Chapter 15. Provisioning Cloud Instances on Google Compute Engine

Red Hat Satellite can interact with Google Compute Engine (GCE), including creating new virtual machines and controlling their power management states. Only image-based provisioning is supported for creating GCE hosts.

Prerequisites

  • Synchronized content repositories for Red Hat Enterprise Linux. For more information, see Synchronizing Red Hat Repositories in the Content Management Guide.
  • An activation key for host registration. For more information, see Creating An Activation Key in the Content Management guide.
  • In your GCE project, configure a service account with the necessary IAM Compute role. For more information, see Compute Engine IAM roles in the GCE documentation.
  • In your GCE project-wise metadata, set the enable-oslogin to FALSE. For more information, see Enabling or disabling OS Login in the GCE documentation.
  • Optional: If you want to use Puppet with GCE hosts, navigate to Administer > Settings > Puppet and enable the Use UUID for certificates setting to configure Puppet to use consistent Puppet certificate IDs.
  • Based on your needs, associate a finish or user_data provisioning template with the operating system you want to use. For more information about provisioning templates, see Section 2.10, “Provisioning Templates”.

15.1. Adding a Google Compute Engine Connection to Satellite Server

Use this procedure to add Google Compute Engine (GCE) as a compute resource in Satellite.

Procedure

  1. In GCE, generate a service account key in JSON format and upload this file to the /usr/share/foreman/ directory on Satellite Server.
  2. On Satellite Server, change the owner for the service account key to the foreman user:

    # chown foreman /usr/share/foreman/gce_key.json
  3. Configure permissions for the service account key to ensure that the file is readable:

    # chmod 0600 /usr/share/foreman/gce_key.json
  4. Restore SELinux context for the service account key:

    # restorecon -vv /usr/share/foreman/gce_key.json
  5. In the Satellite web UI, navigate to Infrastructure > Compute Resources and click Create Compute Resource.
  6. In the Name field, enter a name for the compute resource.
  7. From the Provider list, select Google.
  8. Optional: In the Description field, enter a description for the resource.
  9. In the Google Project ID field, enter the project ID.
  10. In the Client Email field, enter the client email.
  11. In the Certificate Path field, enter the path to the service account key. For example, /usr/share/foreman/gce_key.json.
  12. Click Load Zones to populate the list of zones from your GCE environment.
  13. From the Zone list, select the GCE zone to use.
  14. Click Submit.

For CLI Users

  1. In GCE, generate a service account key in JSON format and upload this file to the /usr/share/foreman/ directory on Satellite Server.
  2. On Satellite Server, change the owner for the service account key to the foreman user:

    # chown foreman /usr/share/foreman/gce_key.json
  3. Configure permissions for the service account key to ensure that the file is readable:

    # chmod 0600 /usr/share/foreman/gce_key.json
  4. Restore SELinux context for the service account key:

    # restorecon -vv /usr/share/foreman/gce_key.json
  5. Use the hammer compute-resource create command to add a GCE compute resource to Satellite:

    # hammer compute-resource create --name 'gce_cr' \
    --provider 'gce' \
    --project 'gce_project_id' \
    --key-path 'gce_key.json' \
    --zone 'us-west1-b' \
    --email 'gce_email'

15.2. Adding Google Compute Engine Images to Satellite Server

To create hosts using image-based provisioning, you must add information about the image, such as access details and the image location, to your Satellite Server.

Procedure

  1. In the Satellite web UI, navigate to Infrastructure > Compute Resources and click the name of the Google Compute Engine connection.
  2. Click Create Image.
  3. In the Name field, enter a name for the image.
  4. From the Operating System list, select the image’s base operating system.
  5. From the Architecture list, select the operating system architecture.
  6. In the Username field, enter the SSH user name for image access. Specify a user other than root, because the root user cannot connect to a GCE instance using SSH keys. The username must begin with a letter and consist of lowercase letters and numbers.
  7. From the Image list, select an image from the Google Compute Engine compute resource.
  8. Optional: Select the User Data check box if the image supports user data input, such as cloud-init data.
  9. Click Submit to save the image details.

For CLI Users

  • Create the image with the hammer compute-resource image create command. With the --username option, specify a user other than root, because the root user cannot connect to a GCE instance using SSH keys. The username must begin with a letter and consist of lowercase letters and numbers.

    # hammer compute-resource image create \
    --name 'gce_image_name' \
    --compute-resource 'gce_cr' \
    --operatingsystem-id 1 \
    --architecture-id 1 \
    --uuid '3780108136525169178' \
    --username 'admin'

15.3. Adding Google Compute Engine Details to a Compute Profile

Use this procedure to add GCE hardware settings to a compute profile. When you create a host on GCE using this compute profile, these settings are automatically populated.

Procedure

  1. In the Satellite web UI, navigate to Infrastructure > Compute Profiles.
  2. In the Compute Profiles window, click the name of an existing compute profile, or click Create Compute Profile, enter a Name, and click Submit.
  3. Click the name of the GCE compute resource.
  4. From the Machine Type list, select the machine type to use for provisioning.
  5. From the Image list, select the image to use for provisioning.
  6. From the Network list, select the GCE network to use for provisioning.
  7. Optional: Select the Associate Ephemeral External IP check box to assign a dynamic ephemeral IP address that Satellite uses to communicate with the host. This public IP address changes when you reboot the host. If you need a permanent IP address, reserve a static public IP address on GCE and attach it to the host.
  8. In the Size (GB) field, enter the size of the storage to create on the host.
  9. Click Submit to save the compute profile.

For CLI Users

  1. Create a compute profile to use with the GCE compute resource:

    # hammer compute-profile create --name gce_profile
  2. Add GCE details to the compute profile.

    # hammer compute-profile values create --compute-profile gce_profile \
    --compute-resource 'gce_cr' \
    --volume "size_gb=20" \
    --compute-attributes "machine_type=f1-micro,associate_external_ip=true,network=default"

15.4. Creating Image-based Hosts on Google Compute Engine

In Satellite, you can use Google Compute Engine provisioning to create hosts from an existing image. The new host entry triggers the Google Compute Engine server to create the instance using the pre-existing image as a basis for the new volume.

Procedure

  1. In the Satellite web UI, navigate to Hosts > Create Host.
  2. In the Name field, enter a name for the host.
  3. Click the Organization and Location tabs to ensure that the provisioning context is automatically set to the current context.
  4. From the Host Group list, select the host group that you want to use to populate the form.
  5. From the Deploy on list, select the Google Compute Engine connection.
  6. From the Compute Profile list, select a profile to use to automatically populate virtual machine settings.
  7. Click the Interface tab and click Edit on the host’s interface.
  8. Verify that the fields are automatically populated, particularly the following items:

    • The Name from the Host tab becomes the DNS name.
    • The MAC address field is blank. Google Compute Engine assigns a MAC address to the host during provisioning.
    • Satellite Server automatically assigns an IP address for the new host.
    • The Domain field is populated with the required domain.
    • The Managed, Primary, and Provision options are automatically selected for the first interface on the host. If not, select them.
  9. Click the Operating System tab, and confirm that all fields automatically contain values.
  10. Click Resolve in Provisioning templates to check the new host can identify the right provisioning templates to use.
  11. Click the Virtual Machine tab and confirm that these settings are populated with details from the host group and compute profile. Modify these settings to suit your needs.
  12. Click the Parameters tab, and ensure that a parameter exists that provides an activation key. If not, add an activation key.
  13. Click Submit to save the host entry.

For CLI Users

  • Create the host with the hammer host create command and include --provision-method image. Replace the values in the following example with the appropriate values for your environment.

    # hammer host create \
    --name "GCE_VM" \
    --organization "Your_Organization" \
    --location "Your_Location" \
    --compute-resource gce_cr_name
    --compute-profile "gce_profile_name" \
    --provision-method 'image' \
    --image gce_image_name \
    --root-password "your_root_password" \
    --interface "type=interface,domain_id=1,managed=true,primary=true,provision=true" \
    --puppet-environment-id 1 \
    --puppet-ca-proxy-id 1 \
    --puppet-proxy-id 1 \
    --architecture x86_64 \
    --operatingsystem "operating_system_name"

For more information about additional host creation parameters for this compute resource, enter the hammer host create --help command.