Introduction to Red Hat Subscription Management Workflows
to better understand and manage subscriptions for an IT infrastructure
1. Introduction to Subscription Management
1.1. The Goals of Subscription Management
- Maintain regulatory compliance by tracking software attached subscriptions and expiration periods.
- Simplify IT audits.
- Be more effective at assigning subscriptions by clarifying the relationships between subscriptions and systems.
- Lower costs and streamline procurement. While under-subscribing systems can run afoul of regulations, over-subscribing systems can cause a significant impact on IT budgets.
- Access to support services
- Content delivery and hosted repositories
- Access to knowledgebases, forums, videos, and other resources
1.2. Subscriptions: The Relationship Between Systems, Software, and Support
- A company (account) buys a subscription to a product. The subscription defines a number of times it can be used (the quantity), the support level, the content repositories, and the period that it is good for.
- A system is added, or registered, to the inventory for the subscription service. This means that the subscription service can manage the server and attach subscriptions to it.The subscription service collects certain facts about the system, including its hardware and installed products, which it uses to help determine what subscriptions the system requires.
- A subscription is assigned or attached to a system.
- The system downloads software packages and updates from the content delivery network for as long as the subscription is active.
Figure 1. The Structure of the Subscription Service
- An identity certificate for the system; this is used by the system to authenticate to the subscription service periodically to check for updates.This is created when the system is registered.
- A product certificate for each product installed on the system. Each product in Red Hat has an identifying certificate (but this is not unique to the system).This is installed on the system as part of installing the product.
- A subscription certificate for each subscription attached to the system. This includes information about the subscription from the inventory.This is installed on the system when a subscription is attached to the system.
yum. Conversely, having a product installed does not mean that the appropriate subscriptions have been attached to the system. A system does not require a valid certificate to install a product.
- For regulatory compliance and IT audits, Red Hat offers two account-wide views into systems and subscription associations: the utilization views in the Customer Portal and the reporting and dashboards in subscription management applications such as Subscription Asset Manager
- For better effectiveness at assigning subscriptions, system tools allow systems to have all relevant, compatible subscriptions automatically assigned (attached) to the system based on what products are installed — or for administrators to select and manually attach subscriptions (Viewing Reports and Notifications). Tools list both available subscriptions and the quantities still available for those subscriptions, so that the right subscription can be attached and the right number of subscriptions are used.
- For better purchasing strategies, subscription management tools help simultaneously track oversubscribing (using the same subscription on too many systems), undersubscribing (not having enough subscriptions for the installed products on a system), and subscription expirations.For details, see Viewing Reports and Notifications.Having a time-based picture on subscriptions — not only what is covered but how long it is covered — helps administrators control identify when to purchase new subscriptions, so subscriptions are not purchased too early or too late.
1.3. About Relationships Between Subscriptions and Systems
1.3.1. Interactions with Subscriptions, Products, and Systems
- Associate a single quantity of a product with a single system (which is the most common relationship).
- Restrict one product so that it cannot be installed on the same system as a specific, different product.
- Keep a system on a consistent service level. Each subscription includes a definition for what service level (e.g., standard or premium) the product has. Subscription clients first try to assign subscriptions of the same service level (and this can be enforced) so that the system has consistent support levels.
- Allow virtual guests to inherit some subscriptions from their host.
- Allow some hosts to have unlimited guests for a data center deployment.
- Allow a single “subscription” to be broken across multiple systems. This works in something like Red Hat Cloud Infrastructure, where a single purchase actually covers four products — Red Hat Enterprise Linux, Red Hat OpenStack, Red Hat Virtualization, and Satellite 6 Management Engine — and those products each have their own subscription which can be used on different systems to create the stack.
- Stack or combine subscriptions of the same type to cover a system.
1.3.2. Counting Subscriptions
- Multiple products with a single subscription (Red Hat Cloud Infrastructure)
- Inheritable subscriptions
- Data center subscriptions, which allow unlimited virtual guests (and only the host requires a specific subscription)
1.4. Subscription Terms
- The primary, top-level account for a company. This is the entity that is used within the Customer Portal to define the company and it is where all user and subscription information originates.
- Assigning a subscription to a system.
- A setting on the local system (or an option with the Subscription Manager tools) that perodically checks for new subscriptions, changing subscription statuses for products, and then automatically assigns new subscriptions to cover the changes. The subscriptions are selected based on the best fit for the system architecture and hardware, installed product, and defined preferences.
- A specific file based on the X.509 certificate standard that is used for SSL communication and within a public key infrastructure. This is used to identify elements within Red Hat Subscription Management including identities (systems), installed products, and consumed subscriptions.
- An entity registered with a subscription management application. An identity usually correlates to a system, but it can also be a hypervisor, domain, an organization within a management application, or other servers such as RHUI and Satellite.
- An element within a system that is covered by a subscription. For physical systems, an instance is most commonly a socket pair. For virtual environments, an instance is a single virtual guest.
- The list of systems, hypervisors, applications, and other entities registered with a subscription application. The inventory also contains a list of available and used subscriptions for the organization.
- A subdivision in an on-premise application such as Subscription Asset Manager. An organization has its own system inventory and a subset of subscriptions (defined in a manifest). This is a way to define a subscription structure that reflects the IT environment. An organization can be aligned with a physical location or an organizational division in a company.
- The complete set of subscriptions and quantities allocated to an organization or account.
- A defined criterion used by autoattach operations to select subscriptions. Preferences are set on the local system, but they actually define attributes within the potential subscriptions that should be evaluated for autoattach. There are two preferences: the service level for the subscription and the operating system minor release (the X.Y version, such as 5.10 or 6.5).
- The number of subscriptions used to cover a product or system. A subscription covers a set amount of attributes, such as the number of sockets on a physical system. Multiple subscriptions may be required to cover a given system, based on its hardware and configuration.
- To add a system or other entity (such as an organization or hypervisor) to the subscription management inventory.
- Combining multiple subscriptions to cover a product or system. There are rules applied to what subscriptions can be stacked. For example, only subscriptions of the same service level can be stacked. Also, some subscriptions may restrict what products can be installed with it, so some subscriptions may not be available to some systems.
- The cumulative state for a system of all of the installed products and associated valid subscriptions. If all installed products have active subscriptions, the status is valid (green). If some products lack subscriptions or do not have enough quantities of subscriptions to cover its configuration, the status is insufficient (yellow). If a product or system has no subscriptions, the status is invalid (red).
- A definition of the products that are available, the support levels, the quantities (or number) of servers that the product can be installed on, architectures that the product is available for, content repositories which supply the product, and other information related to the products.
- subscription management application
- The backend server which interacts with the individual systems by creating an inventory of systems. It also keeps the inventory of subscriptions, including contracts, quantities, and expiration dates. When a new system is registered, when subscriptions are attached, or when products are installed, the subscription management service manages the changes and issues a corresponding certificate to the system to mark the change. The subscription management service also defines rules for products, such as hardware/architecture restrictions, to help with attaching subscriptions.
- Any entity — a physical or virtual machine — which is in the subscription service inventory and which can have subscriptions attached to it.
- A summary of the total number of subscriptions available to an organization, and the total number of subscriptions that are attached to Customer Portal Subscription Management, RHN Classic, and different subscription management applications.
1.5. RHN Classic, Satellite, and Channel Entitlements
- Use Satellite 5.6 and Subscription Asset Manager 1.3 for enhanced reporting.
- Migrate Red Hat Enterprise Linux 5 and 6 systems from the old subscription service to a new subscription service (Subscription Asset Manager or Customer Portal Subscription Management); this moves their registration, updates their attached subscriptions, and changes what client tools are used to manage the system from
- Consolidate channel entitlements and system entitlements into a single entitlement pool, which is more structurally similar to the new subscription model.
- Map channel entitlements to new product subscriptions.
- Correlate installed products on managed systems with corresponding subscriptions, based on their channel subscriptions.
- Display legacy systems and entitlements in the same style as modern subscription management, to make it easier to create cohesive audit reports.
- Provide unified views of subscriptions and products for legacy systems and systems registered with Red Hat Subscription Management.