Red Hat Training
A Red Hat training course is available for Red Hat Satellite
Chapter 12. Managing ISO Images and Files
Red Hat Satellite 6 has the ability to store ISO images, either from Red Hat’s Content Delivery Network or other sources. In addition, the Satellite Server provides a means to upload other files, such as virtual machine images, and publish them in repositories. This chapter provides some basic procedures to import ISOs images and other files.
12.1. Importing ISO Images from Red Hat
The Red Hat Content Delivery Network provides ISO images for certain products. The process for importing this content is similar to how we enable repositories for RPM content.
For Web UI Users
Navigate to Content > Red Hat Repositories. This displays a set of tabs for different content types. Select the ISOs tab. Scroll down to the image set you aim to use. For our example, select Red Hat Enterprise Linux Server > Red Hat Enterprise Linux 7 Server (ISOs) and select the image for Red Hat Enterprise Linux 7 Server ISOs x86_64 7.2.
Navigate to Content > Products and click on Red Hat Enterprise Linux Server. The repository screen for this product appears. This product now includes a repository for our ISO image set. Select this repository and click Sync Now.
You can also view the progress of the synchronization in the Web UI. Navigate to Content > Sync Status and expanding the Product/Repository tree (or click Expand All).
After a few minutes, the Satellite Server completes the import of all chosen images.
For CLI Users
Search the Red Hat Enterprise Linux Server product for file repositories:
# hammer repository-set list \ --product "Red Hat Enterprise Linux Server" \ --organization "ACME" | grep "file"
Enable the file repository for Red Hat Enterprise Linux 7.2 Server ISO:
# hammer repository-set enable \ --product "Red Hat Enterprise Linux Server" \ --name "Red Hat Enterprise Linux 7 Server (ISOs)" \ --releasever 7.2 \ --basearch x86_64 \ --organization "ACME"
Find and synchronize the repository in our product. In our example, the ID for our version of the repository is 40:
# hammer repository list \ --product "Red Hat Enterprise Linux Server" \ --organization "ACME" # hammer repository synchronize \ --name "Red Hat Enterprise Linux 7 Server ISOs x86_64 7.2" \ --product "Red Hat Enterprise Linux Server" \ --organization "ACME"
12.2. Importing Individual ISO Images and Files
This section provides a method to manually import ISO content and other files to the Satellite Server. For this example, we upload a file called bootdisk.iso to the Satellite Server. The process is similar to uploading custom Puppet modules:
- Create a custom product.
- Add a repository for files to the product.
- Select a file to upload to the repository.
For Web UI Users
Navigate to Content > Products and click New Product. A form for a new Product appears. Enter the following details:
-
Name - The plain text name for the product. Enter
Custom ISOs. - Label - An internal ID for the product. Red Hat Satellite 6 automatically completes this field based on what you have entered for Name.
- GPG Key - The GPG Key for the entire product. Leave this blank.
-
Sync Plan - A synchronization plan for the product. We can attach this to our
Example Plan. -
Description - A plain text description of the product. Enter
Custom ISO collection.
Click Save.
After creating the custom product for our ISOs, the product’s repositories screen appears. Click Create Repository, which displays a form for a new repository. Enter the following details:
-
Name - A plain text name for the repository. Enter
Bootdisk. - Label - An internal ID for the repository. Red Hat Satellite 6 automatically completes this field based on what you have entered for Name.
-
Type - The type of repository. Select
file. A new set of fields appear. -
URL - The URL of the registry to use as a source. This is to synchronize other Satellite-generated repositories, which contain a
PULP_MANIFESTfile. For our example, leave this field blank.
Click Save. We return to the product’s repository screen with our new Bootdisk repository listed. Click on the Bootdisk repository.
Scroll to the Upload File section and click Browse. Select the ISO file (bootdisk.iso in our example) and click Upload. After a few seconds, the Satellite Server reports Content successfully uploaded.
Click on the Manage Puppet Modules page to manage and remove Puppet modules from a product.
For CLI Users
Create the custom product:
# hammer product create \ --name "Custom ISOs" \ --sync-plan "Example Plan" \ --description "Custom ISO collection" \ --organization "ACME"
Create the repository:
# hammer repository create \ --name "Bootdisk" \ --content-type "file" \ --product "Custom ISOs" \ --organization "ACME"
Upload the ISO file to the repository:
# hammer repository upload-content \ --path ~/bootdisk.iso \ --name "Bootdisk" \ --product "Custom ISOs" \ --organization "ACME"
Now we have a custom repository that contains an ISO image.
12.3. Importing the Red Hat OVAL Repository
Open Vulnerability and Assessment Language (OVAL) files contain information about public security content. Red Hat Satellite 6 uses OVAL files as part of its SCAP auditing process. Red Hat also provides a repository (https://www.redhat.com/security/data/oval/) that contains multiple OVAL files. The Satellite Server can synchronize this repository so that you have local access to files for SCAP auditing.
For Web UI Users
Navigate to Content > Products, and click New Product. A form for a new product appears. Enter the following details:
-
Name - The plain text name for the product. Enter
OVAL Files. - Label - An internal ID for the product. Red Hat Satellite 6 automatically completes this field based on the value you entered for Name.
- GPG Key - The GPG Key for the entire product. Leave this blank.
-
Sync Plan - A synchronization plan for the product. We can attach this to our
Example Plan. -
Description - A plain text description of the product. Enter
OVAL file collections.
Click Save.
After creating the custom product for our OVAL files, the product’s repositories screen appears. Click Create Repository, which displays a form for a new repository. Enter the following details:
-
Name - A plain text name for the repository. Enter
Red Hat OVAL Files. - Label - An internal ID for the repository. Red Hat Satellite 6 automatically completes this field based on the value you entered for Name.
-
Type - The type of repository. Select
file. A new set of fields appear. -
URL - The URL of the registry to use as a source. Enter
https://www.redhat.com/security/data/oval/. This repository contains aPULP_MANIFESTfile that the Satellite Server uses for synchronization.
Click Save. We return to the product’s repository screen with our new repository listed. Select this repository and click Sync Now.
For CLI Users
Create the custom OVAL product:
# hammer product create \ --name "OVAL Files" \ --sync-plan "Example Plan" \ --description "OVAL file collections" \ --organization "ACME"
Create the OVAL repository:
# hammer repository create \ --name "Red Hat OVAL Files" \ --content-type "file" \ --product "OVAL Files" \ --publish-via-http true \ --url https://www.redhat.com/security/data/oval/ \ --organization "ACME"
Then synchronize the OVAL repository:
# hammer repository synchronize \ --name "Red Hat OVAL Files" \ --product "OVAL Files" \ --organization "ACME"
Testing the Local Red Hat OVAL Repository
Once the OVAL content completes synchronization, you can perform a test evaluation with an OVAL file from the repository.
On a test Red Hat Enterprise Linux 7 system, install the openscap-scanner package, which contains the oscap tool:
# yum install openscap-scanner
Download a copy of the Red Hat Enterprise Linux 7 OVAL file from the Satellite Server.
# cd /tmp # wget http://satellite.example.com/pulp/isos/ACME-OVAL_Files-Red_Hat_OVAL_Files/Red_Hat_Enterprise_Linux_7.xml
Scan the test Red Hat Enterprise Linux 7 machine for vulnerabilities with the oscap tool:
# oscap oval eval \ --results results.xml \ --report report.html ./Red_Hat_Enterprise_Linux_7.xml
This performs the evaluation and generates an OVAL report with information on whether each definition is compliant or not.
12.4. Chapter Summary
This chapter provided a basic overview of managing ISOs and file content in Red Hat Satellite 6.
The next chapter examines completing the content management process.
