Red Hat Network Subscription Management

Red Hat Customer Portal 1

for managing subscriptions


This guide provides a quick-start look into subscriptions and system management in the Red Hat Customer Portal.
Effective asset management requires a mechanism to handle the software inventory — both the type of products and the number of systems that the software is installed on. The subscription management service of Red Hat Network provides that mechanism and gives transparency into both global allocations of subscriptions for an entire account and specific subscriptions assigned to a single system.
This guide gives a quick view into using Customer Portal Subscription Management to manage your subscriptions and systems. For more information on the Red Hat Subscription Manager local tools and subscription concepts in general, see the Subscription Management Guide.

1. What We Mean by "Managing Subscriptions"

Many software companies base access to their products on licenses that are sold. At Red Hat, our software is already available under a GNU Public License v2, which allows general access to our source. Our products are available through subscriptions, which define services that we deliver (such as content delivery, updates, knowledgebase, and support levels) for these products. Our subscriptions are granted to individual servers and this entitles the server to receive support.
Red Hat Network Subscription Management establishes the relationship between the product subscriptions that you have available and the elements of your IT infrastructure where those subscriptions are allocated. Customer Portal Subscription Management is one means to manage systems in connection with subscriptions.
Customer Portal Subscription Management

Figure 1. Customer Portal Subscription Management

An IT administrator has to know what products he has available, where these product subscriptions are assigned, and what systems are being managed. For this, Red Hat has a subscription management service through Red Hat Network Subscription Management, which is managed locally (an individual system) or globally (all servers in the environment) through Red Hat Subscription Manager. The ultimate goal of subscription management is to allow administrators to see where their products are allocated within their infrastructure. There are several reasons for this:
  • First, to make sure that all of the products on your systems have valid and active subscriptions, so administrators can maintain compliance with any regulatory requirements (like PCI-DSS or SAS-70) and internal mandates.
  • Next, to help with procuring the right number and type of software products for the infrastructure. Over-subscribing a system or purchasing too many subscriptions for what your environment actually uses can cost your business money. Tracking used and available subscriptions and managing expirations and renewals more effectively can possibly lower your IT budget.
  • Last, subscription management makes it easier for you to know what products your systems need to access and to make sure they are assigned the right subscriptions.
Customer Portal Subscription Management is the web version of Red Hat Subscription Manager. It provides an organization-wide method to track the software products and subscriptions deployed across an account, such as what systems are being managed, the effective contract dates for subscriptions, and where subscriptions are attached. Customer Portal Subscription Management helps give a view into subscriptions and products in the infrastructure — it does not limit installations or provide proactive enforcement of installations.

1.1. The Subscription Process

Subscription management is a way of identifying and creating relationships between the systems in your IT environment and the software products that you have available through Red Hat.
Subscription management is the way of defining a relationship between the subscriptions that a company has, its local machines, and the products installed on those machines:
  1. An account buys a subscription to a product, which gives them access to Red Hat's Content Delivery Network, errata and patches, upgrades, and support.
    A subscription defines a quantity, meaning the number of systems that are allowed to have access to the product and all its support services because of that subscription.
  2. A server is added, or registered, to the inventory for the subscription management service. This means that the subscription service can manage the server and attach it subscriptions.
  3. A subscription is attached to a system, so that the system is entitled to support services and content for that product.
Customer Portal Subscription Management allows administrators to add and remove units (managed systems, domains, and other entities) to the inventory, and to attach subscriptions to those units. Local Red Hat Subscription Manager tools are available on Red Hat Enterprise Linux systems to manage that specific system by registering it and attaching or removing subscriptions. (Since the GUI and subscription-manager are limited to the local machine, they cannot be used to manage other systems in the inventory.)

1.2. Hosted Services and On-Premise Subscription Management Applications

The simplest way to attach subscriptions and deliver content is for local systems to connect directly to Red Hat's hosted network.
However, for large environments, highly-secure environments, and many other situations, that hosted arrangement is not feasible. Companies need a way to attach subscriptions and deliver software content locally.
In that case, an organization entry with an on-premise subscription management application organization is added to the inventory in Customer Portal Subscription Management. A block of subscriptions attached to that organization. The list of attached subscriptions is defined in a manifest which outlines all of the subscriptions, products, and content repositories for that organization (and, therefore, for all of the systems it manages). The subscription management application then directly manages all of the systems and units at its local site.
This has performance benefits by lowering bandwidth, and it offers significant management benefits to administrators by allowing local and flexible control over subscription management.

1.3. Red Hat Network and RHN Classic

Some of the processes with subscription management may sound familiar, and there is a reason — subscriptions could be assigned to systems in previous releases of Red Hat Network. In RHN Classic, access to subscriptions was based on access to channels, or content delivery streams. Customer Portal Subscription Management manages subscriptions by looking at the available and installed products for a system. This treats both subscriptions and systems as individual entities, rather than opaque blocks defined by access to channels.
Customer Portal Subscription Management provides transparency both into what products are installed on a system (when using local Red Hat Subscription Manager tools) and what subscriptions are available to a system. This helps IT administrators to maintain software inventories and to plan their infrastructures in a way that wasn't possible under the traditional channel-based system.


Customer Portal Subscription Management is certificate-based because each system is issued an X.509 certificate which identifies it to the subscription service and to the CDN (an identity certificate). When a new subscription is attached to a system, Customer Portal Subscription Management issues an X.509 entitlement certificate which contains the subscription information. When a product is installed, then Customer Portal Subscription Management issues an X.509 product certificate which identifies that unique product installation on that system.
Using certificates simplifies the process for managing individual subscriptions and products for a system while making the process more secure.
Customer Portal Subscription Management and RHN Classic are mutually exclusive. A system is either managed under one subscription management service or the other, not both, but these systems do "work together." If a system is registered with Customer Portal Subscription Management, then there won't be any errors registered in the legacy RHN Classic tools, and vice versa. Both services will recognize the subscriptions granted to the system.

1.4. Customer Portal Subscription Management and Access Control

Customer Portal Subscription Management is only available if a user has the appropriate user permissions on the Red Hat login. Otherwise, access to the Customer Portal Subscription Management area is restricted.
The user account must have the Customer Portal: Manage subscriptions permission. By default, all users are granted this permission, but it can be changed by administrators in the User Management area.
Subscription Management Permission

Figure 2. Subscription Management Permission