2.4. Additional Examples of the Configuration Script

Subscription Asset Manager is configured automatically using the katello-configure script. This creates the associated subscription service databases, a default administrative user, and default server settings. Any of these deployment settings can be altered by invoking the appropriate arguments in the configuration script.
All of the default values for the configuration are defined in a configuration file, /usr/share/katello/install/default-answer-file. All of the attributes in the file can be passed when the katello-configure script to allow more relevant values to be set.

Note

The complete list of parameters for the configuration script are covered in the katello-configure help output and man page.
These examples show some common areas that administrators may want to define. It is also possible to set up proxy servers to use with Subscription Asset Manager, change the Subscription Asset Manager server database information, and the subscription database information.

Example 2.1. Setting the Org and Deployment Type

There are two parameters that are required from a logical perspective, even if they have functional default values. These are the deployment type and the organization name.
Subscription Asset Manager is comprised of different components, including a subscription service (candlepin), a web UI (headpin), and APIs that allow communication between components (katello). Additionally, Subscription Asset Manager is itself a component of Satellite 6. Therefore, the configuration script can configure individual parts of Subscription Asset Manager or a full Subscription Asset Manager server.
In real-world deployments, only the sam option should ever be used, but this option must be explicitly stated (otherwise, it is set to katello). 
[root@server ~]# katello-configure --deployment=sam --user-pass=admin
Additionally, the initial Subscription Asset Manager configuration must define an organization; one organization is always required. The organization is an artificial construct that allows administrators to order and categorize systems within their infrastructure according to environment and content streams. An organization can be named anything, but it is generally useful to give meaningful names to organizations. The default organization name is ACME_Corporation; using the --org option overwrites the default to something more relevant. 
[root@server ~]# katello-configure --deployment=samm --user-pass=admin --org=QA_Lab_West_Datacenter

Example 2.2. Creating an Admin User

An initial administrative user is created as part of the Subscription Asset Manager configuration. This user has the username admin and the password admin.
Most administrators will want to reset those values to something more secure. This can be done using the --user-name and --user-pass options. (There is one other configuration option for the admin user, to set that user's email address.)
For example: 
[root@server ~]# katello-configure --deployment=sam --user-name=samadmin --user-pass=secret --user-email=admin@example.com

Example 2.3. Setting up LDAP Authentication

By default, Subscription Asset Manager maintains a database of its own configuration entries, including user entries. That database is used when processing user authentication requests. However, in many environments, there is already a comprehensive configuration of users and roles in an LDAP directory; optionally, this LDAP directory can be used for Subscription Asset Manager authentication requests instead of its local database.
As covered in Section 3.5.2.2, “Enabling LDAP Authentication”, the LDAP configuration is done in two parts. One file sets the authentication method and tells Subscription Asset Manager to use it both for users and for roles (katello.yml) and the other file sets the connection information for the LDAP directory (ldap_fluff.yml).
Configuration for both files can be passed at the time that Subscription Asset Manager is configured. The full list of LDAP attributes is covered in the Subscription Asset Manager man page and help output. This example shows the required settings for a POSIX LDAP directory such as Red Hat Directory Server or OpenLDAP. It is also possible to configure Subscription Asset Manager to use Microsoft Active Directory and Red Hat Identity Management. 
[root@server ~]# katello-configure --deployment=sam --user-pass=admin --auth-method=ldap --ldap-roles=true --ldap-server=ldap.example.com --ldap-port=389 --ldap-server-type=":posix" --ldap-encryption=start_tls --ldap-users-basednou=People,dc=example,dc=com --ldap-groups-basedn="ou=Groups,dc=example,dc=com" --ldap-anon-queries=true

Example 2.4. Using an Answer File

Instead of passing the command parameters inline, it is possible to specify them in an answer file, which can then be passed with the script. This can allow an administrator to use kickstart or other automated provisioning systems and pass machine- or environment-specific information cleanly.
A default answer file is available at /usr/share/katello/install/default-answer-file. This can be copied to create your specific answer file.
The file itself contains a list of the arguments and default values; simply edit the desired lines to set the appropriate values for the environment. 
# Path of the answer file.
answer-file =

# Katello administrative user (default: admin)
user-name = samadmin

# Katello user's password (default: admin)
user-pass = admin

# Katello user's email (default: root@localhost)
user-email = admin@example.com

# Katello initial Organization (default: ACME_Corporation)
org-name = Example_Org

....
# Deployment type (one of "katello", "headpin", "cfse", "sam")
deployment = sam

....
Then use the edited file with the katello-configure command, using the --answer-file argument. For example, if the file is sam-config-file in the /tmp directory: 
[root@server ~]# katello-configure --answer-file=/tmp/sam-config-file
No --deployment option is needed because it was set to sam in the answer file.