Chapter 15. Provisioning Cloud Instances on Google Compute Engine
Red Hat Satellite can interact with Google Compute Engine (GCE), including creating new virtual machines and controlling their power management states. Only image-based provisioning is supported for creating GCE hosts.
Prerequisites
- Synchronized content repositories for Red Hat Enterprise Linux. For more information, see Synchronizing Red Hat Repositories in the Content Management Guide.
- An activation key for host registration. For more information, see Creating An Activation Key in the Content Management guide.
- In your GCE project, configure a service account with the necessary IAM Compute role. For more information, see Compute Engine IAM roles in the GCE documentation.
-
In your GCE project-wise metadata, set the
enable-oslogin
toFALSE
. For more information, see Enabling or disabling OS Login in the GCE documentation. -
Optional: If you want to use Puppet with GCE hosts, navigate to Administer > Settings > Puppet and enable the
Use UUID for certificates
setting to configure Puppet to use consistent Puppet certificate IDs. -
Based on your needs, associate a
finish
oruser_data
provisioning template with the operating system you want to use. For more information about provisioning templates, see Section 2.11, “Provisioning Templates”.
Procedure Overview
15.1. Adding a Google Compute Engine Connection to Satellite Server
Use this procedure to add Google Compute Engine (GCE) as a compute resource in Satellite.
Procedure
-
In GCE, generate a service account key in JSON format and upload this file to the
/usr/share/foreman/
directory on Satellite Server. On Satellite Server, change the owner for the service account key to the
foreman
user:# chown foreman /usr/share/foreman/gce_key.json
Configure permissions for the service account key to ensure that the file is readable:
# chmod 0600 /usr/share/foreman/gce_key.json
Restore SELinux context for the service account key:
# restorecon -vv /usr/share/foreman/gce_key.json
- In the Satellite web UI, navigate to Infrastructure > Compute Resources and click Create Compute Resource.
- In the Name field, enter a name for the compute resource.
- From the Provider list, select Google.
- Optional: In the Description field, enter a description for the resource.
- In the Google Project ID field, enter the project ID.
- In the Client Email field, enter the client email.
-
In the Certificate Path field, enter the path to the service account key. For example,
/usr/share/foreman/gce_key.json
. - Click Load Zones to populate the list of zones from your GCE environment.
- From the Zone list, select the GCE zone to use.
- Click Submit.
For CLI Users
-
In GCE, generate a service account key in JSON format and upload this file to the
/usr/share/foreman/
directory on Satellite Server. On Satellite Server, change the owner for the service account key to the
foreman
user:# chown foreman /usr/share/foreman/gce_key.json
Configure permissions for the service account key to ensure that the file is readable:
# chmod 0600 /usr/share/foreman/gce_key.json
Restore SELinux context for the service account key:
# restorecon -vv /usr/share/foreman/gce_key.json
Use the
hammer compute-resource create
command to add a GCE compute resource to Satellite:# hammer compute-resource create --name 'gce_cr' \ --provider 'gce' \ --project 'gce_project_id' \ --key-path 'gce_key.json' \ --zone 'us-west1-b' \ --email 'gce_email'
15.2. Adding Google Compute Engine Images to Satellite Server
To create hosts using image-based provisioning, you must add information about the image, such as access details and the image location, to your Satellite Server.
Procedure
- In the Satellite web UI, navigate to Infrastructure > Compute Resources and click the name of the Google Compute Engine connection.
- Click Create Image.
- In the Name field, enter a name for the image.
- From the Operating System list, select the image’s base operating system.
- From the Architecture list, select the operating system architecture.
-
In the Username field, enter the SSH user name for image access. Specify a user other than
root
, because theroot
user cannot connect to a GCE instance using SSH keys. The username must begin with a letter and consist of lowercase letters and numbers. - From the Image list, select an image from the Google Compute Engine compute resource.
-
Optional: Select the User Data check box if the image supports user data input, such as
cloud-init
data. - Click Submit to save the image details.
For CLI Users
Create the image with the
hammer compute-resource image create
command. With the--username
option, specify a user other thanroot
, because theroot
user cannot connect to a GCE instance using SSH keys. The username must begin with a letter and consist of lowercase letters and numbers.# hammer compute-resource image create \ --name 'gce_image_name' \ --compute-resource 'gce_cr' \ --operatingsystem-id 1 \ --architecture-id 1 \ --uuid '3780108136525169178' \ --username 'admin'
15.3. Adding Google Compute Engine Details to a Compute Profile
Use this procedure to add GCE hardware settings to a compute profile. When you create a host on GCE using this compute profile, these settings are automatically populated.
Procedure
- In the Satellite web UI, navigate to Infrastructure > Compute Profiles.
- In the Compute Profiles window, click the name of an existing compute profile, or click Create Compute Profile, enter a Name, and click Submit.
- Click the name of the GCE compute resource.
- From the Machine Type list, select the machine type to use for provisioning.
- From the Image list, select the image to use for provisioning.
- From the Network list, select the GCE network to use for provisioning.
- Optional: Select the Associate Ephemeral External IP check box to assign a dynamic ephemeral IP address that Satellite uses to communicate with the host. This public IP address changes when you reboot the host. If you need a permanent IP address, reserve a static public IP address on GCE and attach it to the host.
- In the Size (GB) field, enter the size of the storage to create on the host.
- Click Submit to save the compute profile.
For CLI Users
Create a compute profile to use with the GCE compute resource:
# hammer compute-profile create --name gce_profile
Add GCE details to the compute profile.
# hammer compute-profile values create --compute-profile gce_profile \ --compute-resource 'gce_cr' \ --volume "size_gb=20" \ --compute-attributes "machine_type=f1-micro,associate_external_ip=true,network=default"
15.4. Creating Image-based Hosts on Google Compute Engine
In Satellite, you can use Google Compute Engine provisioning to create hosts from an existing image. The new host entry triggers the Google Compute Engine server to create the instance using the pre-existing image as a basis for the new volume.
Procedure
- In the Satellite web UI, navigate to Hosts > Create Host.
- In the Name field, enter a name for the host.
- Click the Organization and Location tabs to ensure that the provisioning context is automatically set to the current context.
- From the Host Group list, select the host group that you want to use to populate the form.
- From the Deploy on list, select the Google Compute Engine connection.
- From the Compute Profile list, select a profile to use to automatically populate virtual machine settings.
- From the Lifecycle Environment list, select the environment.
- Click the Interfaces tab and click Edit on the host’s interface.
Verify that the fields are automatically populated, particularly the following items:
- The Name from the Host tab becomes the DNS name.
- The MAC address field is blank. Google Compute Engine assigns a MAC address to the host during provisioning.
- Satellite Server automatically assigns an IP address for the new host.
- The Domain field is populated with the required domain.
- The Managed, Primary, and Provision options are automatically selected for the first interface on the host. If not, select them.
- Click the Operating System tab, and confirm that all fields automatically contain values.
- Click Resolve in Provisioning templates to check the new host can identify the right provisioning templates to use.
- Click the Virtual Machine tab and confirm that these settings are populated with details from the host group and compute profile. Modify these settings to suit your needs.
- Click the Parameters tab, and ensure that a parameter exists that provides an activation key. If not, add an activation key.
- Click Submit to save the host entry.
For CLI Users
Create the host with the
hammer host create
command and include--provision-method image
. Replace the values in the following example with the appropriate values for your environment.# hammer host create \ --name "GCE_VM" \ --organization "Your_Organization" \ --location "Your_Location" \ --compute-resource gce_cr_name --compute-profile "gce_profile_name" \ --provision-method 'image' \ --image gce_image_name \ --root-password "your_root_password" \ --interface "type=interface,domain_id=1,managed=true,primary=true,provision=true" \ --puppet-environment-id 1 \ --puppet-ca-proxy-id 1 \ --puppet-proxy-id 1 \ --architecture x86_64 \ --operatingsystem "operating_system_name"
For more information about additional host creation parameters for this compute resource, enter the hammer host create --help
command.