Red Hat SummitEste conteúdo não está disponível no idioma selecionado.
Chapter 5. Content access control for Satellite hosts
Satellite provides a robust set of strategies for controlling what content is accessible to your hosts. You can restrict content access by using core mechanisms, such as content views, lifecycle environments, and content overrides. You can use activation keys to apply these content access controls during host registration.
5.1. Content access strategies
To give hosts access to a specific subset of the content managed by Satellite, you can use the following strategies.
Red Hat recommends considering implementing the strategies in the order as listed here:
- Content views and lifecycle environments
Use content views and lifecycle environments, incorporating content view filters as needed.
For more information about content views, see Chapter 7, Managing content views.
For more information about lifecycle environments, see Chapter 6, Managing application lifecycles.
- Content overrides
By default, content hosted by Satellite can be either enabled or disabled. In custom products, repositories are always disabled by default, while Red Hat products can be either enabled or disabled by default depending on the specific repository. Enabling a repository gives the host access to the repository packages or other content, allowing hosts to download and install the available content.
If a repository is disabled, the host is not able to access the repository content. A content override provides you with the option to override the default enablement value of either Enabled or Disabled for any repository. You can add content overrides to hosts or activation keys.
For more information about adding content overrides to hosts, see Enabling and Disabling Repositories on Hosts in Managing hosts.
For more information about adding content overrides to activation keys, see Section 10.7, “Enabling and disabling repositories on activation key”.
- Content view environments
- Assign hosts to multiple content view environments to provide access to content from more than one content view. For more information about multiple content view environments, see Chapter 8, Managing content view environments.
- Composite content views
- You can use composite content views to combine and give hosts access to the content from multiple content views. For more information about composite content views, see Section 7.18, “Creating a composite content view by using Satellite web UI”.
- Architecture and operating system version restrictions
-
In custom products, you can set restrictions on the architecture and operating system versions for
yumrepositories on which the product will be available. For example, if you restrict a custom repository to Red Hat Enterprise Linux 9, it is only available on hosts running Red Hat Enterprise Linux 9. Architecture and operating system version restrictions hold the highest priority among all other strategies. They cannot be overridden or invalidated by content overrides, changes to content views, or changes to lifecycle environments. For this reason, Red Hat recommends considering the other strategies mentioned before that use architecture or operating system version restrictions. Red Hat repositories set architecture and operating system version restrictions automatically. - Release version
- Certain Red Hat repositories, such as the Red Hat Enterprise Linux dot release repositories, include a Release version in their repository metadata. The release version is then compared with the release version specified in the System purpose properties of the host. Access to content may be limited or restricted based on this comparison. For more information about setting system purpose attributes, see Editing the system purpose of a host in Managing hosts.
5.2. Conditions for content availability
A host can access a package or repository only when all of the following conditions are true.
- The repository is included in the content view environments of the host.
- The content view of the host has been published after the repository was added to it.
- The repository has not been filtered out by a content view filter.
- The repository is enabled by default or overridden to Enabled by using a content override.
- The repository has no architecture or operating system version restrictions or it has architecture or operating system version restrictions that match the host.
- For certain Red Hat repositories either no release version is set or the release version matches that of the host.
5.3. Activation keys and content access
Activation keys simplify the workflow for some of the content access strategies.
You can use activation keys to perform the following actions:
- Assign hosts to content view environments.
- Add content overrides to hosts.
- Set system purpose attributes on hosts, including a release version.
Activation keys only affect hosts during registration. If a host is already registered, you can change the content access individually for each host or through content host bulk actions.
Additional resources
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}