Chapter 2. Configuring Provisioning Resources
2.1. Provisioning Contexts
A provisioning context is the combination of an organization and location that you specify for Satellite components. The organization and location that a component belongs to sets the ownership and access for that component.
Organizations divide Red Hat Satellite components into logical groups based on ownership, purpose, content, security level, and other divisions. You can create and manage multiple organizations through Red Hat Satellite and assign components to each individual organization. This ensures Satellite Server provisions hosts within a certain organization and only uses components that are assigned to that organization. For more information about organizations, see Managing Organizations in Administering Red Hat Satellite.
Locations function similar to organizations. The difference is that locations are based on physical or geographical setting. Users can nest locations in a hierarchy. For more information about locations, see Managing Locations in Administering Red Hat Satellite.
2.2. Setting the Provisioning Context
When you set a provisioning context, you define which organization and location to use for provisioning hosts.
The organization and location menus are located in the menu bar, on the upper left of the Satellite web UI. If you have not selected an organization and location to use, the menu displays: Any Organization and Any Location.
Procedure
- Click Any Organization and select the organization.
- Click Any Location and select the location to use.
Each user can set their default provisioning context in their account settings. Click the user name in the upper right of the Satellite web UI and select My account to edit your user account settings.
CLI procedure
When using the CLI, include either
--organization
or--organization-label
and--location
or--location-id
as an option. For example:# hammer host list --organization "My_Organization" --location "My_Location"
This command outputs hosts allocated to
My_Organization
andMy_Location
.
2.3. Creating Operating Systems
An operating system is a collection of resources that define how Satellite Server installs a base operating system on a host. Operating system entries combine previously defined resources, such as installation media, partition tables, provisioning templates, and others.
Importing operating systems from Red Hat’s CDN creates new entries on the Hosts > Operating Systems page. To import operating systems from Red Hat’s CDN, enable the Red Hat repositories of the operating systems and synchronize the repositories to Satellite. For more information, see Enabling Red Hat Repositories and Synchronizing Repositories in Managing Content.
You can also add custom operating systems using the following procedure. To use the CLI instead of the Satellite web UI, see the CLI procedure.
Procedure
- In the Satellite web UI, navigate to Hosts > Operating systems and click New Operating system.
- In the Name field, enter a name to represent the operating system entry.
- In the Major field, enter the number that corresponds to the major version of the operating system.
- In the Minor field, enter the number that corresponds to the minor version of the operating system.
- In the Description field, enter a description of the operating system.
- From the Family list, select the operating system’s family.
- From the Root Password Hash list, select the encoding method for the root password.
- From the Architectures list, select the architectures that the operating system uses.
- Click the Partition table tab and select the possible partition tables that apply to this operating system.
- Optional: if you use non-Red Hat content, click the Installation Media tab and select the installation media that apply to this operating system. For more information, see Adding Installation Media to Satellite.
- Click the Templates tab and select a PXELinux template, a Provisioning template, and a Finish template for your operating system to use. You can select other templates, for example an iPXE template, if you plan to use iPXE for provisioning.
- Click Submit to save your provisioning template.
CLI procedure
Create the operating system using the
hammer os create
command:# hammer os create \ --architectures "x86_64" \ --description "My_Custom_Operating_System" \ --family "Redhat" \ --major 7 \ --media "Red_Hat" \ --minor 3 \ --name "My_Operating_System" \ --partition-tables "My_Partition" \ --provisioning-templates "My_Provisioning_Template"
2.4. Updating the Details of Multiple Operating Systems
Use this procedure to update the details of multiple operating systems. This example shows you how to assign each operating system a partition table called Kickstart default
, a configuration template called Kickstart default PXELinux
, and a provisioning template called Kickstart Default
.
Procedure
On Satellite Server, run the following Bash script:
PARTID=$(hammer --csv partition-table list | grep "Kickstart default," | cut -d, -f1) PXEID=$(hammer --csv template list --per-page=1000 | grep "Kickstart default PXELinux" | cut -d, -f1) SATID=$(hammer --csv template list --per-page=1000 | grep "provision" | grep ",Kickstart default" | cut -d, -f1) for i in $(hammer --no-headers --csv os list | awk -F, {'print $1'}) do hammer partition-table add-operatingsystem --id="${PARTID}" --operatingsystem-id="${i}" hammer template add-operatingsystem --id="${PXEID}" --operatingsystem-id="${i}" hammer os set-default-template --id="${i}" --config-template-id=${PXEID} hammer os add-config-template --id="${i}" --config-template-id=${SATID} hammer os set-default-template --id="${i}" --config-template-id=${SATID} done
Display information about the updated operating system to verify that the operating system is updated correctly:
# hammer os info --id 1
2.5. Creating Architectures
An architecture in Satellite represents a logical grouping of hosts and operating systems. Architectures are created by Satellite automatically when hosts check in with Puppet. The x86_64 architecture is already preset in Satellite.
Use this procedure to create an architecture in Satellite.
Supported Architectures
Only Intel x86_64 architecture is supported for provisioning using PXE, Discovery, and boot disk. For more information, see the Red Hat Knowledgebase solution Supported architectures and provisioning scenarios in Satellite 6.
Procedure
- In the Satellite web UI, navigate to Hosts > Architectures and click Create Architecture.
- In the Name field, enter a name for the architecture.
- From the Operating Systems list, select an operating system. If none are available, you can create and assign them under Hosts > Operating Systems.
- Click Submit.
CLI procedure
Enter the
hammer architecture create
command to create an architecture. Specify its name and operating systems that include this architecture:# hammer architecture create \ --name "My_Architecture" \ --operatingsystems "My_Operating_System"
2.6. Creating Hardware Models
Use this procedure to create a hardware model in Satellite so that you can specify which hardware model a host uses.
Procedure
- In the Satellite web UI, navigate to Hosts > Hardware Models and click Create Model.
- In the Name field, enter a name for the hardware model.
- Optionally, in the Hardware Model and Vendor Class fields, you can enter corresponding information for your system.
- In the Info field, enter a description of the hardware model.
- Click Submit to save your hardware model.
CLI procedure
Create a hardware model using the
hammer model create
command. The only required parameter is--name
. Optionally, enter the hardware model with the--hardware-model
option, a vendor class with the--vendor-class
option, and a description with the--info
option:# hammer model create \ --hardware-model "My_Hardware_Model" \ --info "My_Description" \ --name "My_Hardware_Model_Name" \ --vendor-class "My_Vendor_Class"
2.7. Using a Synced Kickstart Repository for a Host’s Operating System
Satellite contains a set of synchronized kickstart repositories that you use to install the provisioned host’s operating system. For more information about adding repositories, see Syncing Repositories in Managing Content.
Use this procedure to set up a kickstart repository.
Prerequisites
You must enable both BaseOS and Appstream Kickstart before provisioning.
Procedure
Add the synchronized kickstart repository that you want to use to the existing Content View, or create a new Content View and add the kickstart repository.
For Red Hat Enterprise Linux 8, ensure that you add both Red Hat Enterprise Linux 8 for x86_64 - AppStream Kickstart x86_64 8 and Red Hat Enterprise Linux 8 for x86_64 - BaseOS Kickstart x86_64 8 repositories.
If you use a disconnected environment, you must import the Kickstart repositories from a Red Hat Enterprise Linux binary DVD. For more information, see Importing Kickstart Repositories in Managing Content.
- Publish a new version of the Content View where the kickstart repository is added and promote it to a required lifecycle environment. For more information, see Managing Content Views in Managing Content.
- When you create a host, in the Operating System tab, for Media Selection, select the Synced Content checkbox.
To view the kickstart tree, enter the following command:
# hammer medium list --organization "My_Organization"
2.8. Adding Installation Media to Satellite
Installation media are sources of packages that Satellite Server uses to install a base operating system on a machine from an external repository. You can use this parameter to install third-party content. Red Hat content is delivered through repository syncing instead.
You can view installation media by navigating to Hosts > Provisioning Setup > Installation Media.
Installation media must be in the format of an operating system installation tree and must be accessible from the machine hosting the installer through an HTTP URL.
By default, Satellite includes installation media for some official Linux distributions. Note that some of those installation media are targeted for a specific version of an operating system. For example CentOS mirror (7.x) must be used for CentOS 7 or earlier, and CentOS mirror (8.x) must be used for CentOS 8 or later.
If you want to improve download performance when using installation media to install operating systems on multiple hosts, you must modify the Path of the installation medium to point to the closest mirror or a local copy.
To use the CLI instead of the Satellite web UI, see the CLI procedure.
Procedure
- In the Satellite web UI, navigate to Hosts > Installation Media and click Create Medium.
- In the Name field, enter a name to represent the installation media entry.
In the Path enter the URL that contains the installation tree. You can use following variables in the path to represent multiple different system architectures and versions:
-
$arch
– The system architecture. -
$version
– The operating system version. -
$major
– The operating system major version. $minor
– The operating system minor version.Example HTTP path:
http://download.example.com/centos/$version/Server/$arch/os/
-
-
From the Operating system family list, select the distribution or family of the installation medium. For example, CentOS and Fedora are in the
Red Hat
family. - Click the Organizations and Locations tabs, to change the provisioning context. Satellite Server adds the installation medium to the set provisioning context.
- Click Submit to save your installation medium.
CLI procedure
Create the installation medium using the
hammer medium create
command:# hammer medium create \ --locations "My_Location" \ --name "My_OS" \ --organizations "My_Organization" \ --os-family "Redhat" \ --path "http://download.example.com/centos/$version/Server/$arch/os/"
2.9. Creating Partition Tables
A partition table is a type of template that defines the way Satellite Server configures the disks available on a new host. A Partition table uses the same ERB syntax as provisioning templates. Red Hat Satellite contains a set of default partition tables to use, including a Kickstart default
. You can also edit partition table entries to configure the preferred partitioning scheme, or create a partition table entry and add it to the operating system entry.
To use the CLI instead of the Satellite web UI, see the CLI procedure.
Procedure
- In the Satellite web UI, navigate to Hosts > Partition Tables and click Create Partition Table.
- In the Name field, enter a name for the partition table.
- Select the Default checkbox if you want to set the template to automatically associate with new organizations or locations.
- Select the Snippet checkbox if you want to identify the template as a reusable snippet for other partition tables.
- From the Operating System Family list, select the distribution or family of the partitioning layout. For example, Red Hat Enterprise Linux, CentOS, and Fedora are in the Red Hat family.
In the Template editor field, enter the layout for the disk partition.
The format of the layout must match that for the intended operating system. For example, Red Hat Enterprise Linux requires a layout that matches a Kickstart file, such as:
zerombr clearpart --all --initlabel autopart
For more information, see Section 2.10, “Dynamic Partition Example”.
You can also use the file browser in the template editor to import the layout from a file.
- In the Audit Comment field, add a summary of changes to the partition layout.
- Click the Organizations and Locations tabs to add any other provisioning contexts that you want to associate with the partition table. Satellite adds the partition table to the current provisioning context.
- Click Submit to save your partition table.
CLI procedure
Create a plain text file, such as
~/My_Partition_Table
, that contains the partition layout.The format of the layout must match that for the intended operating system. For example, Red Hat Enterprise Linux requires a layout that matches a Kickstart file, such as:
zerombr clearpart --all --initlabel autopart
For more information, see Section 2.10, “Dynamic Partition Example”.
Create the installation medium using the
hammer partition-table create
command:# hammer partition-table create \ --file "~/My_Partition_Table" \ --locations "My_Location" \ --name "My Partition Table" \ --organizations "My_Organization" \ --os-family "My_OS_Family" \ --snippet false
2.10. Dynamic Partition Example
Using an Anaconda kickstart template, the following section instructs Anaconda to erase the whole disk, automatically partition, enlarge one partition to maximum size, and then proceed to the next sequence of events in the provisioning process:
zerombr clearpart --all --initlabel autopart <%= host_param('autopart_options') %>
Dynamic partitioning is executed by the installation program. Therefore, you can write your own rules to specify how you want to partition disks according to runtime information from the node, for example, disk sizes, number of drives, vendor, or manufacturer.
If you want to provision servers and use dynamic partitioning, add the following example as a template. When the #Dynamic
entry is included, the content of the template loads into a %pre
shell scriplet and creates a /tmp/diskpart.cfg
that is then included into the Kickstart partitioning section.
#Dynamic (do not remove this line) MEMORY=$((`grep MemTotal: /proc/meminfo | sed 's/^MemTotal: *//'|sed 's/ .*//'` / 1024)) if [ "$MEMORY" -lt 2048 ]; then SWAP_MEMORY=$(($MEMORY * 2)) elif [ "$MEMORY" -lt 8192 ]; then SWAP_MEMORY=$MEMORY elif [ "$MEMORY" -lt 65536 ]; then SWAP_MEMORY=$(($MEMORY / 2)) else SWAP_MEMORY=32768 fi cat <<EOF > /tmp/diskpart.cfg zerombr clearpart --all --initlabel part /boot --fstype ext4 --size 200 --asprimary part swap --size "$SWAP_MEMORY" part / --fstype ext4 --size 1024 --grow EOF
2.11. Provisioning Templates
A provisioning template defines the way Satellite Server installs an operating system on a host.
Red Hat Satellite includes many template examples. In the Satellite web UI, navigate to Hosts > Provisioning templates to view them. You can create a template or clone a template and edit the clone. For help with templates, navigate to Hosts > Provisioning templates > Create Template > Help.
Templates supported by Red Hat are indicated by a Red Hat icon.
To hide unsupported templates, in the Satellite web UI navigate to Administer > Settings. On the Provisioning tab, set the value of Show unsupported provisioning templates to false
and click Submit. You can also filter out the supported templates by making the following query "supported = true".
If you clone a supported template, the cloned template will be unsupported.
Templates accept the Embedded Ruby (ERB) syntax. For more information, see Template Writing Reference in Managing Hosts.
You can download provisioning templates. Before you can download the template, you must create a debug certificate. For more information, see Creating an Organization Debug Certificate in Administering Red Hat Satellite.
You can synchronize templates between Satellite Server and a Git repository or a local directory. For more information, see Synchronizing Templates Repositories in Managing Hosts.
To view the history of changes applied to a template, navigate to Hosts > Provisioning templates, select one of the templates, and click History. Click Revert to override the content with the previous version. You can also revert to an earlier change. Click Show Diff to see information about a specific change:
- The Template Diff tab displays changes in the body of a provisioning template.
- The Details tab displays changes in the template description.
- The History tab displays the user who made a change to the template and date of the change.
2.12. Kinds of Provisioning Templates
There are various kinds of provisioning templates:
- Provision
The main template for the provisioning process. For example, a Kickstart template. For more information about Kickstart syntax and commands, see the following resources:
- Automated installation workflow in Automatically installing RHEL 9
- Automated installation workflow in Automatically installing RHEL 8
- Kickstart Syntax Reference in the Red Hat Enterprise Linux 7 Installation Guide
- PXELinux, PXEGrub, PXEGrub2
- PXE-based templates that deploy to the template Capsule associated with a subnet to ensure that the host uses the installer with the correct kernel options. For BIOS provisioning, select PXELinux template. For UEFI provisioning, select PXEGrub2.
- Finish
Post-configuration scripts to execute using an SSH connection when the main provisioning process completes. You can use Finish templates only for image-based provisioning in virtual or cloud environments that do not support user_data. Do not confuse an image with a foreman discovery ISO, which is sometimes called a Foreman discovery image. An image in this context is an install image in a virtualized environment for easy deployment.
When a finish script successfully exits with the return code
0
, Red Hat Satellite treats the code as a success and the host exits the build mode.Note that there are a few finish scripts with a build mode that uses a call back HTTP call. These scripts are not used for image-based provisioning, but for post configuration of operating-system installations such as Debian, Ubuntu, and BSD. Red Hat does not support provisioning of operating systems other than Red Hat Enterprise Linux.
- user_data
Post-configuration scripts for providers that accept custom data, also known as seed data. You can use the user_data template to provision virtual machines in cloud or virtualised environments only. This template does not require Satellite to be able to reach the host; the cloud or virtualization platform is responsible for delivering the data to the image.
Ensure that the image that you want to provision has the software to read the data installed and set to start during boot. For example,
cloud-init
, which expects YAML input, orignition
, which expects JSON input.- cloud_init
Some environments, such as VMWare, either do not support custom data or have their own data format that limits what can be done during customization. In this case, you can configure a cloud-init client with the
foreman
plug-in, which attempts to download the template directly from Satellite over HTTP or HTTPS. This technique can be used in any environment, preferably virtualized.Ensure that you meet the following requirements to use the
cloud_init
template:- Ensure that the image that you want to provision has the software to read the data installed and set to start during boot.
A provisioned host is able to reach Satellite from the IP address that matches the host’s provisioning interface IP.
Note that cloud-init does not work behind NAT.
- Bootdisk
- Templates for PXE-less boot methods.
- Kernel Execution (kexec)
Kernel execution templates for PXE-less boot methods.
NoteKernel Execution is a Technology Preview feature. Technology Preview features are not fully supported under Red Hat Subscription Service Level Agreements (SLAs), may not be functionally complete, and are not intended for production use. However, these features provide early access to upcoming product innovations, enabling customers to test functionality and provide feedback during the development process.
- Script
- An arbitrary script not used by default but useful for custom tasks.
- ZTP
- Zero Touch Provisioning templates.
- POAP
- PowerOn Auto Provisioning templates.
- iPXE
-
Templates for
iPXE
orgPXE
environments to use instead of PXELinux.
2.13. Creating Provisioning Templates
A provisioning template defines the way Satellite Server installs an operating system on a host. Use this procedure to create a new provisioning template.
Procedure
- In the Satellite web UI, navigate to Hosts > Provisioning Templates and click Create Template.
- In the Name field, enter a name for the provisioning template.
- Fill in the rest of the fields as required. The Help tab provides information about the template syntax and details the available functions, variables, and methods that can be called on different types of objects within the template.
CLI procedure
-
Before you create a template with the CLI, create a plain text file that contains the template. This example uses the
~/my-template
file. Create the template using the
hammer template create
command and specify the type with the--type
option:# hammer template create \ --file ~/my-template \ --locations "My_Location" \ --name "My_Provisioning_Template" \ --organizations "My_Organization" \ --type provision
2.14. Cloning Provisioning Templates
A provisioning template defines the way Satellite Server installs an operating system on a host. Use this procedure to clone a template and add your updates to the clone.
Procedure
- In the Satellite web UI, navigate to Hosts > Provisioning Templates and search for the template that you want to use.
- Click Clone to duplicate the template.
- In the Name field, enter a name for the provisioning template.
- Select the Default checkbox to set the template to associate automatically with new organizations or locations.
- In the Template editor field, enter the body of the provisioning template. You can also use the Template file browser to upload a template file.
- In the Audit Comment field, enter a summary of changes to the provisioning template for auditing purposes.
- Click the Type tab and if your template is a snippet, select the Snippet checkbox. A snippet is not a standalone provisioning template, but a part of a provisioning template that can be inserted into other provisioning templates.
- From the Type list, select the type of the template. For example, Provisioning template.
- Click the Association tab and from the Applicable Operating Systems list, select the names of the operating systems that you want to associate with the provisioning template.
- Optionally, click Add combination and select a host group from the Host Group list or an environment from the Environment list to associate provisioning template with the host groups and environments.
- Click the Organizations and Locations tabs to add any additional contexts to the template.
- Click Submit to save your provisioning template.
2.15. Creating Custom Provisioning Snippets
Custom provisioning snippets allow you to execute custom code during host provisioning. You can run code before and/or after the provisioning process.
Prerequisite
- Depending on your provisioning template, multiple custom snippet hooks exist which you can use to include custom provisioning snippets. Ensure that you check your provisioning template first to verify which custom snippets you can use.
Procedure
- In the Satellite web UI, navigate to Hosts > Provisioning Templates and click Create Template.
In the Name field, enter a name for your custom provisioning snippet. The name has to start with the name of a provisioning template that supports including custom provisioning snippets:
- Append ` custom pre` to the name of a provisioning template to run code before provisioning a host.
- Append ` custom post` to the name of a provisioning template to run code after provisioning a host.
- On the Type tab, select Snippet.
- Click Submit to create your custom provisioning snippet.
CLI procedure
- Before you create a template with the CLI, create a plain text file that contains your custom snippet.
Create the template using
hammer
:# hammer template create \ --file "/path/to/My_Snippet" \ --locations "My_Location" \ --name "My_Template_Name_custom_pre" \ --organizations "_My_Organization" \ --type snippet
2.16. Custom Provisioning Snippet Example for Red Hat Enterprise Linux
You can use Custom Post
snippets to call external APIs from within the provisioning template directly after provisioning a host.
Kickstart default finish custom post
Example for Red Hat Enterprise Linux
echo "Calling API to report successful host deployment" yum install -y curl ca-certificates curl -X POST \ -H "Content-Type: application/json" \ -d '{"name": "<%= @host.name %>", "operating_system": "<%= @host.operatingsystem.name %>", "status": "provisioned",}' \ "https://api.example.com/"
2.17. Associating Templates with Operating Systems
You can associate templates with operating systems in Satellite. The following example adds a provisioning template to an operating system entry.
Procedure
- In the Satellite web UI, navigate to Hosts > Provisioning Templates.
- Select a provisioning template.
- On the Association tab, select all applicable operating systems.
- Click Submit to save your changes.
CLI procedure
Optional: View all templates:
# hammer template list
Optional: View all operating systems:
# hammer os list
Associate a template with an operating system:
# hammer template add-operatingsystem \ --id My_Template_ID \ --operatingsystem-id My_Operating_System_ID
2.18. Creating Compute Profiles
You can use compute profiles to predefine virtual machine hardware details such as CPUs, memory, and storage.
To use the CLI instead of the Satellite web UI, see the CLI procedure.
A default installation of Red Hat Satellite contains three predefined profiles:
-
1-Small
-
2-Medium
-
3-Large
You can apply compute profiles to all supported compute resources:
Procedure
- In the Satellite web UI, navigate to Infrastructure > Compute Profiles and click Create Compute Profile.
- In the Name field, enter a name for the profile.
- Click Submit. A new window opens with the name of the compute profile.
- In the new window, click the name of each compute resource and edit the attributes you want to set for this compute profile.
CLI procedure
Create a new compute profile:
# hammer compute-profile create --name "My_Compute_Profile"
Set attributes for the compute profile:
# hammer compute-profile values create \ --compute-attributes "flavor=m1.small,cpus=2,memory=4GB,cpu_mode=default \ --compute-resource "My_Compute_Resource" \ --compute-profile "My_Compute_Profile" \ --volume size=40GB
Optional: To update the attributes of a compute profile, specify the attributes you want to change. For example, to change the number of CPUs and memory size:
# hammer compute-profile values update \ --compute-resource "My_Compute_Resource" \ --compute-profile "My_Compute_Profile" \ --attributes "cpus=2,memory=4GB" \ --interface "type=network,bridge=br1,index=1" \ --volume "size=40GB"
Optional: To change the name of the compute profile, use the
--new-name
attribute:# hammer compute-profile update \ --name "My_Compute_Profile" \ --new-name "My_New_Compute_Profile"
Additional resources
-
For more information about creating compute profiles by using Hammer, enter
hammer compute-profile --help
.
2.19. Setting a Default Encrypted Root Password for Hosts
If you do not want to set a plain text default root password for the hosts that you provision, you can use a default encrypted password.
The default root password can be inherited by a host group and consequentially by hosts in that group.
If you change the password and reprovision the hosts in the group that inherits the password, the password will be overwritten on the hosts.
Procedure
Generate an encrypted password:
$ python3 -c 'import crypt,getpass;pw=getpass.getpass(); print(crypt.crypt(pw)) if (pw==getpass.getpass("Confirm: ")) else exit()'
- Copy the password for later use.
- In the Satellite web UI, navigate to Administer > Settings.
- On the Settings page, select the Provisioning tab.
- In the Name column, navigate to Root password, and click Click to edit.
- Paste the encrypted password, and click Save.
2.20. Using noVNC to Access Virtual Machines
You can use your browser to access the VNC console of VMs created by Satellite.
Satellite supports using noVNC on the following virtualization platforms:
- VMware
- Libvirt
- Red Hat Virtualization
Prerequisites
- You must have a virtual machine created by Satellite.
- For existing virtual machines, ensure that the Display type in the Compute Resource settings is VNC.
- You must import the Katello root CA certificate into your Satellite Server. Adding a security exception in the browser is not enough for using noVNC. For more information, see Installing the Katello Root CA Certificate in Administering Red Hat Satellite.
Procedure
On the VM host system, configure the firewall to allow VNC service on ports 5900 to 5930:
# firewall-cmd --add-port=5900-5930/tcp # firewall-cmd --add-port=5900-5930/tcp --permanent
- In the Satellite web UI, navigate to Infrastructure > Compute Resources and select the name of a compute resource.
- In the Virtual Machines tab, select the name of a VM host. Ensure the machine is powered on and then select Console.