Este conteúdo não está disponível no idioma selecionado.
Chapter 3. Registering Hosts and Setting Up Host Integration
You must register hosts that have not been provisioned through Satellite to be able to manage them with Satellite. You can register hosts through Satellite Server or Capsule Server.
Note that the entitlement-based subscription model is deprecated and will be removed in a future release. Red Hat recommends that you use the access-based subscription model of Simple Content Access instead.
You must also install and configure tools on your hosts, depending on which integration features you want to use. Use the following procedures to install and configure host tools:
3.1. Supported Clients in Registration
Satellite supports the following operating systems and architectures for registration.
- Supported Host Operating Systems
- The hosts can use the following operating systems: - Red Hat Enterprise Linux 9, 8, 7
- Red Hat Enterprise Linux 6 with the ELS Add-On
 
- Supported Host Architectures
- The hosts can use the following architectures: - i386
- x86_64
- s390x
- ppc_64
 
3.2. Registration Methods
You can use the following methods to register hosts to Satellite:
- Global registration
- You generate a - curlcommand from Satellite and run this command from an unlimited number of hosts to register them using provisioning templates over the Satellite API. For more information, see Section 3.3, “Registering Hosts by Using Global Registration”.- By using this method, you can also deploy Satellite SSH keys to hosts during registration to Satellite to enable hosts for remote execution jobs. For more information, see Chapter 12, Configuring and Setting Up Remote Jobs. - By using this method, you can also configure hosts with Red Hat Insights during registration to Satellite. For more information, see Section 9.1, “Using Red Hat Insights with Hosts in Satellite”. 
- (Deprecated) Katello CA Consumer
- 
							You download and install the consumer RPM from satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpmon the host and then runsubscription-manager.
- (Deprecated) Bootstrap script
- 
							You download the bootstrap script from satellite.example.com/pub/bootstrap.pyon the host and then run the script. For more information, see Section 3.4, “Registering Hosts by Using The Bootstrap Script”.
3.3. Registering Hosts by Using Global Registration
				You can register a host to Satellite by generating a curl command on Satellite and running this command on hosts. This method uses two provisioning templates: Global Registration template and Linux host_init_config default template. That gives you complete control over the host registration process.
			
You can also customize the default templates if you need greater flexibility. For more information, see Section 3.3.3, “Customizing the Registration Templates”.
3.3.1. Global Parameters for Registration
You can configure the following global parameters by navigating to Configure > Global Parameters:
- 
							The host_registration_insightsparameter is used in theinsightssnippet. If the parameter is set totrue, the registration installs and enables the Red Hat Insights client on the host. If the parameter is set tofalse, it prevents Satellite and the Red Hat Insights client from uploading Inventory reports to your Red Hat Hybrid Cloud Console. The default value istrue. When overriding the parameter value, set the parameter type toboolean.
- 
							The host_packagesparameter is for installing packages on the host.
- 
							The host_registration_remote_executionparameter is used in theremote_execution_ssh_keyssnippet. If it is set totrue, the registration enables remote execution on the host. The default value istrue.
- 
							The remote_execution_ssh_keys,remote_execution_ssh_user,remote_execution_create_user, andremote_execution_effective_user_methodparameters are used in theremote_execution_ssh_keyssnippet. For more details, see the snippet.
You can navigate to snippets in the Satellite web UI through Hosts > Templates > Provisioning Templates.
3.3.2. Registering a Host
You can register a host by using registration templates and set up various integration features and host tools during the registration process.
Prerequisites
- 
							Your user account has a role assigned that has the create_hostspermission.
- You must have root privileges on the host that you want to register.
- Satellite Server, any Capsule Servers, and all hosts must be synchronized with the same NTP server, and have a time synchronization tool enabled and running.
- An activation key must be available for the host. For more information, see Managing Activation Keys in Managing Content.
- If you want to use Capsule Servers instead of your Satellite Server, ensure that you have configured your Capsule Servers accordingly. For more information, see Configuring Capsule for Host Registration and Provisioning in Installing Capsule Server.
- If your Satellite Server or Capsule Server is behind an HTTP proxy, configure the Subscription Manager on your host to use the HTTP proxy for connection. For more information, see How to access Red Hat Subscription Manager (RHSM) through a firewall or proxy in the Red Hat Knowledgebase.
Procedure
- In the Satellite web UI, navigate to Hosts > Register Host.
- Optional: Select a different Organization.
- Optional: Select a different Location.
- Optional: From the Host Group list, select the host group to associate the hosts with. Fields that inherit value from Host group: Operating system, Activation Keys and Lifecycle environment.
- Optional: From the Operating system list, select the operating system of hosts that you want to register.
- Optional: From the Capsule list, select the Capsule to register hosts through.
- Optional: Select the Insecure option, if you want to make the first call insecure. During this first call, hosts download the CA file from Satellite. Hosts will use this CA file to connect to Satellite with all future calls making them secure. - Red Hat recommends that you avoid insecure calls. - If an attacker, located in the network between Satellite and a host, fetches the CA file from the first insecure call, the attacker will be able to access the content of the API calls to and from the registered host and the JSON Web Tokens (JWT). Therefore, if you have chosen to deploy SSH keys during registration, the attacker will be able to access the host using the SSH key. - Instead, you can manually copy and install the CA file on each host before registering the host. - To do this, find where Satellite stores the CA file by navigating to Administer > Settings > Authentication and locating the value of the SSL CA file setting. - Copy the CA file to the - /etc/pki/ca-trust/source/anchors/directory on hosts and enter the following commands:- update-ca-trust enable update-ca-trust - # update-ca-trust enable # update-ca-trust- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow - Then register the hosts with a secure - curlcommand, such as:- curl -sS https://satellite.example.com/register ... - # curl -sS https://satellite.example.com/register ...- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow - The following is an example of the - curlcommand with the- --insecureoption:- curl -sS --insecure https://satellite.example.com/register ... - # curl -sS --insecure https://satellite.example.com/register ...- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Select the Advanced tab.
- From the Setup REX list, select whether you want to deploy Satellite SSH keys to hosts or not. - If set to - Yes, public SSH keys will be installed on the registered host. The inherited value is based on the- host_registration_remote_executionparameter. It can be inherited, for example from a host group, an operating system, or an organization. When overridden, the selected value will be stored on host parameter level.
- From the Setup Insights list, select whether you want to install - insights-clientand register the hosts to Insights.- The Insights tool is available for Red Hat Enterprise Linux only. It has no effect on other operating systems. - You must enable the following repositories on a registered machine: - 
									RHEL 6: rhel-6-server-rpms
- 
									RHEL 7: rhel-7-server-rpms
- RHEL 8: - rhel-8-for-x86_64-appstream-rpms- The - insights-clientpackage is installed by default on RHEL 8 except in environments whereby RHEL 8 was deployed with "Minimal Install" option.
 
- 
									RHEL 6: 
- 
							Optional: In the Install packages field, list the packages (separated with spaces) that you want to install on the host upon registration. This can be set by the host_packagesparameter.
- 
							Optional: Select the Update packages option to update all packages on the host upon registration. This can be set by the host_update_packagesparameter.
- 
							Optional: In the Repository field, enter a repository to be added before the registration is performed. For example, it can be useful to make the subscription-managerpackage available for the purpose of the registration. For Red Hat family distributions, enter the URL of the repository, for examplehttp://rpm.example.com/.
- Optional: In the Repository GPG key URL field, specify the public key to verify the signatures of GPG-signed packages. It needs to be specified in the ASCII form with the GPG public key header.
- Optional: In the Token lifetime (hours) field, change the validity duration of the JSON Web Token (JWT) that Satellite uses for authentication. The duration of this token defines how long the generated - curlcommand works. You can set the duration to 0 – 999 999 hours or unlimited.- Note that Satellite applies the permissions of the user who generates the - curlcommand to authorization of hosts. If the user loses or gains additional permissions, the permissions of the JWT change too. Therefore, do not delete, block, or change permissions of the user during the token duration.- The scope of the JWTs is limited to the registration endpoints only and cannot be used anywhere else. 
- Optional: In the Remote Execution Interface field, enter the identifier of a network interface that hosts must use for the SSH connection. If you keep this field blank, Satellite uses the default network interface.
- In the Activation Keys field, enter one or more activation keys to assign to hosts.
- Optional: Select the Lifecycle environment.
- Optional: Select the Ignore errors option if you want to ignore subscription manager errors.
- 
							Optional: Select the Force option if you want to remove any katello-ca-consumerrpms before registration and runsubscription-managerwith the--forceargument.
- Click the Generate button.
- 
							Copy the generated curlcommand.
- 
							On the host that you want to register, run the curlcommand asroot.
3.3.3. Customizing the Registration Templates
You can customize the registration process by editing the provisioning templates. Note that all default templates in Satellite are locked. If you want to customize the registration templates, you must clone the default templates and edit the clones.
Red Hat only provides support for the original unedited templates. Customized templates do not receive updates released by Red Hat.
The registration process uses the following provisioning templates:
- 
							The Global Registration template contains steps for registering hosts to Satellite. This template renders when hosts access the /registerSatellite API endpoint.
- The Linux host_init_config default template contains steps for initial configuration of hosts after they are registered.
Procedure
- Navigate to Hosts > Templates > Provisioning Templates.
- Search for the template you want to edit.
- In the row of the required template, click Clone.
- Edit the template as needed. For more information, see Appendix A, Template Writing Reference.
- Click Submit.
- Navigate to Administer > Settings > Provisioning.
- Change the following settings as needed: - Point the Default Global registration template setting to your custom global registration template,
- Point the Default 'Host initial configuration' template setting to your custom initial configuration template.
 
3.4. Registering Hosts by Using The Bootstrap Script
Deprecated Use Section 3.3, “Registering Hosts by Using Global Registration” instead.
Use the bootstrap script to automate content registration and Puppet configuration. You can use the bootstrap script to register new hosts, or to migrate existing hosts from RHN, SAM, RHSM, or another Red Hat Satellite instance.
				The katello-client-bootstrap package is installed by default on Satellite Server’s base operating system. The bootstrap.py script is installed in the /var/www/html/pub/ directory to make it available to hosts at satellite.example.com/pub/bootstrap.py. The script includes documentation in the /usr/share/doc/katello-client-bootstrap-version/README.md file.
			
				To use the bootstrap script, you must install it on the host. As the script is only required once, and only for the root user, you can place it in /root or /usr/local/sbin and remove it after use. This procedure uses /root.
			
Prerequisites
- 
						You have a Satellite user with the permissions required to run the bootstrap script. The examples in this procedure specify the adminuser. If this is not acceptable to your security policy, create a new role with the minimum permissions required and add it to the user that will run the script. For more information, see Section 3.4.1, “Setting Permissions for the Bootstrap Script”.
- You have an activation key for your hosts with the Satellite Client 6 repository enabled. For information on configuring activation keys, see Managing Activation Keys in the Content Management Guide.
- You have created a host group. For more information about creating host groups, see Section 2.7, “Creating a Host Group”.
Puppet Considerations
					If a host group is associated with a Puppet environment created inside a Production environment, Puppet fails to retrieve the Puppet CA certificate while registering a host from that host group.
				
To create a suitable Puppet environment to be associated with a host group, follow these steps:
- Manually create a directory: - mkdir /etc/puppetlabs/code/environments/example_environment - # mkdir /etc/puppetlabs/code/environments/example_environment- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- In the Satellite web UI, navigate to Configure > Environments and click Import environment from. The button name includes the FQDN of the internal or external Capsule.
- Choose the created directory and click Update.
Procedure
- 
						Log in to the host as the rootuser.
- Download the script: - curl -O http://satellite.example.com/pub/bootstrap.py - # curl -O http://satellite.example.com/pub/bootstrap.py- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Make the script executable: - chmod +x bootstrap.py - # chmod +x bootstrap.py- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Confirm that the script is executable by viewing the help text: - On Red Hat Enterprise Linux 8: - /usr/libexec/platform-python bootstrap.py -h - # /usr/libexec/platform-python bootstrap.py -h- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On other Red Hat Enterprise Linux versions: - ./bootstrap.py -h - # ./bootstrap.py -h- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
 
- Enter the bootstrap command with values suitable for your environment. - For the - --serveroption, specify the FQDN of Satellite Server or a Capsule Server. For the- --location,- --organization, and- --hostgroupoptions, use quoted names, not labels, as arguments to the options. For advanced use cases, see Section 3.4.2, “Advanced Bootstrap Script Configuration”.- On Red Hat Enterprise Linux 8, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
 
- Enter the password of the Satellite user you specified with the - --loginoption.- The script sends notices of progress to stdout. 
- 
						When prompted by the script, approve the host’s Puppet certificate. In the Satellite web UI, navigate to Infrastructure > Capsules and find the Satellite or Capsule Server you specified with the --serveroption.
- From the list in the Actions column, select Certificates.
- In the Actions column, click Sign to approve the host’s Puppet certificate.
- Return to the host to see the remainder of the bootstrap process completing.
- In the Satellite web UI, navigate to Hosts > All hosts and ensure that the host is connected to the correct host group.
- Optional: After the host registration is complete, remove the script: - rm bootstrap.py - # rm bootstrap.py- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.4.1. Setting Permissions for the Bootstrap Script
Use this procedure to configure a Satellite user with the permissions required to run the bootstrap script. To use the CLI instead of the Satellite web UI, see the CLI procedure.
Procedure
- In the Satellite web UI, navigate to Administer > Users.
- Select an existing user by clicking the required Username. A new pane opens with tabs to modify information about the selected user. Alternatively, create a new user specifically for the purpose of running this script.
- Click the Roles tab.
- Select Edit hosts and Viewer from the Roles list. Important- The Edit hosts role allows the user to edit and delete hosts as well as being able to add hosts. If this is not acceptable to your security policy, create a new role with the following permissions and assign it to the user: - 
										view_organizations
- 
										view_locations
- 
										view_domains
- 
										view_hostgroups
- 
										view_hosts
- 
										view_architectures
- 
										view_ptables
- 
										view_operatingsystems
- 
										create_hosts
 
- 
										
- Click Submit.
CLI procedure
- Create a role with the minimum permissions required by the bootstrap script. This example creates a role with the name Bootstrap: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Assign the new role to an existing user: - hammer user add-role --id user_id --role Bootstrap - # hammer user add-role --id user_id --role Bootstrap- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow - Alternatively, you can create a new user and assign this new role to them. For more information on creating users with Hammer, see Managing Users and Roles in the Administering Red Hat Satellite guide. 
3.4.2. Advanced Bootstrap Script Configuration
This section has more examples for using the bootstrap script to register or migrate a host.
						These examples specify the admin Satellite user. If this is not acceptable to your security policy, create a new role with the minimum permissions required by the bootstrap script. For more information, see Section 3.4.1, “Setting Permissions for the Bootstrap Script”.
					
3.4.2.1. Migrating a Host From One Satellite to Another Satellite
						Use the script with --force to remove the katello-ca-consumer-* packages from the old Satellite and install the katello-ca-consumer-* packages on the new Satellite.
					
Procedure
- On Red Hat Enterprise Linux 8, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.4.2.2. Migrating a Host from Red Hat Network (RHN) or Satellite 5 to Satellite
						The bootstrap script detects the presence of /etc/syconfig/rhn/systemid and a valid connection to RHN as an indicator that the system is registered to a legacy platform. The script then calls rhn-classic-migrate-to-rhsm to migrate the system from RHN. By default, the script does not delete the system’s legacy profile due to auditing reasons. To remove the legacy profile, use --legacy-purge, and use --legacy-login to supply a user account that has appropriate permissions to remove a profile. Enter the user account password when prompted.
					
Procedure
- On Red Hat Enterprise Linux 8, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.4.2.3. Registering a Host to Satellite without Puppet
						By default, the bootstrap script configures the host for content management and configuration management. If you have an existing configuration management system and do not want to install Puppet on the host, use --skip-puppet.
					
Procedure
- On Red Hat Enterprise Linux 8, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.4.2.4. Registering a Host to Satellite for Content Management Only
						To register a system as a content host, and omit the provisioning and configuration management functions, use --skip-foreman.
					
Procedure
- On Red Hat Enterprise Linux 8, enter the following command: - /usr/libexec/platform-python bootstrap.py \ --server satellite.example.com \ --organization="Example Organization" \ --activationkey=activation_key \ --skip-foreman - # /usr/libexec/platform-python bootstrap.py \ --server satellite.example.com \ --organization="Example Organization" \ --activationkey=activation_key \ --skip-foreman- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - bootstrap.py --server satellite.example.com \ --organization="Example Organization" \ --activationkey=activation_key \ --skip-foreman - # bootstrap.py --server satellite.example.com \ --organization="Example Organization" \ --activationkey=activation_key \ --skip-foreman- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.4.2.5. Changing the Method the Bootstrap Script Uses to Download the Consumer RPM
						By default, the bootstrap script uses HTTP to download the consumer RPM from http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm. In some environments, you might want to allow HTTPS only between the host and Satellite. Use --download-method to change the download method from HTTP to HTTPS.
					
Procedure
- On Red Hat Enterprise Linux 8, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.4.2.6. Providing the host’s IP address to Satellite
						On hosts with multiple interfaces or multiple IP addresses on one interface, you might need to override the auto-detection of the IP address and provide a specific IP address to Satellite. Use --ip.
					
Procedure
- On Red Hat Enterprise Linux 8, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.4.2.7. Enabling Remote Execution on the Host
						Use --rex and --rex-user to enable remote execution and add the required SSH keys for the specified user.
					
Procedure
- On Red Hat Enterprise Linux 8, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.4.2.8. Creating a Domain for a Host During Registration
						To create a host record, the DNS domain of a host needs to exist in Satellite prior to running the script. If the domain does not exist, add it using --add-domain.
					
Procedure
- On Red Hat Enterprise Linux 8, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.4.2.9. Providing an Alternative FQDN for the Host
If the host’s host name is not an FQDN, or is not RFC-compliant (containing a character such as an underscore), the script will fail at the host name validation stage. If you cannot update the host to use an FQDN that is accepted by Satellite, you can use the bootstrap script to specify an alternative FQDN.
Procedure
- Set - create_new_host_when_facts_are_uploadedand- create_new_host_when_report_is_uploadedto false using Hammer:- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Use - --fqdnto specify the FQDN that will be reported to Satellite:- On Red Hat Enterprise Linux 8, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On Red Hat Enterprise Linux 6 or 7, enter the following command: - Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
 
3.5. Installing the Katello Agent
You can install the Katello agent to remotely update Satellite clients.
The Katello agent is deprecated and will be removed in a future Satellite version. Migrate your processes to use the remote execution feature to update clients remotely. For more information, see Migrating Hosts from Katello Agent to Remote Execution in Managing Hosts.
				The katello-agent package depends on the gofer package that provides the goferd service.
			
Prerequisites
- You have enabled the Satellite Client 6 repository on Satellite Server. For more information, see Enabling the Satellite Client 6 Repository in Installing Satellite Server in a Connected Network Environment.
- You have synchronized the Satellite Client 6 repository on Satellite Server. For more information, see Synchronizing the Satellite Client 6 Repository in Installing Satellite Server in a Connected Network Environment.
- You have enabled the Satellite Client 6 repository on the client.
Procedure
- Install the - katello-agentpackage:- yum install katello-agent - # yum install katello-agent- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Start the - goferdservice:- systemctl start goferd - # systemctl start goferd- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
3.6. Installing Tracer
Use this procedure to install Tracer on Red Hat Satellite and access Traces. Tracer displays a list of services and applications that are outdated and need to be restarted. Traces is the output generated by Tracer in the Satellite web UI.
Prerequisites
- The host must be registered to Red Hat Satellite.
- The Red Hat Satellite Client 6 repository must be enabled and synchronized on Satellite Server, and enabled on the host.
Procedure
- On the content host, install the - katello-host-tools-tracerRPM package:- yum install katello-host-tools-tracer - # yum install katello-host-tools-tracer- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Enter the following command: - katello-tracer-upload - # katello-tracer-upload- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- In the Satellite web UI, navigate to Hosts > All hosts, then click the required host name.
- Click the Traces tab to view Traces. If it is not installed, an Enable Traces button initiates a remote execution job that installs the package.
3.7. Installing and Configuring Puppet Agent on a Host Manually
Install and configure the Puppet agent on a host manually.
Prerequisites
- The host must have a Puppet environment assigned to it.
- The Satellite Client 6 repository must be enabled and synchronized to Satellite Server, and enabled on the host. For more information, see Importing Content in Managing Content.
Procedure
- 
						Log in to the host as the rootuser.
- Install the Puppet agent package. - On hosts running Red Hat Enterprise Linux 8 and above: - dnf install puppet-agent - # dnf install puppet-agent- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- On hosts running Red Hat Enterprise Linux 7 and below: - yum install puppet-agent - # yum install puppet-agent- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
 
- Add the Puppet agent to - PATHin your current shell using the following script:- . /etc/profile.d/puppet-agent.sh - . /etc/profile.d/puppet-agent.sh- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Configure the Puppet agent. Set the - environmentparameter to the name of the Puppet environment to which the host belongs:- puppet config set server satellite.example.com --section agent puppet config set environment My_Puppet_Environment --section agent - # puppet config set server satellite.example.com --section agent # puppet config set environment My_Puppet_Environment --section agent- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Start the Puppet agent service: - puppet resource service puppet ensure=running enable=true - # puppet resource service puppet ensure=running enable=true- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Create a certificate for the host: - puppet ssl bootstrap - # puppet ssl bootstrap- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- In the Satellite web UI, navigate to Infrastructure > Capsules.
- From the list in the Actions column for the required Capsule Server, select Certificates.
- Click Sign to the right of the required host to sign the SSL certificate for the Puppet agent.
- On the host, run the Puppet agent again: - puppet ssl bootstrap - # puppet ssl bootstrap- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
Additional Resources
- For more information about Puppet, see Managing Configurations Using Puppet Integration in Red Hat Satellite.