Chapter 2. Configuring Provisioning Resources

2.1. Provisioning Contexts

A provisioning context is the combination of an organization and location that you specify for Satellite components. The organization and location that a component belongs to sets the ownership and access for that component.

Organizations divide Red Hat Satellite 6 components into logical groups based on ownership, purpose, content, security level, and other divisions. You can create and manage multiple organizations through Red Hat Satellite 6 and assign components to each individual organization. This ensures the Satellite Server provisions hosts within a certain organization and only uses components that are assigned to that organization. For more information about organizations, see Managing Organizations in the Content Management Guide.

Locations function similar to organizations. The difference is that locations are based on physical or geographical setting. Users can nest locations in a hierarchy. For more information about locations, see Managing Locations in the Content Management Guide.

2.2. Setting the Provisioning Context

When you set a provisioning context, you define which organization and location to use for provisioning hosts.

The organization and location menus are located in the menu bar, on the upper left of the Satellite web UI. If you have not selected an organization and location to use, the menu displays: Any Organization and Any Location.

Procedure

  1. Click Any Organization and select the organization.
  2. Click Any Location and select the location to use.

Each user can set their default provisioning context in their account settings. Click the user name in the upper right of the Satellite web UI and select My account to edit your user account settings.

For CLI Users

  • When using the CLI, include either --organization or --organization-label and --location or --location-id as an option. For example:

    # hammer host list --organization "Default_Organization" --location "Default_Location"

    This command outputs hosts allocated for the Default_Organization and Default_Location.

2.3. Creating Operating Systems

An operating system is a collection of resources that define how Satellite Server installs a base operating system on a host. Operating system entries combine previously defined resources, such as installation media, partition tables, provisioning templates, and others.

Importing operating systems from Red Hat’s CDN creates new entries on the Hosts > Operating Systems page.

You can also add custom operating systems using the following procedure:

Procedure

  1. In the Satellite web UI, navigate to Hosts > Operating systems and click New Operating system.
  2. In the Name field, enter a name to represent the operating system entry.
  3. In the Major field, enter the number that corresponds to the major version of the operating system.
  4. In the Minor field, enter the number that corresponds to the minor version of the operating system.
  5. In the Description field, enter a description of the operating system.
  6. From the Family list, select the operating system’s family.
  7. From the Root Password Hash list, select the encoding method for the root password.
  8. From the Architectures list, select the architectures that the operating system uses.
  9. Click the Partition table tab and select the possible partition tables that apply to this operating system.
  10. Optional: if you use non-Red Hat content, click the Installation media tab and select the installation media that apply to this operating system. For more information, see Section 2.8, “Adding Installation Media to Satellite”.
  11. Click the Templates tab and select a PXELinux template, a Provisioning template, and a Finish template for your operating system to use. You can select other templates, for example an iPXE template, if you plan to use iPXE for provisioning.
  12. Click Submit to save your provisioning template.

For CLI Users

  • Create the operating system using the hammer os create command:

    # hammer os create --name "MyOS" \
    --description "My_custom_operating_system" \
    --major 7 --minor 3 --family "Redhat" --architectures "x86_64" \
    --partition-tables "My_Partition" --media "Red_Hat" \
    --provisioning-templates "My_Provisioning_Template"

2.4. Updating the Details of Multiple Operating Systems

Use this procedure to update the details of multiple operating systems. This example shows you how to assign each operating system a partition table called Kickstart default, a configuration template called Kickstart default PXELinux, and a provisioning template called Kickstart Default.

Procedure

  1. On Satellite Server, run the following Bash script:

    PARTID=$(hammer --csv partition-table list | grep "Kickstart default," | cut -d, -f1)
    PXEID=$(hammer --csv template list --per-page=1000 | grep "Kickstart default PXELinux" | cut -d, -f1)
    SATID=$(hammer --csv template list --per-page=1000 | grep "provision" | grep ",Kickstart default" | cut -d, -f1)
    
    for i in $(hammer --no-headers --csv os list | awk -F, {'print $1'})
    do
       hammer partition-table add-operatingsystem --id="${PARTID}" --operatingsystem-id="${i}"
       hammer template add-operatingsystem --id="${PXEID}" --operatingsystem-id="${i}"
       hammer os set-default-template --id="${i}" --config-template-id=${PXEID}
       hammer os add-config-template --id="${i}" --config-template-id=${SATID}
       hammer os set-default-template --id="${i}" --config-template-id=${SATID}
    done
  2. Display information about the updated operating system to verify that the operating system is updated correctly:

    # hammer os info --id 1

2.5. Creating Architectures

An architecture in Satellite represents a logical grouping of hosts and operating systems. Architectures are created by Satellite automatically when hosts check in with Puppet. Basic i386 and x86_64 architectures are already preset in Satellite.

Use this procedure to create an architecture in Satellite.

Supported Architectures

Only Intel x86_64 architecture is supported for provisioning using PXE, Discovery, and boot disk. For more information, see the Red Hat Knowledgebase solution Supported architectures and provisioning scenarios in Satellite 6.

Procedure

  1. In the Satellite web UI, navigate to Hosts > Architectures and click Create Architecture.
  2. In the Name field, enter a name for the architecture.
  3. From the Operating Systems list, select an operating system. If none are available, you can create and assign them under Hosts > Operating Systems.
  4. Click Submit.

For CLI Users

  • Enter the hammer architecture create command to create an architecture. Specify its name and operating systems that include this architecture:

    # hammer architecture create --name "Architecture_Name" \
    --operatingsystems "os"

2.6. Creating Hardware Models

Use this procedure to create a hardware model in Satellite so that you can specify which hardware model a host uses.

Procedure

  1. In the Satellite web UI, navigate to Hosts > Hardware Models and click Create Model.
  2. In the Name field, enter a name for the hardware model.
  3. Optionally, in the Hardware Model and Vendor Class fields, you can enter corresponding information for your system.
  4. In the Info field, enter a description of the hardware model.
  5. Click Submit to save your hardware model.

For CLI Users

  • Create a hardware model using the hammer model create command. The only required parameter is --name. Optionally, enter the hardware model with the --hardware-model option, a vendor class with the --vendor-class option, and a description with the --info option:

    # hammer model create --name "model_name" --info "description" \
    --hardware-model "hardware_model" --vendor-class "vendor_class"

2.7. Using a Synced Kickstart Repository for a Host’s Operating System

Satellite contains a set of synchronized kickstart repositories that you use to install the provisioned host’s operating system. For more information about adding repositories, see Synchronizing Red Hat Repositories in the Content Management Guide.

Use this procedure to set up a kickstart repository.

Procedure

  1. Add the synchronized kickstart repository that you want to use to the existing Content View, or create a new Content View and add the kickstart repository.

    For Red Hat Enterprise Linux 8, ensure that you add both Red Hat Enterprise Linux 8 for x86_64 - AppStream Kickstart x86_64 8 and Red Hat Enterprise Linux 8 for x86_64 - BaseOS Kickstart x86_64 8 repositories.

    If you use a disconnected environment, you must import the Kickstart repositories from a Red Hat Enterprise Linux binary DVD. For more information, see Importing Kickstart Repositories in the Content Management Guide.

  2. Publish a new version of the Content View where the kickstart repository is added and promote it to a required lifecycle environment. For more information, see Managing Content Views in the Content Management Guide.
  3. When you create a host, in the Operating System tab, for Media Selection, select the Synced Content check box.

To view the kickstart tree, enter the following command:

# hammer medium list --organization "your_organization"

2.8. Adding Installation Media to Satellite

Installation media are sources of packages that Satellite Server uses to install a base operating system on a machine from an external repository. You can use this parameter to install third-party content. Red Hat content is delivered through repository syncing instead.

Installation media must be in the format of an operating system installation tree, and must be accessible to the machine hosting the installer through an HTTP URL. You can view installation media by navigating to Hosts > Installation Media menu.

By default, Satellite includes installation media for some official Linux distributions. Note that some of those installation media are targeted for a specific version of an operating system. For example CentOS mirror (7.x) must be used for CentOS 7 or earlier, and CentOS mirror (8.x) must be used for CentOS 8 or later.

If you want to improve download performance when using installation media to install operating systems on multiple host, you must modify the installation medium’s Path to point to the closest mirror or a local copy.

Procedure

  1. In the Satellite web UI, navigate to Hosts > Installation Media and click Create Medium.
  2. In the Name field, enter a name to represent the installation media entry.
  3. In the Path enter the URL or NFS share that contains the installation tree. You can use following variables in the path to represent multiple different system architectures and versions:

    • $arch - The system architecture.
    • $version - The operating system version.
    • $major - The operating system major version.
    • $minor - The operating system minor version.

      Example HTTP path:

      http://download.example.com/centos/$version/Server/$arch/os/

      Example NFS path:

      nfs://download.example.com:/centos/$version/Server/$arch/os/

      Synchronized content on Capsule Servers always uses an HTTP path. Capsule Server managed content does not support NFS paths.

  4. From the Operating system family list, select the distribution or family of the installation medium. For example, CentOS and Fedora are in the Red Hat family.
  5. Click the Organizations and Locations tabs, to change the provisioning context. Satellite Server adds the installation medium to the set provisioning context.
  6. Click Submit to save your installation medium.

For CLI Users

  • Create the installation medium using the hammer medium create command:

    # hammer medium create --name "CustomOS" --os-family "Redhat" \
    --path 'http://download.example.com/centos/$version/Server/$arch/os/' \
    --organizations "My_Organization" --locations "My_Location"

2.9. Creating Partition Tables

A partition table is a type of template that defines the way Satellite Server configures the disks available on a new host. A Partition table uses the same ERB syntax as provisioning templates. Red Hat Satellite contains a set of default partition tables to use, including a Kickstart default. You can also edit partition table entries to configure the preferred partitioning scheme, or create a partition table entry and add it to the operating system entry.

Procedure

  1. In the Satellite web UI, navigate to Hosts > Partition Tables and click Create Partition Table.
  2. In the Name field, enter a name for the partition table.
  3. Select the Default check box if you want to set the template to automatically associate with new organizations or locations.
  4. Select the Snippet check box if you want to identify the template as a reusable snippet for other partition tables.
  5. From the Operating System Family list, select the distribution or family of the partitioning layout. For example, Red Hat Enterprise Linux, CentOS, and Fedora are in the Red Hat family.
  6. In the Template editor field, enter the layout for the disk partition. For example:

    zerombr
    clearpart --all --initlabel
    autopart

    You can also use the Template file browser to upload a template file.

    The format of the layout must match that for the intended operating system. For example, Red Hat Enterprise Linux 7.2 requires a layout that matches a kickstart file.

  7. In the Audit Comment field, add a summary of changes to the partition layout.
  8. Click the Organizations and Locations tabs to add any other provisioning contexts that you want to associate with the partition table. Satellite adds the partition table to the current provisioning context.
  9. Click Submit to save your partition table.

For CLI Users

  1. Before you create a partition table with the CLI, create a plain text file that contains the partition layout. This example uses the ~/my-partition file.
  2. Create the installation medium using the hammer partition-table create command:

    # hammer partition-table create --name "My Partition" --snippet false \
    --os-family Redhat --file ~/my-partition --organizations "My_Organization" \
    --locations "My_Location"

2.10. Dynamic Partition Example

Using an Anaconda kickstart template, the following section instructs Anaconda to erase the whole disk, automatically partition, enlarge one partition to maximum size, and then proceed to the next sequence of events in the provisioning process:

zerombr
clearpart --all --initlabel
autopart <%= host_param('autopart_options') %>

Dynamic partitioning is executed by the installation program. Therefore, you can write your own rules to specify how you want to partition disks according to runtime information from the node, for example, disk sizes, number of drives, vendor, or manufacturer.

If you want to provision servers and use dynamic partitioning, add the following example as a template. When the #Dynamic entry is included, the content of the template loads into a %pre shell scriplet and creates a /tmp/diskpart.cfg that is then included into the Kickstart partitioning section.

#Dynamic (do not remove this line)

MEMORY=$((`grep MemTotal: /proc/meminfo | sed 's/^MemTotal: *//'|sed 's/ .*//'` / 1024))
if [ "$MEMORY" -lt 2048 ]; then
    SWAP_MEMORY=$(($MEMORY * 2))
elif [ "$MEMORY" -lt 8192 ]; then
    SWAP_MEMORY=$MEMORY
elif [ "$MEMORY" -lt 65536 ]; then
    SWAP_MEMORY=$(($MEMORY / 2))
else
    SWAP_MEMORY=32768
fi

cat <<EOF > /tmp/diskpart.cfg
zerombr yes
clearpart --all --initlabel
part /boot --fstype ext4 --size 200 --asprimary
part swap --size "$SWAP_MEMORY"
part / --fstype ext4 --size 1024 --grow
EOF

2.11. Provisioning Templates

A provisioning template defines the way Satellite Server installs an operating system on a host.

Red Hat Satellite includes many template examples. In the Satellite web UI, navigate to Hosts > Provisioning templates to view them. You can create a template or clone a template and edit the clone. For help with templates, navigate to Hosts > Provisioning templates > Create Template > Help.

Templates accept the Embedded Ruby (ERB) syntax. For more information, see Template Writing Reference in Managing Hosts.

You can download provisioning templates. Before you can download the template, you must create a debug certificate. For more information, see Creating an Organization Debug Certificate in the Content Management Guide.

You can synchronize templates between Satellite Server and a Git repository or a local directory. For more information, see Synchronizing Templates Repositories in the Managing Hosts guide.

To view the history of changes applied to a template, navigate to Hosts > Provisioning templates, select one of the templates, and click History. Click Revert to override the content with the previous version. You can also revert to an earlier change. Click Show Diff to see information about a specific change:

  • The Template Diff tab displays changes in the body of a provisioning template.
  • The Details tab displays changes in the template description.
  • The History tab displays the user who made a change to the template and date of the change.

2.12. Types of Provisioning Templates

There are various types of provisioning templates:

Provision
The main template for the provisioning process. For example, a kickstart template. For more information about kickstart template syntax, see the Kickstart Syntax Reference in the Red Hat Enterprise Linux 7 Installation Guide.
PXELinux, PXEGrub, PXEGrub2
PXE-based templates that deploy to the template Capsule associated with a subnet to ensure that the host uses the installer with the correct kernel options. For BIOS provisioning, select PXELinux template. For UEFI provisioning, select PXEGrub2.
Finish

Post-configuration scripts to execute using an SSH connection when the main provisioning process completes. You can use Finishing templates only for imaged-based provisioning in virtual or cloud environments that do not support user_data. Do not confuse an image with a foreman discovery ISO, which is sometimes called a Foreman discovery image. An image in this context is an install image in a virtualized environment for easy deployment.

When a finish script successfully exits with the return code 0, Red Hat Satellite treats the code as a success and the host exits the build mode. Note that there are a few finish scripts with a build mode that uses a call back HTTP call. These scripts are not used for image-based provisioning, but for post configuration of operating-system installations such as Debian, Ubuntu, and BSD.

user_data

Post-configuration scripts for providers that accept custom data, also known as seed data. You can use the user_data template to provision virtual machines in cloud or virtualised environments only. This template does not require Satellite to be able to reach the host; the cloud or virtualization platform is responsible for delivering the data to the image.

Ensure that the image that you want to provision has the software to read the data installed and set to start during boot. For example, cloud-init, which expects YAML input, or ignition, which expects JSON input.

cloud_init

Some environments, such as VMWare, either do not support custom data or have their own data format that limits what can be done during customization. In this case, you can configure a cloud-init client with the foreman plug-in, which attempts to download the template directly from Satellite over HTTP or HTTPS. This technique can be used in any environment, preferably virtualized.

Ensure that you meet the following requirements to use the cloud_init template:

  • Ensure that the image that you want to provision has the software to read the data installed and set to start during boot.
  • A provisioned host is able to reach Satellite from the IP address that matches the host’s provisioning interface IP.

    Note that cloud-init does not work behind NAT.

Bootdisk
Templates for PXE-less boot methods.
Kernel Execution (kexec)

Kernel execution templates for PXE-less boot methods.

Note

Kernel Execution is a Technology Preview feature. Technology Preview features are not fully supported under Red Hat Subscription Service Level Agreements (SLAs), may not be functionally complete, and are not intended for production use. However, these features provide early access to upcoming product innovations, enabling customers to test functionality and provide feedback during the development process.

Script
An arbitrary script not used by default but useful for custom tasks.
ZTP
Zero Touch Provisioning templates.
POAP
PowerOn Auto Provisioning templates.
iPXE
Templates for iPXE or gPXE environments to use instead of PXELinux.

2.13. Creating Provisioning Templates

A provisioning template defines the way Satellite Server installs an operating system on a host. Use this procedure to create a new provisioning template.

Procedure

  1. In the Satellite web UI, navigate to Hosts > Provisioning Templates and click Create Template.
  2. In the Name field, enter a name for the provisioning template.
  3. Fill in the rest of the fields as required. The Help tab provides information about the template syntax and details the available functions, variables, and methods that can be called on different types of objects within the template.

For CLI Users

  1. Before you create a template with the CLI, create a plain text file that contains the template. This example uses the ~/my-template file.
  2. Create the template using the hammer template create command and specify the type with the --type option:

    # hammer template create --name "My Provisioning Template" \
    --file ~/my-template --type provision --organizations "My_Organization" \
    --locations "My_Location"

2.14. Cloning Provisioning Templates

A provisioning template defines the way Satellite Server installs an operating system on a host. Use this procedure to clone a template and add your updates to the clone.

Procedure

  1. In the Satellite web UI, navigate to Hosts > Provisioning Templates and search for the template that you want to use.
  2. Click Clone to duplicate the template.
  3. In the Name field, enter a name for the provisioning template.
  4. Select the Default check box to set the template to associate automatically with new organizations or locations.
  5. In the Template editor field, enter the body of the provisioning template. You can also use the Template file browser to upload a template file.
  6. In the Audit Comment field, enter a summary of changes to the provisioning template for auditing purposes.
  7. Click the Type tab and if your template is a snippet, select the Snippet check box. A snippet is not a standalone provisioning template, but a part of a provisioning template that can be inserted into other provisioning templates.
  8. From the Type list, select the type of the template. For example, Provisioning template.
  9. Click the Association tab and from the Applicable Operating Systems list, select the names of the operating systems that you want to associate with the provisioning template.
  10. Optionally, click Add combination and select a host group from the Host Group list or an environment from the Environment list to associate provisioning template with the host groups and environments.
  11. Click the Organizations and Locations tabs to add any additional contexts to the template.
  12. Click Submit to save your provisioning template.

2.15. Creating Compute Profiles

You can use compute profiles to predefine virtual machine hardware details such as CPUs, memory, and storage. A default installation of Red Hat Satellite contains three predefined profiles:

  • 1-Small
  • 2-Medium
  • 3-Large

Procedure

  1. In the Satellite web UI, navigate to Infrastructure > Compute Profiles and click Create Compute Profile.
  2. In the Name field, enter a name for the profile.
  3. Click Submit. A new window opens with the name of the compute profile.
  4. In the new window, click the name of each compute resource and edit the attributes you want to set for this compute profile.

For CLI Users

The compute profile CLI commands are not yet implemented in Red Hat Satellite 6.9.

2.16. Setting a Default Encrypted Root Password for Hosts

If you do not want to set a plain text default root password for the hosts that you provision, you can use a default encrypted password.

Procedure

  1. Generate an encrypted password:

    # python -c 'import crypt,getpass;pw=getpass.getpass(); print(crypt.crypt(pw)) if (pw==getpass.getpass("Confirm: ")) else exit()'
  2. Copy the password for later use.
  3. In the Satellite web UI, navigate to Administer > Settings.
  4. On the Settings page, select the Provisioning tab.
  5. In the Name column, navigate to Root password, and click Click to edit.
  6. Paste the encrypted password, and click Save.

2.17. Using noVNC to Access Virtual Machines

You can use your browser to access the VNC console of VMs created by Satellite.

Satellite supports using noVNC on the following virtualization platforms:

  • VMware
  • Libvirt
  • Red Hat Virtualization

Prerequisites

  • You must have a virtual machine created by Satellite.
  • For existing virtual machines, ensure that the Display type in the Compute Resource settings is VNC.
  • You must import the Katello root CA certificate into your Satellite Server. Adding a security exception in the browser is not enough for using noVNC. For more information, see the Installing the Katello Root CA Certificate section in the Administering Red Hat Satellite guide.

Procedure

  1. On the VM host system, configure the firewall to allow VNC service on ports 5900 to 5930:

    • On Red Hat Enterprise Linux 6:

      # iptables -A INPUT -p tcp --dport 5900:5930 -j ACCEPT
      # service iptables save
    • On Red Hat Enterprise Linux 7:

      # firewall-cmd --add-port=5900-5930/tcp
      # firewall-cmd --add-port=5900-5930/tcp --permanent
  2. In the Satellite web UI, navigate to Infrastructure > Compute Resources and select the name of a compute resource.
  3. In the Virtual Machines tab, select the name of a VM host. Ensure the machine is powered on and then select Console.