Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Installing and Configuring Red Hat Discovery

Subscription Central 1-latest

Installing Red Hat Discovery

Red Hat Customer Content Services

Abstract

Chapter 1. About Red Hat Discovery
Copy link

Red Hat Discovery is designed to help users collect data about their usage of specific Red Hat software. By using Discovery, users can reduce the amount of time and effort that is required to calculate and report usage of those Red Hat products.

Learn more

To learn more about the purpose, benefits, and characteristics of Discovery, see the following information:

To learn more about the products and product versions that Discovery can find and inspect, see the following information:

To evaluate whether Discovery is a correct solution for you, see the following information:

1.1. What is Red Hat Discovery?
Copy link

Red Hat Discovery is an inspection and reporting tool. It is designed to find, identify, and report environment data, or facts, such as the number of physical and virtual systems on a network, their operating systems, and other configuration data. In addition, it is designed to find, identify, and report more detailed facts for some versions of key Red Hat packages and products for the IT resources in that network.

The ability to inspect the software and systems that are running on your network improves your ability to understand and report on your subscription usage. Ultimately, this inspection and reporting process is part of the larger system administration task of managing your inventories.

Red Hat Discovery requires the configuration of two basic structures to access IT resources and run the inspection process. A credential contains user access data, such as the username and password or SSH key of a user with sufficient authority to run the inspection process on a particular source or some of the assets on that source. A source contains data about a single asset or multiple assets that are to be inspected. These assets can be physical machines, virtual machines, or containers, identified as hostnames, IP addresses, IP ranges, or subnets. These assets can also be a systems management solution such as vCenter Server or Red Hat Satellite Server, or can be clusters deployed on Red Hat OpenShift Container Platform.

Note

Currently, the only virtualized deployment that discovery can scan with a specialized source for virtualization infrastructure is VMware vCenter. No other virtualization infrastructure that is supported by Red Hat can be scanned with a specialized scan. General scans of your network might still find these assets, without the precise metadata returned by a specialized scan.

You can save multiple credentials and sources to use with Discovery in various combinations as you run inspection processes, or scans. When you have completed a scan, you can access these facts in the output as a collection of formatted data, or report, to review the results.

By default, the credentials and sources that are created during the use of Red Hat Discovery are encrypted in a database. The values are encrypted with AES-256 encryption. They are decrypted when the Red Hat Discovery server runs a scan with the use of a vault password to access the encrypted values that are stored in the database.

Red Hat Discovery is an agentless inspection tool, so there is no need to install the tool on every source that is to be inspected. However, the system that Discovery is installed on must have access to the systems to be discovered and inspected.

1.2. What products does Red Hat Discovery find?
Copy link

Red Hat Discovery finds the following Red Hat products. For each version or release, the earliest version is listed, with later releases indicated as applicable.

If a product has changed names recently so that you might be more familiar with the current name for that product, that name is provided as additional information. No later version is implied by the inclusion of a newer product name unless specific versions of that product are also listed.

Red Hat Enterprise Linux

  • Red Hat Enterprise Linux version 5 and later
  • Red Hat Enterprise Linux version 6 and later
  • Red Hat Enterprise Linux version 7 and later
  • Red Hat Enterprise Linux version 8 and later
  • Red Hat Enterprise Linux version 9 and later
  • Red Hat Enterprise Linux version 10 and later

Red Hat Application Services products (formerly Red Hat Middleware)

  • JBoss Enterprise Web Server version 1 and later; Red Hat JBoss Web Server 3.0.1 and later
  • Red Hat JBoss Enterprise Application Platform version 4.2 and later, version 4.3 and later, version 5 and later, version 6 and later, version 7 and later
  • Red Hat Fuse version 6.0 and later

Red Hat Ansible Automation Platform

  • Ansible Automation Platform version 2 and later

Red Hat OpenShift Container Platform

  • Red Hat OpenShift Container Platform version 4 and later

Red Hat Advanced Cluster Security for Kubernetes

  • Red Hat Advanced Cluster Security for Kubernetes version 4 and later

Red Hat Advanced Cluster Management for Kubernetes

  • Red Hat Advanced Cluster Management for Kubernetes version 2 and later

1.3. Is Red Hat Discovery right for me?
Copy link

Red Hat Discovery is intended to help you find and understand your Red Hat product inventory, including unknown product usage across complex networks. The reports generated by Discovery are best understood through your partnership with a Red Hat Solution Architect (SA) or Technical Account Manager (TAM) or through the analysis and assistance supplied by the Subscription Education and Awareness Program (SEAP).

Although you can install and use Discovery independently and then generate and view report data, the Discovery documentation does not provide any information to help you interpret report results. In addition, although Red Hat Support can provide some basic assistance related to installation and usage of Discovery, the support team does not provide any assistance to help you understand the reports.

The Discovery tool does not automatically share data directly with Red Hat. Instead, you choose whether to prepare and send report data to Red Hat for ingestion by Red Hat tools and services. You can use the Discovery tool locally to scan your network for the Red Hat products that Discovery currently supports and then use the generated reports for your own internal purposes.

Discovery is a containerized solution that can be deployed on any RHEL or OpenShift Container Platform platform. The following documentation assumes Discovery is installed on a dedicated RHEL system. Adoption of this implementation will minimize impact on production servers, avoid complications of UI-to-server port mapping, and adhere to the officially documented and supported path for installation. You must install Discovery on a dedicated system that does not run any other workloads. No warranty or support is offered for installation on a nondedicated system.

Procedure

  • Install the following requirements for hardware, software, and the environment in which you are going to install and use Discovery.

2.1. Hardware prerequisites
Copy link

The system on which you are going to install Red Hat Discovery must meet or exceed the following hardware requirements:

  • CPU: 2 core minimum, with a recommended 4 cores
  • RAM: 2 GB minimum, with a recommended 4 GB
  • Disk Storage: 30 GB
Note

Red Hat Discovery uses rootless Podman, which, by default, stores containers in the following filepath: ${HOME}/.local/share/containers. Ensure that the partition that contains this directory has at least 30 GB of storage. If Podman is configured to use a non-standard directory for container storage, ensure that the configured directory has 30 GB of storage.

2.2. Software prerequisites
Copy link

The system on which you are going to install Red Hat Discovery must meet the following software requirements:

  • Operating system: The latest version of Red Hat Enterprise Linux 8 or Red Hat Enterprise Linux 9, installed as a clean install and specifically not upgraded from RHEL 7. You must also have cgroups v2 enabled.
  • File system: Must run with d_type (Podman requirement)

The Discovery documentation assumes that the most recent version of the Red Hat Discovery installer and tool is installed on your system. No warranty or support is offered by Red Hat if the version of Discovery used is obsolete. The latest version of Red Hat Discovery can be verified by using the Red Hat Ecosystem Catalog.

In addition to these software requirements, Discovery has dependencies on other software that is required to install and run Discovery, primarily the Podman container tool. The Podman package is included with Red Hat Enterprise Linux 8 and later, so you are not required to obtain the Podman package separately. You will need sudo privileges to install Podman. You will need Podman version 4.9.4 or later to successfully install Discovery.

Related Information

  • For more information about the definition of Red Hat Enterprise Linux clean installs, see the key migration terminology section in the Upgrading from RHEL 8 to RHEL 9 guide.

2.3. Other environment prerequisites
Copy link

The environment in which you are going to install and use Red Hat Discovery must meet the following requirements. Some of these requirements affect the systems on which you are going to install and run Red Hat Discovery. Others affect the systems in your IT infrastructure that you are going to scan with Discovery.

In your network:

  • If you want to use Discovery to scan a network that contains multiple air-gapped environments, you must install a Discovery server for each of those air-gapped environments.

On the system where Red Hat Discovery is installed and running:

  • The system should be a system that is dedicated to Discovery work only and should not be used for either development or production work.

  • The system must have an internet connection to register to Red Hat subscription management tools and access Red Hat content.

    • For a disconnected installation, the connected system on which you are downloading the containers must meet this requirement.

  • The system must have access to the Red Hat Ecosystem Catalog with your Red Hat Customer Portal credentials.

    • For a disconnected installation, the connected system on which you are downloading the containers must meet this requirement.

      Note

      If you cannot use the Red Hat Ecosystem Catalog to download Red Hat content, join the Red Hat Developer program to create a Red Hat Customer Portal account, obtain a Red Hat Developer subscription, and gain access to Red Hat content. For more information, see the Red Hat Developer website.

  • The Discovery server must have access, through the SSH protocol, to the IT infrastructure assets that are to be scanned.

On the systems in your network where Discovery runs scans:

  • Any network sources that are targeted for scanning must be running the SSH protocol.
  • A user account that is used as a credential for a scan requires the bash shell. The shell cannot be the /sbin/nologin shell or the /bin/false shell.
  • A user account that is used as a credential for a network scan must have adequate permissions to run commands and read certain files on those systems. For example, some commands that run during a scan require privilege elevation to gather the complete set of facts for the scan. The Using Red Hat Discovery guide has additional information about the creation of credentials for network scans and the privileges that must be associated with those credentials to enable a more complete scan of network assets.
  • The user account that runs the podman commands to install and run Discovery must not be the root user, and it must not invoke these commands by using sudo or su to grant elevated user privileges. These actions are not supported.
  • Discovery network scans will use program paths as defined in the target system’s PATH variable.

Additional resources

  • For more information about the creation of credentials for network scans and their association with elevated privileges, see the topic about adding network sources and credentials in the Installing and Configuring Red Hat Discovery guide.

You use the connected installation process when you want to run Red Hat Discovery from a system that has internet access, also commonly referred to as a connected or online environment. During the Discovery connected installation process, you complete all steps from the system that you intend to use as the Red Hat Discovery server. You will enter commands to obtain, install, configure the environment for, and start the Discovery containers from the container images on the Red Hat Ecosystem Catalog website.

The connected installation process uses Podman to perform the container installation tasks for the Discovery server. You will need sudo permissions to install Podman on your system. However, you must not run the Discovery application using sudo or as the root user.

Prerequisites

  • Before you begin, ensure that all hardware, software, and environment prerequisites are installed and configured. For more information about the prerequisites, see Installing prerequisites for Discovery.

During the connected installation of the Discovery database and server container images, you obtain the Discovery containers from the container images on the Red Hat Ecosystem Catalog website, configure the containers and configure Discovery, and start the containers.

Prerequisites

  • The system on which you are downloading the Discovery container images must be connected to the internet.
  • That system must be able to connect to the Red Hat Ecosystem Catalog.

Procedure

To get the Discovery installer package, use the following steps:

  1. Run the following commands to get the Discovery installer. 

    sudo subscription-manager repos --enable <repository>
sudo dnf install -y discovery-installer
    Copy to Clipboard Toggle word wrap
    Note

    In the preceding command, replace <repository> with the following values:

    • For Red Hat Enterprise Linux 8, replace <repository> with discovery-2-for-rhel-8-x86_64-rpms
    • For Red Hat Enterprise Linux 9, replace <repository> with discovery-2-for-rhel-9-x86_64-rpms

  2. Run the following commands to log in to Podman and to run the Discovery installer. 

    podman login registry.redhat.io
discovery-installer install
    Copy to Clipboard Toggle word wrap
    Note

    In the previous procedure, when you run the discovery-installer install command for the first time, you will be prompted to enter a server password.

  3. Start the Discovery application. 

    systemctl --user start discovery-app
    Copy to Clipboard Toggle word wrap
    Note

    The first time you start Discovery, the initial startup procedure for the application might take a long time to complete. To obtain more verbose data during the initial startup of the Discovery application, use the following commands: 

    systemctl --user status discovery-app
podman ps -a
    Copy to Clipboard Toggle word wrap 
    journalctl -t discovery-app
journalctl -t discovery-server
    Copy to Clipboard Toggle word wrap 
    podman logs --since 1m -f discovery-server
    Copy to Clipboard Toggle word wrap

3.2. Changing the Discovery password
Copy link

You can change the Discovery server password, and it is possible that security standards at your organization might require that you change it. At a minimum, you should change the password value to align with common security best practices.

The Discovery administrator password must meet the following requirements:

  • at least ten characters
  • cannot be a word found in the dictionary
  • cannot be the previously provided Discovery default password
  • cannot be numeric only

To reset the administrator password, run the following command and follow the prompts to enter the new password: 

discovery-installer create-server-password
Copy to Clipboard Toggle word wrap

Follow the prompts to change and verify the password. If Discovery is running when you change the password, you must restart Discovery for the new password to take effect.

To restart Discovery, run the following command: 

systemctl --user restart discovery-app
Copy to Clipboard Toggle word wrap
Important

Red Hat does not provide support for lost passwords for Discovery, and Discovery does not offer a method to recover passwords; however, you can use this procedure to change your password.

3.3. Setting other post-installation preferences
Copy link

The following steps are optional, but can improve the efficiency and usability of your Discovery application.

  • To remain logged in to Discovery, use the following command: 

    loginctl enable-linger $USER
    Copy to Clipboard Toggle word wrap
  • If you want to access Discovery on another computer in the same network, you must allow traffic on TCP port 9443 through any firewall to or on the system that is running the Discovery server.

The disconnected installation process is required when you want to run Red Hat Discovery from a system that does not have internet access, also commonly referred to as a disconnected, offline, or air-gapped environment. During the Red Hat Discovery disconnected installation process, you must complete some steps on a connected system, one that has internet connectivity. These steps include obtaining the container images from the Red Hat Ecosystem Catalog website and then transferring the images to the disconnected system that you intend to use as the Discovery server. You also complete steps on the disconnected system to install, configure the environment for, and start the Discovery containers.

The disconnected installation process uses Podman to install the containers for the Discovery server. You will need sudo permissions to install Podman on your system. However, you must not run the Discovery server using sudo or as the root user.

Prerequisites

Procedure

To install Red Hat Discovery with the disconnected installation process, you do the following tasks:

  • From the connected system, run a series of commands:

    • Access and download the container images.

  • From the disconnected system, run a series of commands:

    • Transfer the container images to the disconnected system.
    • Install, configure, and start the Red Hat Discovery server containers.

During the disconnected installation of the Discovery server, you begin with a connected system to install the Podman container management tool and obtain the Discovery container images on the Red Hat Ecosystem Catalog website. You then transfer those container images to the disconnected system where you want to run Discovery, install Podman on the disconnected system, configure Discovery, and start the Discovery application.

Prerequisites

  • The connected system on which you are downloading the Discovery container images must be connected to the internet.
  • The connected system must be able to connect to the Red Hat Ecosystem Catalog.
  • The disconnected system that you are using must be able to install Red Hat standard packages through dnf.

Procedure

To install the Discovery server with the disconnected installation process, use the following steps:

On the connected system

  1. Log in to the Red Hat Ecosystem Catalog (the registry.redhat.io website). When prompted, supply your Red Hat Customer Portal account credentials. 

    podman login registry.redhat.io
    Copy to Clipboard Toggle word wrap

  2. Pull the Discovery container images and save them into as a .tar.gz file. 

    podman pull registry.redhat.io/discovery/discovery-ui-rhel9:2.3 registry.redhat.io/discovery/discovery-server-rhel9:2.3 registry.redhat.io/rhel9/postgresql-15:latest registry.redhat.io/rhel9/redis-7:latest
podman save --multi-image-archive registry.redhat.io/discovery/discovery-ui-rhel9:2.3 registry.redhat.io/discovery/discovery-server-rhel9:2.3 registry.redhat.io/rhel9/postgresql-15:latest registry.redhat.io/rhel9/redis-7:latest | gzip > discovery-images.tar.gz
    Copy to Clipboard Toggle word wrap

On the disconnected system

  1. Use the transfer method of your choice to transfer discovery-images.tar.gz to the disconnected system where you are going to install Discovery:

  2. Load the container images into local storage for Podman. 

    podman load -i discovery-images.tar.gz
    Copy to Clipboard Toggle word wrap

  3. Run the following commands to get the Discovery installer. 

    sudo subscription-manager repos --enable <repository>
sudo dnf install -y discovery-installer
    Copy to Clipboard Toggle word wrap
    Note

    In the preceding command, replace <repository> with the following values:

    • For Red Hat Enterprise Linux 8, replace <repository> with discovery-2-for-rhel-8-x86_64-rpms
    • For Red Hat Enterprise Linux 9, replace <repository> with discovery-2-for-rhel-9-x86_64-rpms

  4. Run the following command to run the Discovery installer. 

    discovery-installer install
    Copy to Clipboard Toggle word wrap
    Note

    When you run the discovery-installer install command for the first time, it will prompt you to enter a server password. This is the password you will use to log in to Discovery.

  5. Start the Discovery application. 

    systemctl --user start discovery-app
    Copy to Clipboard Toggle word wrap
    Note

    The first time that Discovery runs may take a long time to complete. To get a better idea about the status of the product, the following commands can be run to provide more verbose data during the initial run of Discovery. 

    systemctl --user status discovery-app
podman ps -a
    Copy to Clipboard Toggle word wrap 
    journalctl -t discovery-app
journalctl -t discovery-server
    Copy to Clipboard Toggle word wrap 
    podman logs --since 1m -f discovery-server
    Copy to Clipboard Toggle word wrap

4.2. Changing the Discovery password
Copy link

You can change the Discovery server password, and it is possible that security standards at your organization might require that you change it. At a minimum, you should change the password value to align with common security best practices.

The server administrator password must be:

  • at least ten characters
  • cannot be a word found in the dictionary
  • cannot be the previously provided Discovery default password
  • cannot be numeric only

To reset the administrator password, run the following command and follow the prompts to enter the new password: 

discovery-installer create-server-password
Copy to Clipboard Toggle word wrap

Follow the prompts to change and verify the password. If Discovery is running when the password is changed, Discovery must be restarted for the changes to take effect.

To restart Discovery, run the following command: 

systemctl --user restart discovery-app
Copy to Clipboard Toggle word wrap
Important

Red Hat does not provide support for lost passwords for Discovery, and Discovery does not offer a method to recover passwords; however, you can reset your password.

4.3. Setting other post-installation preferences
Copy link

The following steps are optional, but can improve the efficiency and usability of your Discovery application.

  • To remain logged in to Discovery, use the following command: 

    loginctl enable-linger $USER
    Copy to Clipboard Toggle word wrap
  • If you want to access Discovery on another computer in the same network, you must allow traffic on TCP port 9443 through any firewall to or on the system that is running the Discovery server.

Providing feedback on Red Hat documentation
Copy link

We appreciate your feedback on our documentation. To provide feedback, open a Jira issue that describes your concerns. Provide as much detail as possible so that your request can be addressed quickly.

Prerequisites

  • You have a Red Hat Customer Portal account. This account enables you to log in to the Red Hat Jira Software instance. If you do not have an account, you will be prompted to create one.

Procedure

To provide your feedback, perform the following steps:

  1. Click the following link: Create Issue.
  2. In the Summary text box, enter a brief description of the issue.
  3. In the Description text box, provide more details about the issue. Include the URL where you found the issue.
  4. Provide information for any other required fields. Allow all fields that contain default information to remain at the defaults.
  5. Click Create to create the Jira issue for the documentation team.

A documentation issue will be created and routed to the appropriate documentation team. Thank you for taking the time to provide feedback.

Legal Notice
Copy link

Copyright © 2025 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat