

The bootstrap script detects the presence of /etc/syconfig/rhn/systemid and a valid connection to RHN as an indicator that the system is registered to a legacy platform. The script then calls rhn-classic-migrate-to-rhsm to migrate the system from RHN. By default, the script does not delete the system’s legacy profile due to auditing reasons. To remove the legacy profile, use --legacy-purge, and use --legacy-login to supply a user account that has appropriate permissions to remove a profile. Enter the user account password when prompted.

  • On Red Hat Enterprise Linux 8, enter the following command:

    # /usr/libexec/platform-python bootstrap.py \
    --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --legacy-purge \
    --legacy-login rhn-user
  • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

    # bootstrap.py --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --legacy-purge \
    --legacy-login rhn-user

Registering a host to Satellite 6, omitting Puppet setup

By default, the bootstrap script configures the host for content management and configuration management. If you have an existing configuration management system and do not want to install Puppet on the host, use --skip-puppet.

  • On Red Hat Enterprise Linux 8, enter the following command:

    # /usr/libexec/platform-python bootstrap.py \
    --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --skip-puppet
  • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

    # bootstrap.py --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --skip-puppet

Registering a host to Satellite 6 for content management only

To register a system as a content host, and omit the provisioning and configuration management functions, use --skip-foreman.

  • On Red Hat Enterprise Linux 8, enter the following command:

    # /usr/libexec/platform-python bootstrap.py \
    --server satellite.example.com \
    --organization="Example Organization" \
    --activationkey=activation_key \
    --skip-foreman
  • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

    # bootstrap.py --server satellite.example.com \
    --organization="Example Organization" \
    --activationkey=activation_key \
    --skip-foreman

Changing the method the bootstrap script uses to download the consumer RPM

By default, the bootstrap script uses HTTP to download the consumer RPM (server.example.com/pub/katello-ca-consumer-latest.noarch.rpm). In some environments, you might want to allow HTTPS only between the host and Satellite. Use --download-method to change the download method from HTTP to HTTPS.

  • On Red Hat Enterprise Linux 8, enter the following command:

    # /usr/libexec/platform-python bootstrap.py \
    --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --download-method https
  • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

    # bootstrap.py --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --download-method https

Providing the host’s IP address to Satellite

On hosts with multiple interfaces or multiple IP addresses on one interface, you might need to override the auto-detection of the IP address and provide a specific IP address to Satellite. Use --ip.

  • On Red Hat Enterprise Linux 8, enter the following command:

    # /usr/libexec/platform-python bootstrap.py \
    --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --ip 192.x.x.x
  • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

    # bootstrap.py --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --ip 192.x.x.x

Enabling remote execution on the host

Use --rex and --rex-user to enable remote execution and add the required SSH keys for the specified user.

  • On Red Hat Enterprise Linux 8, enter the following command:

    # /usr/libexec/platform-python bootstrap.py \
    --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --rex \
    --rex-user root
  • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

    # bootstrap.py --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --rex \
    --rex-user root

Creating a domain for a host during registration

To create a host record, the DNS domain of a host needs to exist in Satellite prior to running the script. If the domain does not exist, add it using --add-domain.

  • On Red Hat Enterprise Linux 8, enter the following command:

    # /usr/libexec/platform-python bootstrap.py \
    --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --add-domain
  • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

    # bootstrap.py --login=admin \
    --server satellite.example.com \
    --location="Example Location" \
    --organization="Example Organization" \
    --hostgroup="Example Host Group" \
    --activationkey=activation_key \
    --add-domain

Providing an alternative FQDN for the host

If the host’s host name is not an FQDN, or is not RFC-compliant (containing a character such as an underscore), the script will fail at the host name validation stage. If you cannot update the host to use an FQDN that is accepted by Satellite, you can use the bootstrap script to specify an alternative FQDN.

  1. Set create_new_host_when_facts_are_uploaded and create_new_host_when_report_is_uploaded to false using Hammer:

    # hammer settings set \
    --name  create_new_host_when_facts_are_uploaded \
    --value false
    # hammer settings set \
    --name  create_new_host_when_report_is_uploaded \
    --value false
  2. Use --fqdn to specify the FQDN that will be reported to Satellite:

    • On Red Hat Enterprise Linux 8, enter the following command:

      # /usr/libexec/platform-python bootstrap.py --login=admin \
      --server satellite.example.com \
      --location="Example Location" \
      --organization="Example Organization" \
      --hostgroup="Example Host Group" \
      --activationkey=activation_key \
      --fqdn node100.example.com
    • On Red Hat Enterprise Linux 5, 6, or 7, enter the following command:

      # bootstrap.py --login=admin \
      --server satellite.example.com \
      --location="Example Location" \
      --organization="Example Organization" \
      --hostgroup="Example Host Group" \
      --activationkey=activation_key \
      --fqdn node100.example.com

3.5. Installing the Katello Agent

You can install the Katello agent to remotely update Satellite clients.

Note

The Katello agent is deprecated and will be removed in a future Satellite version. Migrate your processes to use the remote execution feature to update clients remotely. For more information, see Migrating from Katello Agent to Remote Execution in the Managing Hosts Guide.

The katello-agent package depends on the gofer package that provides the goferd service.

Prerequisites

  • You have enabled the Satellite Tools 6.10 repository on Satellite Server. For more information, see Enabling the Satellite Tools 6.10 Repository in Installing Satellite Server from a Connected Network.
  • You have synchronized the Satellite Tools 6.10 repository on Satellite Server. For more information, see Synchronizing the Satellite Tools 6.10 Repository in Installing Satellite Server from a Connected Network.
  • You have enabled the Satellite Tools 6.10 repository on the client.

Procedure

  1. Install the katello-agent package:

    # yum install katello-agent
  2. Start the goferd service :

    # systemctl start goferd

3.6. Installing Tracer

Use this procedure to install Tracer on Red Hat Satellite 6.10, and access Traces. Tracer displays a list of services and applications that are outdated and need to be restarted. Traces is the output generated by Tracer in the Satellite web UI.

Prerequisites

  • The host must be registered to Red Hat Satellite.
  • The Red Hat Satellite Tools 6.10 repository must be enabled and synchronized on Satellite Server, and enabled on the host.

Procedure

  1. On the content host, install the katello-host-tools-tracer RPM package:

    # yum install katello-host-tools-tracer
  2. Enter the following command:

    # katello-tracer-upload
  3. In the Satellite web UI, navigate to Hosts > All hosts, then click the required host name.
  4. In the Properties tab, examine the Properties table and find the Traces item. If you cannot find a Traces item in the Properties table, then Tracer is not installed.
  5. Navigate to Hosts > Content Hosts, then click the required host name.
  6. Click the Traces tab to view Traces.

3.7. Installing and Configuring the Puppet Agent

Use this procedure to install and configure the Puppet agent on a host. For more information about Puppet, see the Puppet Guide.

Prerequisites

  • The host must be registered to Red Hat Satellite.
  • The host must have a Puppet environment assigned to it.
  • The Red Hat Satellite Tools 6.10 repository must be enabled and synchronized on Satellite Server, and enabled on the host.

Procedure

  1. Log in to the host as the root user.
  2. Install the Puppet agent package:

    # yum install puppet-agent
  3. Configure the Puppet agent to start on boot:

    • On Red Hat Enterprise Linux 6:

      # chkconfig puppet on
    • On Red Hat Enterprise Linux 7:

      # systemctl enable puppet
  4. Append the following server and environment settings to the /etc/puppetlabs/puppet/puppet.conf file. Set the environment parameter to the name of the Puppet environment to which the host belongs:

    environment = My_Example_Org_Library
    server = satellite.example.com
    ca_server = satellite.example.com
  5. Run the Puppet agent on the host:

    # puppet agent -t
  6. In the Satellite web UI, navigate to Infrastructure > Capsules.
  7. From the list in the Actions column for the required Capsule Server, select Certificates.
  8. Click Sign to the right of the required host to sign the SSL certificate for the Puppet client.
  9. Enter the puppet agent command again:

    # puppet agent -t

3.8. Migrating from Katello Agent to Remote Execution

Remote Execution is the preferred way to manage package content on hosts. The Katello Agent is deprecated and will be removed in a future Satellite version. Follow these steps to switch to Remote Execution.

Prerequisites

  • You have enabled the Satellite Tools 6.10 repository on Satellite Server. For more information, see Enabling the Satellite Tools 6.10 Repository in Installing Satellite Server from a Connected Network.
  • You have synchronized the Satellite Tools 6.10 repository on Satellite Server. For more information, see Synchronizing the Satellite Tools 6.10 Repository in Installing Satellite Server from a Connected Network.
  • You have previously installed the katello-agent package on content hosts.

Procedure

  1. Stop the goferd service on content hosts:

    # systemctl stop goferd.service
  2. Disable the goferd service on content hosts:

    # systemctl disable goferd.service
  3. Remove the Katello agent on content hosts:

    Warning

    If your host is installed on Red Hat Virtualization version 4.4 or lower, do not remove the katello-agent package because the removed dependencies corrupt the host.

    # yum remove katello-agent
  4. Distribute the remote execution SSH keys to the content hosts. For more information, see Section 10.8, “Distributing SSH Keys for Remote Execution”.
  5. In the Satellite web UI, navigate to Administer > Settings.
  6. Select the Content tab.
  7. Set the Use remote execution by default parameter to Yes.

The Satellite server now uses host management by remote execution instead of katello-agent.

The following table shows the remote execution equivalent commands to perform specific package actions. See hammer job-invocation create --help to learn how to specify search queries to determine the target hosts or host collections.

Table 3.2. Hammer Commands
ActionKatello AgentRemote Execution

Install a package

hammer host package install

hammer job-invocation create --feature katello_package_install

Install a package (host collection)

hammer host-collection package install

hammer job-invocation create --feature katello_package_install

Remove a package

hammer host package remove

hammer job-invocation create --feature katello_package_remove

Remove a package (host collection)

hammer host-collection package remove

hammer job-invocation create --feature katello_package_remove

Update a package

hammer host package upgrade

hammer job-invocation create --feature katello_package_update

Update a package (host collection)

hammer host-collection package update

hammer job-invocation create --feature katello_package_update

Update all packages

hammer host package update

hammer job-invocation create --feature katello_package_update

Install errata

hammer host errata apply

hammer job-invocation create --feature katello_errata_install

Install errata (host collection)

hammer host-collection errata install

hammer job-invocation create --feature katello_errata_install

Install a package group

hammer host package-group install

hammer job-invocation create --feature katello_group_install

Install a package group (host collection)

hammer host-collection package-group install

hammer job-invocation create --feature katello_group_install

Remove a package group

hammer host package-group remove

hammer job-invocation create --feature katello_group_remove

Remove a package group (host collection)

hammer host-collection package-group remove

hammer job-invocation create --feature katello_group_remove

Update a package group

hammer host package-group update

hammer job-invocation create --feature katello_group_update

Update a package group (host collection)

hammer host-collection package-group update

hammer job-invocation create --feature katello_group_update

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.