2.2. Running the Installation and Configuration Program

Now that the required packages have been downloaded, the installation and configuration program, katello-installer must be run to install the Satellite Server. There are two main methods to do so:

Manual Configuration - manually run the command and configuration options on the command-line interface (CLI).
Automatic Configuration - most of the installation and configuration process can be automated by using an answer file.

Both methods are supported and available in this chapter. Choosing one or the other would depend on your organization's requirements.

Other configuration options are also documented in this chapter to assist in installing the Satellite Server. For example, if there is an HTTP Proxy in the host system's network, or if the organization uses customized server certificates.

2.2.1. Configuring Red Hat Satellite Manually

Satellite Server has an automatic initial configuration that prepares the server for use. The katello-installer script supports the ability to override various default settings within the different components of Satellite Server. For example, for organizations that have an existing HTTP proxy, additional configuration options need to be passed to the Satellite Server installer. See Section 2.3, “Optional Configuration Options” for other configuration options that can be used based on your environment's requirements.

Procedure 2.2. To Run the Installer Script:

Run the following command as the root user to manually configure Red Hat Satellite:

# katello-installer --foreman-initial-organization "initial_organization_name" \
--foreman-initial-location "initial_location_name" \
--foreman-admin-username admin-username \
--foreman-admin-password admin-password

This script can be run multiple times without any issues.

Important

If you do not specify any of these values, the default values are used. Use the katello-installer --help command to display the available options and any default values.

When the configuration script has completed successfully, it displays output similar to the following:

# katello-installer
Installing             Done
   [100%] [........................................]
   Success!
   * Katello is running at https://satellite.example.com
       Default credentials are 'admin:changeme'
   * Capsule is running at https://satellite.example.com:9090
   * To install additional capsule on separate machine continue by running:

   capsule-certs-generate --capsule-fqdn "$CAPSULE" --certs-tar "~/$CAPSULE-certs.tar"

   The full log is at /var/log/katello-installer/katello-installer.log

After configuration, run the following commands to configure the firewall to limit elasticsearch to the foreman and root users and make these rules persistent during reboots:

On Red Hat Enterprise Linux 6, execute as root:

# iptables -A OUTPUT -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner \
foreman -j ACCEPT \
&& iptables -A OUTPUT -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner root -j ACCEPT \
&& iptables -A OUTPUT -o lo -p tcp -m tcp --dport 9200 -j DROP \
&& service iptables save

Make sure the iptables service is started and enabled:

# service iptables start
# chkconfig iptables on

On Red Hat Enterprise Linux 7, execute as root:

# firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner foreman -j ACCEPT \
&& firewall-cmd --direct --add-rule ipv6 filter OUTPUT 0 -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner foreman -j ACCEPT \
&& firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner root -j ACCEPT \
&& firewall-cmd --direct --add-rule ipv6 filter OUTPUT 0 -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner root -j ACCEPT \
&& firewall-cmd --direct --add-rule ipv4 filter OUTPUT 1 -o lo -p tcp -m tcp --dport 9200 -j DROP \
&& firewall-cmd --direct --add-rule ipv6 filter OUTPUT 1 -o lo -p tcp -m tcp --dport 9200 -j DROP \
&& firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner foreman -j ACCEPT \
&& firewall-cmd --permanent --direct --add-rule ipv6 filter OUTPUT 0 -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner foreman -j ACCEPT \
&& firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner root -j ACCEPT \
&& firewall-cmd --permanent --direct --add-rule ipv6 filter OUTPUT 0 -o lo -p tcp -m tcp --dport 9200 -m owner --uid-owner root -j ACCEPT \
&& firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 1 -o lo -p tcp -m tcp --dport 9200 -j DROP \
&& firewall-cmd --permanent --direct --add-rule ipv6 filter OUTPUT 1 -o lo -p tcp -m tcp --dport 9200 -j DROP

The Red Hat Satellite Server creates an initial organization and location called "Default Organization" and "Default Location", respectively. After the initial configuration, you can create additional organizations and locations. You can rename the default organization or location and you can delete the default organization, but you cannot delete the default location.

2.2.2. Configuring Red Hat Satellite with an Answer File

You can use answer files to automate installations with customized options. The initial answer file is sparsely populated. After you run katello-installer for the first time, the answer file is populated with the standard parameter values for installation.

The following procedure describes how to configure Red Hat Satellite Server with an answer file.

Procedure 2.3. To Configure and Use an Answer File for Installation:

Copy the default answer file located at /etc/katello-installer/answers.katello-installer.yaml to a location on your local file system:
```
# cp /etc/katello-installer/answers.katello-installer.yaml /etc/katello-installer/my-answer-file.yaml
```
Open your copy of the answer file, edit the values to suit your environment, and save the file.
Note
The parameters for each module are specified in the module's params.pp file. Run the following command to view available modules with parameter files:
```
# rpm -ql katello-installer-base | grep params.pp
```
Open the /etc/katello-installer/katello-installer.yaml file and edit the answer file entry to point to your custom answer file:
```
:answer_file: /etc/katello-installer/my-answer-file.yaml
```
Run the katello-installer command.
```
# katello-installer
```

Where did the comment section go?

Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

2.2. Running the Installation and Configuration Program

2.2.1. Configuring Red Hat Satellite Manually

2.2.2. Configuring Red Hat Satellite with an Answer File

Where did the comment section go?