Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Remote Host Configuration and Management
Using the remote host configuration and management features for Red Hat Insights
Abstract
Chapter 1. Introducing remote host configuration and management
Remote host configuration is a powerful tool that enables the following capabilities:
- Easy registration. With the rhc client, you can register systems to Red Hat Subscription Management (RHSM) and Red Hat Insights for Red Hat Enterprise Linux.
- Configuration management. Using the remote host configuration manager, you can configure the connection with Insights for Red Hat Enterprise Linux for all of the Red Hat Enterprise Linux (RHEL) systems in your infrastructure. You can enable or disable the rhc client, direct remediations, and other application settings from Insights for Red Hat Enterprise Linux.
- Remediations from Insights for Red Hat Enterprise Linux. When systems are connected to Insights for Red Hat Enterprise Linux with the rhc client, you can manage the end-to-end experience of finding and fixing issues. Registered systems can directly consume playbooks that were automatically generated from remediation plans and executed from within the Insights for Red Hat Enterprise Linux application.
Supported configurations
- This guide is intended for systems directly connecting to Red Hat services. For information on registering a system to Red Hat Satellite or Capsule, see the following: Red Hat Satellite 6.17
- The rhc client is supported on systems registered to Insights for Red Hat Enterprise Linux and running Red Hat Enterprise Linux (RHEL) 8.5 and later, and RHEL 9.0 and later.
- Single-command registration is supported by RHEL 8.6 and later, and RHEL 9.0 and later.
1.1. Remote host configuration components
The complete remote host configuration solution includes two main components: a client-side daemon and a server-side service to facilitate system management.
The remote configuration client. The rhc client comes preinstalled with all Red Hat Enterprise Linux (RHEL) 8.5 and later installations, with the exception of minimal installation. The rhc client consists of the following utility programs:
-
The
rhcddaemon runs on the system and listens for messages from the Red Hat Hybrid Cloud Console. Providing systems are properly configured, therhcddaemon can receive and execute playbooks that were generated by Red Hat Insights remediation plans. -
The
rhccommand-line utility for RHEL.
-
The
- The remote host configuration manager. With the remote host configuration manager user interface, you can enable or disable Insights for Red Hat Enterprise Linux connectivity and features.
To maximize the value of remote host configuration, you must install additional packages. To allow systems to be managed by remote host configuration manager and to support the execution of playbooks that were generated by Red Hat Insights remediation plans, install the following additional packages:
-
ansibleoransible-core -
rhc-worker-playbook
Starting with RHEL 8.6 and RHEL 9.0, the ansible-core and rhc-worker-playbook packages should automatically be installed in the background to make your system fully manageable from the remote host configuration manager user interface. However, a known bug prevents the process from completing as expected. Because of that known bug, you must ensure that the packages get installed manually after registration.
1.2. User Access settings in the Red Hat Hybrid Cloud Console
User Access is the Red Hat implementation of role-based access control (RBAC). Your Organization Administrator uses User Access to configure what users can see and do on the Red Hat Hybrid Cloud Console (the console):
- Control user access by organizing roles instead of assigning permissions individually to users.
- Create groups that include roles and their corresponding permissions.
- Assign users to these groups, allowing them to inherit the permissions associated with their group’s roles.
1.2.1. Predefined User Access groups and roles
To make groups and roles easier to manage, Red Hat provides two predefined groups and a set of predefined roles.
1.2.1.1. Predefined groups
The Default access group contains all users in your organization. Many predefined roles are assigned to this group. It is automatically updated by Red Hat.
If the Organization Administrator makes changes to the Default access group its name changes to Custom default access group and it is no longer updated by Red Hat.
The Default admin access group contains only users who have Organization Administrator permissions. This group is automatically maintained and users and roles in this group cannot be changed.
On the Hybrid Cloud Console navigate to Red Hat Hybrid Cloud Console > the Settings icon (⚙) > Identity & Access Management > User Access > Groups to see the current groups in your account. This view is limited to the Organization Administrator.
1.2.1.2. Predefined roles assigned to groups
The Default access group contains many of the predefined roles. Because all users in your organization are members of the Default access group, they inherit all permissions assigned to that group.
The Default admin access group includes many (but not all) predefined roles that provide update and delete permissions. The roles in this group usually include administrator in their name.
On the Hybrid Cloud Console navigate to Red Hat Hybrid Cloud Console > the Settings icon (⚙) > Identity & Access Management > User Access > Roles to see the current roles in your account. You can see how many groups each role is assigned to. This view is limited to the Organization Administrator.
1.2.2. Access permissions
The Prerequisites for each procedure list which predefined role provides the permissions you must have. As a user, you can navigate to Red Hat Hybrid Cloud Console > the Settings icon (⚙) > My User Access to view the roles and application permissions currently inherited by you.
If you try to access Insights for Red Hat Enterprise Linux features and see a message that you do not have permission to perform this action, you must obtain additional permissions. The Organization Administrator or the User Access administrator for your organization configures those permissions.
Use the Red Hat Hybrid Cloud Console Virtual Assistant to ask "Contact my Organization Administrator". The assistant sends an email to the Organization Administrator on your behalf.
Additional resources
For more information about user access and permissions, see User Access Configuration Guide for Role-based Access Control (RBAC).
1.2.3. User Access roles for remote host configuration and management
There are several User Access roles that are relevant for Red Hat Insights for Red Hat Enterprise Linux users. These roles determine if an Insights user can simply view settings or change them, and use remediation features.
User Access roles for using the Remote Host Configuration Manager in the Insights for Red Hat Enterprise Linux web console
- RHC administrator. Members in a group with this role can perform any operations in the rhc manager.
- RHC user. This is a default permission for all users on your organization’s Red Hat Hybrid Cloud Console account, allowing anyone to see the current status of the configuration.
User Access roles for using remediation features in the Insights for Red Hat Enterprise Linux web console
- Remediations administrator. Members in a group with this role can perform any available operation against any remediations resource, including direct remediations.
- Remediations user. Members in a group with this role can create, view, update, and delete operations against any remediations resource. This is a default permission given to all Hybrid Cloud Console users on your account.
Chapter 2. Register and connect RHEL systems using the rhc client
The rhc client performs critical system tasks, such as registering your system to the Red Hat Hybrid Cloud Console, retrieving the current configuration of various services that the remote host configuration manager supports, and updating the current configuration of services. It also maintains a history of configuration changes, and ensures that newly connected systems are kept up to date with the latest configuration.
The rhc client updates a system through a change in the remote host configuration manager, and through a new remote host configuration connection event from Red Hat Insights for Red Hat Enterprise Linux inventory.
Currently, settings apply to all systems connected with the rhc client. You cannot configure a system or group of systems independently.
Before configuring your system to connect using the rhc client, review the configuration in Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Remote Host Configuration (RHC). The remote host configuration manager settings determine your system’s configuration.
RHEL version considerations
Setup procedures for the rhc client differ depending on the Red Hat Enterprise Linux (RHEL) version on the system.
- RHEL 8.6 and later, and RHEL 9.0 and later support simplified registration to Red Hat Subscription Management (RHSM) and Insights for Red Hat Enterprise Linux .
- RHEL 8.5 supports the other features of remote host configuration, but configuration and setup involve a few more steps.
Timing of registration
To register the system to Red Hat Subscription Management (RHSM) and Insights for Red Hat Enterprise Linux with a single command, it might make sense to run the rhc connect command during the RHEL installation workflow, following network configuration. For RHEL 8.6 and later, this step will take care of the registration to Red Hat Subscription Management (RHSM), but you may still use RHSM for advanced configurations.
If you have already installed and registered the RHEL installation with RHSM, or registered with Insights for Red Hat Enterprise Linux, you can still use rhc connect to enable the rhc client at any time to get the benefits of the remote host configuration manager and direct remediations.
Additional resources
- Client Configuration Guide for Red Hat Insights
- Creating Red Hat Customer Portal Activation Keys
- Getting Started with RHEL System Registration
- Performing an advanced RHEL installation
- Performing a standard RHEL installation
- Registration Assistant - a registration method that uses a guided lab in Red Hat Customer Portal Labs.
2.1. Registering your Red Hat Enterprise Linux system version 10
Register your RHEL 10 system by using the rhc client to connect to Red Hat services with the default feature levels. This enables all available features: access to Red Hat content, analytics for Red Hat Insights, and remote management.
Prerequisites
- You have an activation key and an organization ID to register your system.
Procedure
- Open the terminal window.
Do one of the following:
To register the system with the default feature level and ensure the system executes the remediations and tasks from Insights:
# rhc connect --activation-key=<activation_key> --organization=<organization_ID>
# dnf install -y rhc-worker-playbook
To disable any of the features while registering your system:
# rhc connect --activation-key=<activation_key_name> --organization=<organization_ID> --disable-feature <feature>
Where feature can be replaced with:
- content - Provides access to Red Hat CDN repositories.
- analytics - Enables data collection for Insights.
- remote-management - Establishes an additional MQTT network connection to Red Hat services for remote execution of certain actions from https://console.redhat.com.
- For example, if you want to register your system with a remote management feature disabled so that your system cannot be managed remotely but the system has access to RHEL content and collects data for Insights analytics, enter:
# rhc connect --activation-key=<activation_key_name> --organization=<organization_ID> --disable-feature remote-management
Verification
Confirm the active features when registering with default options:
# rhc status
Connection status: ✓ Connected to Red Hat Red Hat Subscription Manager ✓ Connected to Red Hat Insights ✓ The yggdrasil service is active
Confirm the active features with remote-management disabled:
# rhc status
Connection status: ✓ Connected to Red Hat Red Hat Subscription Manager ✓ Connected to Red Hat Red Hat Insights ✓ The yggdrasil service is inactive
Yggdrasil is required for the use of remote management. So, when yggdrasil is inactive remote management is inactive as well.
Additional Resources
2.1.1. Customizing feature levels
If you have a RHEL 10 system, you can use remote host configuration (rhc) to set feature levels when registering with the Red Hat Hybrid Cloud Console.
By default, rhc connects your systems with the remote management feature level. This feature level includes access to RHEL content, analytics for Insights for Red Hat Enterprise Linux, and remote management (remediations and tasks services). If you want to opt out of any of these features, you can disable them when you register your systems.
Customizing feature levels functionality is only available with Red Hat Enterprise Linux version 10.
See the following table for more details about feature levels:
| Feature Level | Feature Level Name in the Command Line Interface | Description |
|---|---|---|
| Access to Red Hat content | Content | This feature level provides access to content in the Red Hat Content Delivery Network (CDN). This allows you to install and update packages. |
| Analytics for Insights for Red Hat Enterprise Linux | Analytics | This feature level collects data from your system using the Insights client and sends it to the Red Hat Hybrid Cloud Console (HCC). Then, Red Hat Insights analyzes your data and returns recommendations. You need to have the content feature enabled as well in order to use the analytics feature. |
| Remote Management (Default) | remote-management | This allows you to use the remediations and tasks services. You must have the content and analytics features enabled in order to use the remote management feature. |
2.2. Registering a Red Hat Enterprise Linux system version 9
If you have a Red Hat Enterprise Linux version 9 system, you can use remote host configuration (rhc) to register your system:
Prerequisites
- You are logged in to the system as root or have sudo permissions.
- You have an activation key and an organization ID to register your system.
Procedure
Open your command-line interface (CLI), and run the following commands on your client system:
# rhc connect --activation-key=<activation_key_name> --organization=<organization_ID>
# dnf install -y rhc-worker-playbook
Verification
Enter the following command in your CLI:
# rhc status
If the procedure is successful, you will see the following output:
Connection status: ✓ Connected to Red Hat Insights ✓ Connected to Red Hat Red Hat Subscription Manager ✓ The remote host configuration daemon is active
Additional Resources
2.3. Registering a Red Hat Enterprise Linux system version 8
If you have a Red Hat Enterprise Linux 8 system, you can use remote host configuration (rhc) to register your system.
Prerequisites
- RHEL version is 8.6 or later
- You are logged in to the system as root or have sudo permissions.
- You have an activation key and an organization ID to register your system.
Procedure
Open your command-line interface (CLI), and run the following commands on your client system:
# rhc connect --activation-key=<activation_key_name> --organization=<organization_ID>
# dnf install -y rhc-worker-playbook
Run the following command:
# rhc status
If the procedure is successful, you will see the following output:
Connection status: ✓ Connected to Red Hat Red Hat Subscription Manager ✓ Connected to Red Hat Insights ✓ The remote host configuration daemon is active
Additional Resources
2.4. Enabling or disabling features after registration
If you have already registered a system but you want to change the feature level, there are two methods available: manual or reinstalling.
2.4.1. Manually changing feature levels
You can manually enable or disable the remote management feature as follows:
Prerequisites
- You are logged in to the system as root or have sudo permissions.
Procedure
- Open your command-line interface and navigate to the specific client system you want to edit.
Ensure that the
rhc-worker-playbookpackage is installed and run the following command in your CLI:# dnf install -y rhc-worker-playbook
Start and enable the yggdrasil service.
# systemctl start yggdrasil
# systemctl enable yggdrasil
Confirm that the yggdrasil service is active and enabled by running the following command in your CLI:
# systemctl status yggdrasil
2.4.2. Re-registering to change feature levels
If you have an already registered system and you want to change the feature levels for that system you can unregister the system and re-register in order to disable or enable features.
Re-registering a system will delete your customized configuration settings. Re-registration can also create a duplicate system record in your Systems Inventory. Therefore it is important to properly unregister the system before re-registering.
Unregistering your system:
Prerequisites
- You are logged in to the system as root or have sudo permissions.
- You have an activation key and an organization ID to unregister your system.
Procedure
- Open the rterminal window.
Run the following command:
# rhc disconnect
- Re-Register the system with the desired feature level. Follow the instructions from section 2.1 Registering your Red Hat Enterprise Linux system version 10.
Additional resources
2.5. Disconnecting a system using remote host configuration
Prerequisites
-
You are logged in to the system as
rootor have sudo permissions.
Procedure
Run the following command on each Red Hat Enterprise Linux (RHEL) system that you want to remove from the remote host configuration manager.
ImportantDisconnecting through the rhc client unregisters your system from both the Red Hat Customer Portal and Red Hat Insights for Red Hat Enterprise Linux.
# rhc disconnect Disconnecting <$HOSTNAME> from console.redhat.com. This might take a few seconds. ● Deactivated the Red Hat connector daemon Manage your Red Hat connector systems: https://red.ht/connector
2.6. Using additional CLI options
View additional options for the rhc command.
Prerequisites
-
You are logged in to the system as
rootor have sudo permissions.
Procedure
Run
psand pipe throughgrepto display the connectorrhcdprocess.PID TTY TIME COMMAND 14992 ? 0:00 /usr/sbin/rhcd
Run
systemctl status rhcdto view the on/off status of therhcd daemon.# systemctl status rhcd
Enter
rhc --helpwith no other options.GLOBAL OPTIONS: --version, -v print the version (default: false)
Chapter 3. Configure connection to Red Hat Insights using remote host configuration manager
The remote host configuration manager, located at Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Remote Host Configuration (RHC), is where you can control Red Hat Enterprise Linux system connections to Red Hat Insights for Red Hat Enterprise Linux. From the remote host configuration manager, you control the connection to your RHEL infrastructure, and how the Insights for Red Hat Enterprise Linux services are configured on the remote systems.
Changes in the remote host configuration manager create a playbook that is fetched by the rhc client. The connected rhc client monitors for remote host configuration manager to send playbooks and will execute them instantaneously. The remote host configuration manager provides a log that shows you the playbook runs.
With the rhc client and the remote host configuration manager, there is no fine control over individual system connections, and there is no additional control over the data that is packaged on your systems and uploaded to Insights for Red Hat Enterprise Linux.
To control the type of data that each system provides to Insights for Red Hat Enterprise Linux, you must use the Insights client configuration options. For example, if you want to apply data obfuscation or data redaction to the system information that is sent to Insights for Red Hat Enterprise Linux, you must configure the obfuscation and redaction values in the Insights client configuration file on each system.
3.1. Opening the remote host configuration manager
Use the remote host configuration manager to view connection settings.
The first time you open the manager, it shows a pane for rhc command syntax that you can fill in and copy. This will simplify command entry on your Red Hat Enterprise Linux (RHEL) systems if they are not already running the remote host configuration utility. You can close this pane, but it cannot be reopened.
Prerequisites
- You must be logged into the Red Hat Hybrid Cloud Console.
- You must have RHC user privileges, assigned in User Access, to perform this procedure.
Procedure
- Navigate to Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Remote Host Configuration (RHC) to view the Red Hat Insights for Red Hat Enterprise Linux connection settings.
3.2. Editing settings in the remote host configuration manager
Use the remote host configuration manager to edit remote host configuration settings. You can choose whether your RHEL systems can receive playbooks that get generated and executed from remediation plans within Insights, and rhc client configuration changes from remote host configuration manager. If you want to maintain your client configurations manually, or with your own configuration management system, you can disable the system configuration management settings.
You can enable settings to use OpenSCAP for compliance policies and Cloud Connector to fix issues directly from Red Hat Insights for Red Hat Enterprise Linux. Enabling OpenSCAP automatically installs the OpenSCAP and RHEL System Security Guide (SSG), which is required to use the compliance service.
Prerequisites
- You must be logged into the Red Hat Hybrid Cloud Console.
- You must have RHC administrator privileges, assigned in User Access, to perform this procedure.
Procedure
- Navigate to Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Remote Host Configuration (RHC) to view the current settings.
- Click Change settings.
- Use the slider buttons to select Red Hat Insights for Red Hat Enterprise Linux settings for your connected systems. The changes are applied to all connected systems and to all future systems that connect through the rhc client.
3.3. Maintaining a connection between remote host configuration and Red Hat Hybrid Cloud Console
To maintain a strong connection between remote host configuration(rhc) and Red Hat Hybrid Cloud Console, it is recommended that you set an option for a 10 second reconnect delay.
Prerequisites
-
You have root-level access to the system or
sudopermissions. - You have a rhc version installed that is at least version 0.2.4 but less than version 0.3.
Procedure
-
Open the following file:
/etc/rhc/config.toml -
Add this option to the file
mqtt-reconnect-delay = "10s" - Save your changes.
-
Type the following command in your terminal: #
systemctl restart rhcd.service
Verification step
Run the following command in your terminal:
#`systemctl status rhcd.service`
If the option was added successfully, you should see the following statement returned:
# `Active: active (running)` followed by a timestamp.
Additional resources
For information about registering rhc, see the following:
Chapter 4. Remediate issues directly from Insights for Red Hat Enterprise Linux
Remote host configuration (rhc) allows you to remediate issues on your Red Hat Enterprise Linux (RHEL) systems directly from Insights for Red Hat Enterprise Linux. Direct remediation is available when you have the rhc client installed on your RHEL 8.5 and later system.
For complete remediations documentation for Red Hat Insights, see the Red Hat Insights Remediations Guide.
Chapter 5. Troubleshooting remote host configuration issues
System logs are a useful source of information when troubleshooting a remote host configuration issue. In addition, it is helpful to be aware of any known issues.
5.1. TCP ports and destinations
The complete remote host configuration solution currently relies on existing clients; your system will be communicating with Red Hat in different ways.
5.1.1. Subscription manager
For subscription-manager, the system must be able to reach the following destination and TCP ports:
- subscription.rhn.redhat.com:443 (https)
- subscription.rhsm.redhat.com:443 (https)
- cdn.redhat.com:443 (https)
- *.akamaiedge.net:443 (https)
- *.akamaitechnologies.com:443 (https)
5.1.2. Insights client
For Red Hat Insights for Red Hat Enterprise Linux data collection to work correctly, the system must be able to reach the following destination and TCP ports:
- api.access.redhat.com:443 (https)
- cert-api.access.redhat.com:443 (https)
5.1.3. RHC client daemon
For the rhc daemon, rhcd, to communicate with the MQTT message broker, the system must be able to reach the following:
- connect.cloud.redhat.com:443 (https)
5.1.4. Adding a proxy for RHC to use for the connection
Use the following commands to add a proxy for rhc to use to connect to Red Hat.
# mkdir -p /etc/systemd/system/rhcd.service.d # cat /etc/systemd/system/rhcd.service.d/proxy.conf [Service] Environment=HTTPS_PROXY=http://proxy.corp.com:8888 # systemctl daemon-reload # systemctl restart rhcd
5.2. RHC client communication
The communication technology behind the rhc daemon, rhcd, is MQTT. The client establishes a connection to the Red Hat message broker and waits for new messages. The new messages are then read and converted into playbook execution. While the messages are consumed almost instantaneously, the communication is always established by the client. There is no communication initiated from the Red Hat services to your environment.
5.3. Consulting and interpreting log files
Troubleshooting an issue often starts by looking at the logs to see what happened during a given event.
- Use the following command to consult logs:
# journalctl -u rhcd
-
Use
-f,--follow, to show only the most recent journal entries, and continuously print new entries as they are appended to the journal:
# journalctl -u rhcd -f
5.4. Known issues
There are occasionally issues that the user or org admin should be aware of when working with their systems.
The following known issues are documented for remote host configuration:
Remote host configuration is stuck in the
checkingstatus if a Red Hat Satellite-connected system is also in the remediation plan.If you have a remediation plan that contains one or more remote host configuration systems and one or more Red Hat Satellite-connected systems, when you click the
Execute Playbookbutton on the remote host configuration manager. The remote host configuration system will be stuck atchecking. You will not be able to execute the remediation plan on the remote host configuration system.See RHC stuck at "checking" if a Satellite-connected system is also in the remediation plan for more information.
The
insights-clientcommand is not invoked after executing remediation with remote host configuration.Playbooks generated by Remediations generally have the following structure:
- Fix the problems listed in the remediation.
- Optionally reboot the system.
Execute the
insights-clientcommand so that Red Hat Insights for Red Hat Enterprise Linux has an updated version of the system’s state.If a remediation plan is invoked by clicking Execute playbook in the Remediations UI, and if the targeted system is running rhc client, as opposed to being managed by a Satellite, the final step is missing. As a result, Insights for Red Hat Enterprise Linux never receives an updated view of the system’s state.
-
The current temporary solution is: either manually run
insights-clienton the system, or wait 24 hours for the next upload. - See insights-client not invoked after executing remediation via RHC for more information.
Chapter 6. Creating and managing activation keys in the Red Hat Hybrid Cloud Console
Your organization’s activation keys are listed on the Activation Keys page in the Red Hat Hybrid Cloud Console. You can use an activation key as an authentication token to register a system with Red Hat hosted services, such as Red Hat Subscription Manager or remote host configuration (RHC). Administrators can create, edit, and delete activation keys for your organization. They also have the option to set system-level features, such as system purpose, on an activation key. When you use a preconfigured activation key to register a system, all the selected attributes are automatically applied at the time of registration.
6.1. Activation key management in the Red Hat Hybrid Cloud Console
An activation key is a preshared authentication token that enables authorized users to register and configure systems. It eliminates the need to store, use, and share a personal username and password combination, which increases security and facilitates automation. For example, you can use a preconfigured activation key to automatically register a system with all the required system-level features. Additionally, you can put preconfigured activation keys in Kickstart scripts to bulk -provision the registration of multiple systems.
You can use an activation key and a numeric organization identifier (organization ID) to register a system with Red Hat hosted services, such as Red Hat Subscription Manager or remote host configuration (RHC). Your organization’s activation keys and organization ID are displayed on the Activation Keys page in the Hybrid Cloud Console.
Each user’s access to the activation keys in the Hybrid Cloud Console is managed through a role-based access control (RBAC) system. Users in the Organization Administrator group for your organization use the RBAC system to assign roles, such as RHC user and RHC administrator, to users within your organization. An RHC user can view the activation keys in the table on the Activation Keys page. Only an RHC administrator is authorized to use the Hybrid Cloud Console user interface to create, edit, and delete activation keys. An RHC administrator also has the option to configure an activation key to apply system purpose attributes (role, service level agreement, or usage) to the system during the registration process. An Organization Administrator has the RHC administrator role by default.
In the terminal, users with root privileges can use the activation key and the organization ID to register the system with a single command. If the activation key has been preconfigured with system purpose attributes, the specified attributes are automatically applied to the system upon registration.
Additional resources
- For more information about RBAC roles, see User Access Configuration Guide for Role-based Access Control (RBAC).
- For more information about system purpose, see System purpose configuration in Getting Started with RHEL System Registration.
6.2. Creating an activation key
As an RHC administrator, you can use the Hybrid Cloud Console interface to create preconfigured activation keys that authorized users in your organization can use to register systems to Red Hat hosted services, such as Red Hat Subscription Manager or remote host configuration (RHC). An activation key requires a unique name that enables users to use the activation key by entering the activation key name and organization ID, without requiring a username or password. An activation key can also contain system purpose attributes that can be automatically applied to individual systems at the time of registration. The activation keys that you create can be viewed in the table on the Activation Keys page and used to register systems in the terminal.
Prerequisites
- You are logged in to the Red Hat Hybrid Cloud Console.
- You have the RHC administrator role in the role-based access control (RBAC) system for the Red Hat Hybrid Cloud Console.
Procedure
To create an activation key in the Hybrid Cloud Console, perform the following steps:
- Navigate to Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Activation Keys.
- From the Activation Keys page, click Create activation key.
In the Name field, enter a unique name for the activation key.
NoteYour activation key name must be unique, may contain only numbers, letters, underscores, and hyphens, and contain fewer than 256 characters. If you enter a name that already exists in your organization, you will receive an error message and the key will not be created.
Optional: To add system purpose attributes to the activation key, navigate to the system purpose field that you want to populate. From the drop-down list, select the attribute value that you want to apply to the system.
NoteOnly the system purpose attributes that are available to your organization’s account are selectable.
When you have populated all the required fields, click Create.
Note=== The Create activation key button is disabled until a valid name is entered into the Name field. If the button remains disabled after populating the Name field, check that the name meets the noted criteria and that you are logged in to the Hybrid Cloud Console with the required RBAC role. For questions regarding your RBAC role, contact an Organization Administrator. ===
6.3. Viewing an activation key
As an RHC user, you can view your organization’s numeric identifier (organization ID) and available activation keys on the Activation Keys page in the Hybrid Cloud Console. The activation keys and their respective details are presented in a table. The Name column contains the name of the activation key. The Role column contains the role value for the system purpose attribute set on the key. A potential role value is Red Hat Enterprise Linux Server. The SLA column contains the service level agreement value for the system purpose attribute set on the key. A potential service level agreement value is Premium. The Usage column contains the usage value for the system purpose attribute set on the key. A potential usage value is Production. If no system purpose attribute is set on the activation key, the respective field contains no value.
Prerequisites
- You are logged in to the Red Hat Hybrid Cloud Console.
- You have the RHC user or RHC administrator role in the role-based access control (RBAC) system for the Red Hat Hybrid Cloud Console.
Procedure
To view an activation key in the Hybrid Cloud Console, perform the following steps:
6.4. Using an activation key to register a system with Red Hat Subscription Manager
The activation keys that you create in the Hybrid Cloud Console combine all the system registration steps into one secure, automated process.
As a user with root privileges you can register the system, apply pre-configured system purpose attributes, and enable repositories with a single command. Root users can pass an activation key and a numeric organization identifier (organization ID) to the command line tools used to register a system to Red Hat hosted services such as Red Hat Subscription Manager or remote host configuration (RHC). If an RHC administrator has preconfigured the activation key to apply selected system purpose attributes, those attributes are automatically applied to the system during the registration process.
Prerequisites
- You have root privileges or their equivalent to run the commands in the following procedure.
- You have the numeric identifier for your organization (organization ID).
Procedure
To use an activation key to register a system with Subscription Manager, perform the following steps:
From the terminal, enter the following command where <activation_key_name> is the name of the activation key you want to use and <1234567> is your organization ID:
subscription-manager register --activationkey=<activation_key_name> --org=<1234567>
The expected output confirms that your system is registered. For example:
The system has been registered with id: 62edc0f8-855b-4184-b1b8-72a9dc793b96
6.5. Using an activation key to register a system with remote host configuration (RHC)
The activation keys that you create in the Hybrid Cloud Console combine all the system registration steps into one secure, automated process.
As a user with root privileges you can register the system, apply pre-configured system purpose attributes, and enable repositories with a single command. Root users can pass an activation key and a numeric organization identifier (organization ID) to the command line tools used to register a system to Red Hat hosted services such as Red Hat Subscription Manager or remote host configuration (RHC). If an RHC administrator has pre-configured the activation key to apply selected system purpose attributes, those attributes are automatically applied to the system during the registration process.
Prerequisites
- You have root privileges or their equivalent to run the commands in the following procedure.
- You have the numeric identifier for your organization (organization ID).
Procedure
To use an activation key to register a system with RHC, perform the following steps:
From the terminal, enter the following command where <activation_key_name> is the name of the activation key you want to use and <1234567> is your organization ID:
rhc connect --activation-key <activation_key_name> --organization <1234567>
6.6. Editing an activation key
As an RHC administrator, you can use the Hybrid Cloud Console interface to edit the activation keys on the Activation Keys page. Specifically, you can add, update, or remove the system purpose attributes on an existing activation key. However, you cannot edit the name of the activation key itself.
Prerequisites
- You are logged in to the Red Hat Hybrid Cloud Console.
- You have the RHC administrator role in the role-based access control (RBAC) system for the Red Hat Hybrid Cloud Console.
Procedure
To edit an activation key in the Hybrid Cloud Console, perform the following steps:
- Navigate to Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Activation Keys.
- From the Activation Keys page, locate the row that contains the activation key that you want to edit. Click More options and select Edit from the overflow menu.
- To update a system purpose attribute on the activation key, navigate to the system purpose field that you want to change. From the drop-down list, select the attribute value that you want to apply to the system.
- To remove a system purpose attribute from the activation key, navigate to the system purpose field that you want to clear and deselect the unwanted value from the drop-down list. To update the activation key, click Save changes.
6.7. Deleting an activation key
As an RHC administrator, you can use the Hybrid Cloud Console interface to delete an activation key from the table on the Activation Keys page. You might want to delete an unwanted or compromised activation key for security or maintenance purposes. However, deleting an activation key that is referenced in an automation script will impact the ability of that automation to function. To avoid any negative impacts to your automated processes, either remove the unwanted activation key from the script or retire the automation script prior to deleting the key.
Prerequisites
- You are logged in to the Red Hat Hybrid Cloud Console.
- You have the RHC administrator role in the role-based access control (RBAC) system for the Red Hat Hybrid Cloud Console.
Procedure
To delete an activation key in the Hybrid Cloud Console, perform the following steps:
- Navigate to Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Activation Keys.
- From the Activation Keys page, locate the row containing the activation key that you want to delete. Click More options and select Delete from the overflow menu.
In the Delete Activation Key window, review the information about deleting activation keys. If you want to continue with the deletion, click Delete.
Important=== Deleting this activation key will impact any automation that references it. To avoid any negative consequences of deleting this key, retire any automation script that uses this key or remove any references of this key from your Kickstart scripts.
Providing feedback on Red Hat documentation
We appreciate and prioritize your feedback regarding our documentation. Provide as much detail as possible, so that your request can be quickly addressed.
Prerequisites
- You are logged in to the Red Hat Customer Portal.
Procedure
To provide feedback, perform the following steps:
- Click the following link: Create Issue
- Describe the issue or enhancement in the Summary text box.
- Provide details about the issue or requested enhancement in the Description text box.
- Type your name in the Reporter text box.
- Click the Create button.
This action creates a documentation ticket and routes it to the appropriate documentation team. Thank you for taking the time to provide feedback.
