Red Hat Summit Red Hat SummitSupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 2. Preparing your environment for installation

Review the following prerequisites before you install Capsule Server.

2.1. Operating system requirements
Copier lien

The following operating system is supported for deploying Satellite:

  • Red Hat Enterprise Linux 9 (x86_64)

You can install the operating system from a disc, local ISO image, Kickstart, or any other method that Red Hat supports.

Red Hat Capsule Server is supported on the latest version of Red Hat Enterprise Linux 9 available at the time of installation. Previous versions of Red Hat Enterprise Linux including EUS or z-stream are not supported.

Red Hat Capsule Server requires a Red Hat Enterprise Linux installation with the @Base package group with no other package-set modifications, and without third-party configurations or software not directly necessary for the direct operation of the server. This restriction includes hardening and other non-Red Hat security software. If you require such software in your infrastructure, install and verify a complete working Capsule Server first, then create a backup of the system before adding any non-Red Hat software.

Do not register Capsule Server to the Red Hat Content Delivery Network (CDN).

2.2. System requirements
Copier lien

Capsule Server is fully supported on both physical systems and virtual machines that run on hypervisors that are supported to run Red Hat Enterprise Linux. For more information about certified hypervisors, see Certified Guest Operating Systems in Red Hat OpenStack Platform, Red Hat Virtualization, Red Hat OpenShift Virtualization and Red Hat Enterprise Linux with KVM.

Follow these system requirements when installing Capsule Server:

  • Install Capsule Server on a freshly provisioned system that serves no other function except to run Capsule Server. Do not use an existing system because the Satellite installer will affect the configuration of several components.
  • Ensure you have administrative user (root) access to the system.

  • Ensure the system meets the following requirements:

    • 4 CPU cores
    • 12 GB or higher
    • 4 GB RAM of swap space or higher
    • A unique host name, which can contain lower-case letters, numbers, dots (.) and hyphens (-)
  • If you use custom certificates, ensure that the Common Name (CN) of the custom certificate is a fully qualified domain name (FQDN). Satellite Server and Capsule Server do not support shortnames in the hostnames.
  • Ensure SELinux is enabled, either in enforcing or permissive mode. Installation with disabled SELinux is not supported. For more information, see Security considerations in Overview, concepts, and deployment considerations.
  • Ensure the system clock on the system is synchronized across the network. If the system clock is not synchronized, SSL certificate verification might fail. For example, you can use the Chrony suite for timekeeping. For more information, see Configuring time synchronization in Red Hat Enterprise Linux 9 Configuring basic system settings
  • Ensure the system uses the UTF-8 encoding. If your territory is USA and your language is English, set en_US.utf-8 as the system-wide locale settings. For more information about configuring system locale in Red Hat Enterprise Linux, see Configuring the system locale in Red Hat Enterprise Linux 9 Configuring basic system settings.

  • If you use an external identity provider in your deployment, ensure the provider did not create the following user accounts on the system. These user accounts can cause conflicts with the local users that Capsule Server creates:

    • apache
    • foreman-proxy
    • postgres
    • pulp
    • puppet
    • redis
Warning

The version of Capsule must match the version of Satellite installed. For example, the Capsule version 6.18 cannot be registered with the Satellite version 6.17.

For more information on scaling your Capsule Servers, see Capsule Server scalability considerations.

2.3. Storage requirements
Copier lien

The following table details storage requirements for specific directories. These values are based on expected use case scenarios and can vary according to individual environments.

The runtime size was measured with Red Hat Enterprise Linux 7, 8, and 9 repositories synchronized.

Expand
Table 2.1. Storage requirements for Capsule Server installation
DirectoryInstallation SizeRuntime Size

/var/lib/pulp

1 MB

300 GB

/var/lib/pgsql

100 MB

20 GB

/usr

3 GB

Not Applicable

/opt/puppetlabs

500 MB

Not Applicable

The size of the PostgreSQL database on your Capsule Server can grow significantly with an increasing number of lifecycle environments, content views, or repositories that are synchronized from your Satellite Server. In the largest Satellite environments, the size of /var/lib/pgsql on Capsule Server can grow to double or triple the size of /var/lib/pgsql on your Satellite Server.

2.4. Best practices for optimizing storage
Copier lien

Consider the following storage guidelines for increased storage efficiency:

  • The exact amount of storage you require for log messages depends on your installation and setup. You can manage the size of the log files by using logrotate.
  • Consider mounting /var on LVM storage. This can help the system to scale because most Capsule Server data is stored in the /var directory.
  • Use high-bandwidth, low-latency storage for the /var/lib/pulp/ and /var/lib/pgsql directories. Using high latency, low-bandwidth storage causes performance degradation because Red Hat Satellite has many operations that are I/O intensive.
  • Use a file system with low input-output latency. Do not use the GFS2 file system because the input-output latency is too high.

Additional resources

2.5. Opening required ports
Copier lien

By opening the required ports, you ensure that the components of Satellite architecture can communicate. You must also ensure that the required network ports are open on any network-based firewalls.

Note

Some cloud solutions must be specifically configured to allow communications between machines because they isolate machines similarly to network-based firewalls. If you use an application-based firewall, ensure that the application-based firewall permits all applications that are listed in the tables and known to your firewall. If possible, disable the application checking and allow open port communication based on the protocol.

Procedure

  1. If you need to prevent the DHCP Capsule from pinging hosts to check for available IP addresses, disable DHCP IP address pinging: 

    # satellite-installer --foreman-proxy-dhcp-ping-free-ip false
    Copy to Clipboard Toggle word wrap

    By default, a DHCP Capsule performs ICMP ping and TCP echo connection attempts to hosts in subnets with DHCP IPAM set to find out if an IP address considered for use is free.

  2. Open the ports for clients on Capsule Server: 

    # firewall-cmd \
--add-port="8000/tcp" \
--add-port="9090/tcp"
    Copy to Clipboard Toggle word wrap

  3. Allow access to services on Capsule Server: 

    # firewall-cmd \
--add-service=dns \
--add-service=dhcp \
--add-service=tftp \
--add-service=http \
--add-service=https \
--add-service=puppetmaster
    Copy to Clipboard Toggle word wrap

  4. Make the changes persistent: 

    # firewall-cmd --runtime-to-permanent
    Copy to Clipboard Toggle word wrap

Verification

  • View all firewall zones and allowed services: 

    # firewall-cmd --list-all
    Copy to Clipboard Toggle word wrap

Additional resources

Retour au début
Red Hat logoGithubredditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance. Découvrez nos récentes mises à jour.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez le Blog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

Theme

© 2025 Red Hat