第15章 Provisioning Cloud Instances on Google Compute Engine

Red Hat Satellite can interact with Google Compute Engine (GCE), including creating new virtual machines and controlling their power management states. Only image-based provisioning is supported for creating GCE hosts.

Prerequisites

  • Synchronized content repositories for Red Hat Enterprise Linux. For more information, see Synchronizing Red Hat Repositories in the Content Management Guide.
  • An activation key for host registration. For more information, see Creating An Activation Key in the Content Management guide.
  • In your GCE project, configure a service account with the necessary IAM Compute role. For more information, see Compute Engine IAM roles in the GCE documentation.
  • In your GCE project-wise metadata, set the enable-oslogin to FALSE. For more information, see Enabling or disabling OS Login in the GCE documentation.
  • Optional: If you want to use Puppet with GCE hosts, navigate to Administer > Settings > Puppet and enable the Use UUID for certificates setting to configure Puppet to use consistent Puppet certificate IDs.
  • Based on your needs, associate a finish or user_data provisioning template with the operating system you want to use. For more information about provisioning templates, see 「Provisioning Templates」.

Procedure Overview

  1. 「Adding a Google Compute Engine Connection to Satellite Server」.
  2. 「Adding Google Compute Engine Images to Satellite Server」.
  3. 「Adding Google Compute Engine Details to a Compute Profile」.
  4. 「Creating Image-based Hosts on Google Compute Engine」.

15.1. Adding a Google Compute Engine Connection to Satellite Server

Use this procedure to add Google Compute Engine (GCE) as a compute resource in Satellite.

Procedure

  1. In GCE, generate a service account key in JSON format and upload this file to the /usr/share/foreman/ directory on Satellite Server.

  2. On Satellite Server, change the owner for the service account key to the foreman user: 

    # chown foreman /usr/share/foreman/gce_key.json

  3. Configure permissions for the service account key to ensure that the file is readable: 

    # chmod 0600 /usr/share/foreman/gce_key.json

  4. Restore SELinux context for the service account key: 

    # restorecon -vv /usr/share/foreman/gce_key.json
  5. In the Satellite web UI, navigate to Infrastructure > Compute Resources and click Create Compute Resource.
  6. In the Name field, enter a name for the compute resource.
  7. From the Provider list, select Google.
  8. Optional: In the Description field, enter a description for the resource.
  9. In the Google Project ID field, enter the project ID.
  10. In the Client Email field, enter the client email.
  11. In the Certificate Path field, enter the path to the service account key. For example, /usr/share/foreman/gce_key.json.
  12. Click Load Zones to populate the list of zones from your GCE environment.
  13. From the Zone list, select the GCE zone to use.
  14. Click Submit.

For CLI Users

  1. In GCE, generate a service account key in JSON format and upload this file to the /usr/share/foreman/ directory on Satellite Server.

  2. On Satellite Server, change the owner for the service account key to the foreman user: 

    # chown foreman /usr/share/foreman/gce_key.json

  3. Configure permissions for the service account key to ensure that the file is readable: 

    # chmod 0600 /usr/share/foreman/gce_key.json

  4. Restore SELinux context for the service account key: 

    # restorecon -vv /usr/share/foreman/gce_key.json

  5. Use the hammer compute-resource create command to add a GCE compute resource to Satellite: 

    # hammer compute-resource create --name 'gce_cr' \
--provider 'gce' \
--project 'gce_project_id' \
--key-path 'gce_key.json' \
--zone 'us-west1-b' \
--email 'gce_email'