Install Foreman Katello Patch Management on CentOS 7

Creating Sync Plan

Right after creating the repositories let us create a sync plan to download the contents periodically every day or weekly or monthly.

Content –> Sync Plan –> Create Sync Plan

The sync plan we created is daily at 4 PM. Click save to create the Sync plan. Once created with Daily Sync plan click on Products Tab and add the listed product.

Sync Plans –> Daily Sync –> Products –> Add —> Select the products and click “Add selected”.

Syncing the Contents

To sync the content navigate to Content –> Sync Status –> Select All –> Click the “Synchronize Now”.

To check the status from the command line run

[root@foreman ~]# hammer product list  --name "CentOS 7 Linux x86_64" --organization-id 1
---|-----------------------|-------------------------------|----------------------|--------------|-----------
ID | NAME                  | DESCRIPTION                   | ORGANIZATION         | REPOSITORIES | SYNC STATE
---|-----------------------|-------------------------------|----------------------|--------------|-----------
1  | CentOS 7 Linux x86_64 | Repository for CentOS 7 Linux | Default Organization | 5            | Running   
---|-----------------------|-------------------------------|----------------------|--------------|-----------
[root@foreman ~]#

Once the sync completed it will look similar to below.

Creating a LifeCycle Environment

The LifeCycle environment helps us to provide the required stages. For example,

  • A set of packages needs to be used in a development machine. The same packages need to be used under production once your developer completed his work. So what we will do is move the content from dev stage to production by promoting it to production.
  • In other cases, Maybe your development team need separate content and your production required a separate set of content. It’s too possible.

Create a lifecycle environment by navigating to Content –> Lifecycle Environments we will create three environments as follows.

  • Development
  • Testing
  • Production

Create a Development environment.

Next, create our Testing Environment. While creating the testing env choose the Prior Environment as “Development”.

Finally, create the Production environment. As shown in the previous step select the “Testing” as a prior environment while creating the Production Env.

This is how our LifeCycle Environment Paths will look like.

Creating Content View

The content view is a version control system in Katello/Satellite. It can consist of one or more repositories. To create a content view navigate to

Content –> Content Views –> Create New view

Click save to create the Content view.

Creating Content View
Creating Content View

Right after creating the content view it will take you to “Yum content” Tab under the created content view, We can see the list of repositories under this section select the required repos from the list and click “Add Repositories” to add the same.

  1. Click Add Tab under Yum content.
  2. Select all repositories
  3. Finally, click the add repositories button at the right-hand side.

The added repositories can be seen under List TAB.

Publishing the Content

To publish the content click on “Publish New Version” at the top right-hand corner. Type with a short description and click Save.

  1. Click Publish New version to publish the content.
  2. Click save with continuing to publish to the Library.

Once clicking on Save we will get the status as shown below.

After publishing a new version it will be under Library Environment.

Then promote to Development. Select the tick next to Development and promote the version.

Promote to Development
Promote to Development

At last, promote to Production.

Promote to Production
Promote to Production

It will look similar to below.

Finally published environment
Finally published environment

The promoted history can be viewed from the “History” tab.

Promote history
Promote history

Creating an Activation key

Activation Keys provide a mechanism to define properties that may be applied to Content Hosts during registration. Let’s create an activation key for our content hosts by navigating to

Content –> Activation Keys –> Create Activation key

Here “content Host” means the server (clients) which we are going to register with foreman/Katello/Satellite.

  1. Name of the activation key
  2. Description of the activation key
  3. For which environment the key need to be used.
  4. Content view which needs to use the activation key
  5. Click save to create the activation key.

To create the key from command line we need to know about the organization, lifecycle environments and content view.

List the organization

[root@foreman ~]# hammer organization list
---|----------------------|----------------------|-------------|---------------------
ID | TITLE                | NAME                 | DESCRIPTION | LABEL               
---|----------------------|----------------------|-------------|---------------------
1  | Default Organization | Default Organization |             | Default_Organization
---|----------------------|----------------------|-------------|---------------------
[root@foreman ~]#

List the LifeCycle Environments

[root@foreman ~]# hammer lifecycle-environment list
---|-------------|------------
ID | NAME        | PRIOR      
---|-------------|------------
5  | Development | Library    
1  | Library     |            
8  | Production  | Testing    
7  | Testing     | Development
---|-------------|------------
[root@foreman ~]#

And list the Content View

[root@foreman ~]# hammer content-view list
----------------|---------------------------|---------------------------|-----------|---------------------|---------------
CONTENT VIEW ID | NAME                      | LABEL                     | COMPOSITE | LAST PUBLISHED      | REPOSITORY IDS
----------------|---------------------------|---------------------------|-----------|---------------------|---------------
4               | CentOS 7                  | CentOS_7                  | false     | 2020/03/22 14:03:41 | 8, 3, 2, 4, 9 
1               | Default Organization View | Default_Organization_View | false     | 2020/03/20 23:50:12 |               
----------------|---------------------------|---------------------------|-----------|---------------------|---------------
[root@foreman ~]#

Once we get all above the information let’s create the activation key. We will create with separate activation key for development, testing and production.

Activation Key for Development.

# hammer activation-key create --organization-id 1 \
--name "CentOS7_Dev" \
--description "CentOS 7 Activation Key for Development/Test Servers" \
--lifecycle-environment "Development" \
--purpose-role "Red Hat Enterprise Linux Server" \
--purpose-usage "Development/Test" \
--content-view "CentOS 7" \
--unlimited-hosts

Key for Testing.

# hammer activation-key create --organization-id 1 \
--name "CentOS7_Tst" \
--description "CentOS 7 Activation Key for Development/Test Servers" \
--lifecycle-environment "Testing" \
--purpose-role "Red Hat Enterprise Linux Server" \
--purpose-usage "Development/Test" \
--content-view "CentOS 7" \
--unlimited-hosts

At last, Activation key for Production.

# hammer activation-key create --organization-id 1 \
--name "CentOS7_Prod" \
--description "CentOS 7 Activation Key for Production Servers" \
--lifecycle-environment "Production" \
--purpose-role "Red Hat Enterprise Linux Server" \
--purpose-usage "Production" \
--content-view "CentOS 7" \
--unlimited-hosts

List all created activation key from the command line for default organization “1“.

[root@foreman ~]# hammer activation-key list --organization-id 1
---|--------------|----------------|-----------------------|-------------
ID | NAME         | HOST LIMIT     | LIFECYCLE ENVIRONMENT | CONTENT VIEW
---|--------------|----------------|-----------------------|-------------
10 | CentOS7_Dev  | 0 of Unlimited | Development           | CentOS 7    
12 | CentOS7_Prod | 0 of Unlimited | Production            | CentOS 7    
11 | CentOS7_Tst  | 0 of Unlimited | Testing               | CentOS 7    
---|--------------|----------------|-----------------------|-------------
[root@foreman ~]#

Adding Subscription to Activation Key

Now, time to add the subscription into the created activation key. So, once anyone of server registered with katello server it will be assigned with respective Subscription and Repositories.

# hammer subscription list --organization-id 1
# hammer activation-key add-subscription --organization-id 1 --name "CentOS7_Dev" --quantity "1" --subscription-id "1"
# hammer activation-key add-subscription --organization-id 1 --name "CentOS7_Tst" --quantity "1" --subscription-id "1"
# hammer activation-key add-subscription --organization-id 1 --name "CentOS7_Prod" --quantity "1" --subscription-id "1"

Subscribing clients with Foreman/Katello

Subscribing content host with the foreman will be taken through the below guide.

Subscribe Linux server with Foreman/Katello

That’s it, we have successfully completed with Installing foreman with Katello. In our upcoming guide let see how to subscribe to a client with katello.

Conclusion

Foreman with Katello or Satellite sever is used for content management, version control or we can call as a patch management tool. This one is most needed in any critical production environment to solve the content management / Patch Management requirements. Subscribe to our newsletter and stay with us to receive more topics on Foreman Katello.

19 thoughts on “Install Foreman Katello Patch Management on CentOS 7”

  1. Hi,

    Thank you for sharing this wiki to everyone ,
    Actually, I am trying to add ubuntu repositories (16.04 through 20.04)
    can you please point me to the right direction on how to add *.deb repositories ?
    if possible with the same steps as the one you described on how to add CentOS repository in your post

    Reply
  2. Pingback: EX403 Home Lab Part 2 – Loading Content into Foreman 1.24 – Linux Buff
  3. I just installed foreman 2.1.3-1 and katello 3.16.1-1 on CentOS 7. A lot of the services are binding to ipv6 ports instead of ipv4. We are not using ipv6. So, any idea how to rectify that?

    Reply
  4. Congratulations on the tutorial, excellent.
    Have you ever tried to import CentOS 7 errata into katello? The EPEL errata is ok, but from CentOS 7 I couldn’t import it.
    I’m using version 2.1 of Foreman and 3.16 RC5 from Katello

    Reply
  5. Thanks for a very good article. Can you make another for Remote Execution? I struggle to find resources on that subject.

    Reply
  6. Hi all right with you?
    First I want to congratulate and thank you for the excellent content.
    How did you manage to install ‘Insight and RH Inventory’ on Foreman + Katello?
    I noticed that in my installation they don’t appear.

    The rest works perfectly well.

    Reply
    • @Marcos,

      All good, Thank you. Hope you too doing well there.
      The Insights is useless here until unless we don’t have a valid Red Hat Subscription.
      Can you list the installed packages like below?

      [root@foreman ~]# yum list installed | grep access
      Failed to set locale, defaulting to C
      libpciaccess.x86_64 0.14-1.el7 @anaconda
      tfm-rubygem-redhat_access.noarch 2.2.6-1.fm1_23.el7 @katello
      tfm-rubygem-redhat_access_lib.noarch 1.1.5-1.el7 @katello
      [root@foreman ~]#

      Before starting with setup whether have you enabled openscap plugin in?

      /etc/foreman-installer/scenarios.d/foreman-answers.yaml
      foreman::plugin::openscap

      For inventory check for the package.

      [root@foreman ~]# yum list installed | grep inven
      Failed to set locale, defaulting to C
      tfm-rubygem-foreman_inventory_upload.noarch
      [root@foreman ~]#

      Kindly update.

      Thanks & Regards,
      Babin Lonston

      Reply
  7. Pingback: EX403 Home Lab
  8. Hi Babin

    Many thanks, excellent article, I have completed the full process,
    next is to add some hosts.

    Reply
  9. Hi

    Got as far as “GPG Key for Storage Repo” created the key but then you say?

    Once the key created let’s assign the storage key to the storage repository.
    Now navigate to content –> Products –> click on “CentOS 7 Linux x86_64” under repositories
    click on “Storage x86_64” scroll down to GPG Key and select the “RPM-GPG-KEY-CentOS-
    SIG-Storage from the drop-down list and click save.

    There are no repositories?

    You currently don’t have any Repositories included in this Product, you can add Repositories using the button on the right.

    Reply
    • @Stephen Weaver,
      Thanks for reporting, the order was little messed, I have updated the article.
      Once you created the GPG key for storage repo, continue with creating the repositories. After completing with creating all repositories follow with remaining steps as below.

      Now navigate to content –> Products –> click on “CentOS 7 Linux x86_64” under repositories
      click on “Storage x86_64” scroll down to GPG Key and select the “RPM-GPG-KEY-CentOS-
      SIG-Storage from the drop-down list and click save.

      Thanks & Regards,
      Babin Lonston

      Reply
  10. Hi

    All was OK upto
    foreman-installer –scenario katello –foreman-initial-admin-username admin –foreman-initial-admin-password ‘xxxxxxx’

    Then got loads of errors, have I missed something?

    Will try to list errors:
    /Stage[main]/Foreman::Database/Foreman::Rake[db:seed]/Exec[foreman-rake-db:seed]: ‘/usr/sbin/foreman-rake db:seed’ returned 1 instead of one of [0]
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/errors.rb:157:in `fail’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/exec.rb:183:in `sync’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/exec.rb:649:in `refresh’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/event_manager.rb:149:in `process_callback’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/event_manager.rb:34:in `block in process_events’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/event_manager.rb:121:in `block in queued_events’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/event_manager.rb:120:in `each’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/event_manager.rb:120:in `queued_events’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/event_manager.rb:33:in `process_events’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:288:in `eval_resource’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:191:in `call’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:191:in `block (2 levels) in evaluate’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:521:in `block in thinmark’
    /opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:520:in `thinmark’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:191:in `block in evaluate’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:122:in `traverse’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:178:in `evaluate’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:240:in `block (2 levels) in apply’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:521:in `block in thinmark’
    /opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:520:in `thinmark’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:239:in `block in apply’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/log.rb:161:in `with_destination’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/report.rb:146:in `as_logging_destination’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:238:in `apply’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:185:in `block (2 levels) in apply_catalog’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:521:in `block in thinmark’
    /opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:520:in `thinmark’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:184:in `block in apply_catalog’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:233:in `block in benchmark’
    /opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:232:in `benchmark’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:183:in `apply_catalog’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:387:in `run_internal’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:227:in `block in run’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:62:in `override’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:290:in `override’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:210:in `run’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:343:in `apply_catalog’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:260:in `block (2 levels) in main’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:62:in `override’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:290:in `override’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:243:in `block in main’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:62:in `override’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:290:in `override’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:207:in `main’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:177:in `run_command’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `block in run’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:710:in `exit_on_fail’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `run’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:143:in `run’
    /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:77:in `execute’

    Reply
  11. Hi there, thanks for sharing this article. Very helpful for a neophyte like me. I need some guidance for my school project using Foreman. What’s the best email to contact you for some further advice to fully leverage Foreman+Ansible. Looking for a book in Amazon or other online bookstores I can’t find any for Foreman/Katello+Ansible. When you get a chance please reply to my email at xxxxxx@gmail.com. Thank you.

    Reply

Leave a Comment

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

We promise not to spam you, and we don't usually send more than one email a week.

You have Successfully Subscribed!