Register a Linux client with Foreman

Introduction

In our earlier guide, we have seen how to set up a foreman with katello for content management. By following in this guide, we will walk through how to register a Linux client with foreman/katello.

To register Linux client with Foreman server it required subscription-manager package. To subscribe a CentOS server with foreman we can get the subscription-manager package from the default CentOS repository.

Foreman/Katello related articles

Installing Subscription Packages

Let’s start with installing.

# yum install subscription-manager -y
Installed:
   subscription-manager.x86_64 0:1.24.13-4.el7.centos                                                                                                                                 
 Dependency Installed:
   libnl.x86_64 0:1.1.4-3.el7                                            python-backports.x86_64 0:1.0-8.el7              python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7 
   python-dateutil.noarch 0:1.5-7.el7                                    python-dmidecode.x86_64 0:3.12.2-3.el7           python-ethtool.x86_64 0:0.8-8.el7                          
   python-inotify.noarch 0:0.9.4-4.el7                                   python-ipaddress.noarch 0:1.0.16-2.el7           python-setuptools.noarch 0:0.9.8-7.el7                     
   python-six.noarch 0:1.9.0-2.el7                                       python-syspurpose.x86_64 0:1.24.13-4.el7.centos  subscription-manager-rhsm.x86_64 0:1.24.13-4.el7.centos    
   subscription-manager-rhsm-certificates.x86_64 0:1.24.13-4.el7.centos  usermode.x86_64 0:1.111-6.el7                   
 Complete!
[root@wazuh ~]#

Getting Pre-built bootstrap RPM

Register the Linux client (content host) to the foreman/Katello, Install the pre-built bootstrap RPM from the foreman server. During the foreman installation, these packages will be saved under /var/www/html/pub/, Get the package using curl in our client.

# curl --insecure --output katello-ca-consumer-latest.noarch.rpm https://foreman.linuxsysadmins.local/pub/katello-ca-consumer-latest.noarch.rpm
[root@wazuh ~]# curl --insecure --output katello-ca-consumer-latest.noarch.rpm https://foreman.linuxsysadmins.local/pub/katello-ca-consumer-latest.noarch.rpm
   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                  Dload  Upload   Total   Spent    Left  Speed
 100  7388  100  7388    0     0  55678      0 --:--:-- --:--:-- --:--:-- 55969
[root@wazuh ~]#

Install Pre-built bootstrap RPM

Install the downloaded package using yum on the Linux client.

# yum localinstall katello-ca-consumer-latest.noarch.rpm -y
Running transaction
   Installing : katello-ca-consumer-foreman.linuxsysadmins.local-1.0-1.noarch                                                                                                     1/1 
   Verifying  : katello-ca-consumer-foreman.linuxsysadmins.local-1.0-1.noarch                                                                                                     1/1 
 Installed:
   katello-ca-consumer-foreman.linuxsysadmins.local.noarch 0:1.0-1                                                                                                                    
 Complete!
[root@wazuh ~]#

Once we install the above package it will modify the rhsm configuration file /etc/rhsm/rhsm.conf with foreman server details. The server CA certificate will be under /etc/rhsm/ca/.

[root@wazuh ~]# ls -lthr /etc/rhsm/ca/katello-*
 -rw-r--r--. 1 root root 5.4K Mar 25 19:26 /etc/rhsm/ca/katello-server-ca.pem
 -rw-r--r--. 1 root root 5.4K Mar 25 19:26 /etc/rhsm/ca/katello-default-ca.pem
[root@wazuh ~]#

Register Linux Client using Activation Key

Register using subscription-manager Activation Key, The key we are using is “CentOS7_Prod” so it will register default under Production “content view”.

# subscription-manager register --org="Default_Organization" --activationkey="CentOS7_Prod"
[root@wazuh ~]# subscription-manager register --org="Default_Organization" --activationkey="CentOS7_Prod"
 You are attempting to use a locale that is not installed.
 The system has been registered with ID: e449c094-c4e6-43a3-8531-cfe56695b8d4
 The registered system name is: wazuh.linuxsysadmins.local
 No products installed.
[root@wazuh ~]#

List and Verify Repositories

Once we have successfully registered the client with foreman/Katello server let’s list the repositories using the subscription-manager command.

[root@wazuh ~]# subscription-manager repos --list
 +----------------------------------------------------------+
     Available Repositories in /etc/yum.repos.d/redhat.repo
 +----------------------------------------------------------+
 Repo ID:   Default_Organization_CentOS_7_Linux_x86_64_CentOS_7_OS_x86_64
 Repo Name: CentOS 7 OS x86_64
 Repo URL:  https://foreman.linuxsysadmins.local/pulp/repos/Default_Organization/Production/CentOS_7/custom/CentOS_7_Linux_x86_64/CentOS_7_OS_x86_64
 Enabled:   1
 Repo ID:   Default_Organization_CentOS_7_Linux_x86_64_CentOS_7_Updates_x86_64
 Repo Name: CentOS 7 Updates x86_64
 Repo URL:  https://foreman.linuxsysadmins.local/pulp/repos/Default_Organization/Production/CentOS_7/custom/CentOS_7_Linux_x86_64/CentOS_7_Updates_x86_64
 Enabled:   1
 Repo ID:   Default_Organization_CentOS_7_Linux_x86_64_CentOS_7_Extra_x86_64
 Repo Name: CentOS 7 Extra x86_64
 Repo URL:  https://foreman.linuxsysadmins.local/pulp/repos/Default_Organization/Production/CentOS_7/custom/CentOS_7_Linux_x86_64/CentOS_7_Extra_x86_64
 Enabled:   1
 Repo ID:   Default_Organization_CentOS_7_Linux_x86_64_Ansible_x86_64
 Repo Name: Ansible x86_64
 Repo URL:  https://foreman.linuxsysadmins.local/pulp/repos/Default_Organization/Production/CentOS_7/custom/CentOS_7_Linux_x86_64/Ansible_x86_64
 Enabled:   1
 Repo ID:   Default_Organization_CentOS_7_Linux_x86_64_Storage_x86_64
 Repo Name: Storage x86_64
 Repo URL:  https://foreman.linuxsysadmins.local/pulp/repos/Default_Organization/Production/CentOS_7/custom/CentOS_7_Linux_x86_64/Storage_x86_64
 Enabled:   1
[root@wazuh ~]#

The status of the subscription can be verified by running status.

[root@wazuh ~]# subscription-manager status
 +-------------------------------------------+
    System Status Details
 +-------------------------------------------+
 Overall Status: Current
 System Purpose Status: Not Specified
[root@wazuh ~]#

Let’s install any one of the package to confirm the same.

[root@wazuh ~]# yum install iotop
 --> Running transaction check
 ---> Package iotop.noarch 0:0.6-4.el7 will be installed
 --> Finished Dependency Resolution
 Transaction test succeeded
 Running transaction
   Installing : iotop-0.6-4.el7.noarch                                    1/1 
 Loaded plugins: fastestmirror, product-id, subscription-manager
   Verifying  : iotop-0.6-4.el7.noarch                                    1/1 
 Installed:
   iotop.noarch 0:0.6-4.el7                                                                                                                                                           
 Complete!
[root@wazuh ~]#

Install Client Packages

These packages are required to be installed on clients, By installing these packages the client will send the host information and much more info to the foreman/katello server.

Installing client packages online

To get the foreman client packages, we can enable the repositories by installing below repo RPMs.

# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm -y
# yum install https://yum.theforeman.org/client/1.24/el7/x86_64/foreman-client-release.rpm -y

Or if you need the packages On-premises follow with offline mode.

Installing client Offline

Else we can set a local client repo and add under the content view to available the packages locally from Foreman/Katello.

First, create Content credentials.

Content –> Content Credentials –> Create Content Credential

Name = “RPM-GPG-KEY-foreman”
Type = GPG Key
Paste the content from https://theforeman.org/static/keys/D885D3D9B12FA857CDECE3F1B76498E45AA9BCAD.pub
into Content Credential Contents
Click Save.

Create the repository from web UI or use the command line as shown below.

# hammer repository create --organization-id 1 \
    --product "CentOS 7 Linux x86_64" \
    --name "Foreman Client" \
    --label "Foreman_client" \
    --content-type "yum" \
    --download-policy "on_demand" \
    --gpg-key "RPM-GPG-KEY-foreman" \
    --url "https://yum.theforeman.org/client/latest/el7/x86_64/" \
    --mirror-on-sync "no"

Add the new client repositories into the Sync plan. By the following sync the repository. Once the content synced, we need to publish the new version.

Content –> Content Views –>CentOS7–> Publish New Version –> give small description “With foreman client packages.” and click save.

Check the new repo availability from any one of the content host (Client) after installing with below packages.

Installing Katello Packages

To report package & errata information

# yum install -y katello-host-tools python-gofer-qpid python-qpid python-qpid-common python-qpid-proton qpid-proton-c

To optionally report tracer information

# yum install katello-host-tools-tracer -y

For remote actions and reporting package & errata information

# yum install katello-agent -y
Installed:
   katello-host-tools-tracer.noarch 0:3.5.1-2.el7                                                                                                                                     
 Dependency Installed:
   libxslt.x86_64 0:1.1.28-5.el7             python-beautifulsoup4.noarch 0:4.6.0-1.el7      python-lxml.x86_64 0:3.2.1-4.el7         python2-argcomplete.noarch 0:1.7.0-4.el7     
   python2-future.noarch 0:0.18.2-2.el7      python2-psutil.x86_64 0:5.6.7-1.el7             python2-tracer.noarch 0:0.7.1-1.el7      tracer-common.noarch 0:0.7.1-1.el7           
 Complete!
 Uploading Enabled Repositories Report
 Loaded plugins: fastestmirror, product-id, subscription-manager
[root@wazuh ~]#

Confirm Clients from Web UI

Login from Foreman web UI and verify the client addition.

Under Hosts –> Content Hosts you will find all registered clients.

Registered clients with the foreman
Registered clients with the foreman

How to Unregister a Client

To unregister a client from foreman/Katello/Satellite server below steps can be carried out.

First, unregister from the Client-side using subscription-manager.

[root@wazuh ~]# subscription-manager unregister 
 Unregistering from: foreman.linuxsysadmins.local:443/rhsm
 System has been unregistered.
[root@wazuh ~]#

Then clean the configurations.

[root@wazuh ~]# subscription-manager clean
 All local data removed
[root@wazuh ~]#

Look for the installed katello packages and remove them.

# yum list installed | grep katello
# yum remove katello-ca-consumer-foreman.linuxsysadmins.local.noarch 1.0-1
Running transaction
   Preparing        :                                                                              1/1 
   Erasing          : katello-ca-consumer-foreman.linuxsysadmins.local-1.0-1.noarch                1/1 
   Running scriptlet: katello-ca-consumer-foreman.linuxsysadmins.local-1.0-1.noarch                1/1 
   Verifying        : katello-ca-consumer-foreman.linuxsysadmins.local-1.0-1.noarch                1/1 
 Installed products updated.
 Removed:
   katello-ca-consumer-foreman.linuxsysadmins.local-1.0-1.noarch                                                                                                                      
 Complete!
[root@wazuh ~]#

Finally, remove the subscription-manager package.

# yum remove subscription-manager -y
Removed:
   subscription-manager-1.25.17-1.el8.x86_64                       dnf-plugin-subscription-manager-1.25.17-1.el8.x86_64     python3-ethtool-0.14-3.el8.x86_64                         
   python3-iniparse-0.4-31.el8.noarch                              python3-inotify-0.9.6-13.el8.noarch                      python3-subscription-manager-rhsm-1.25.17-1.el8.x86_64    
   subscription-manager-rhsm-certificates-1.25.17-1.el8.x86_64     usermode-1.113-1.el8.x86_64                             
 Complete!
[root@wazuh ~]#

That’s it, we have successfully completed with installing client packages and subscribed with foreman/Katello/Satellite server.

Conclusion

To register a Linux client with Foreman/Katello/Satellite above steps will be helpful. By subscribing to Katello server we are now not required to connect directly to the internet for getting the OS, Updates, Errata and much more. Subscribe to our newsletter and stay with us for more guides related to the foreman with katello.

14 thoughts on “Register a Linux client with Foreman

  1. Hello Babin,

    Could you please write a guide on how to register a Debian server with Foreman ?

    Thanks in advance !

  2. Hello Babin

    For Katello-Foreman server and configuration setup did we required redhat satetllite server subscription?

    1. Amol Lad, No, we don’t need a subscription of Satellite to setup the foreman with Katello. FYI, Foreman with katello is an opensource tool. Actually, Red Hat customize the foreman with katello and adding with more features and selling the product for enterprise use.

      1. Thanks Babin ,

        As in My Enviroment scenario, i have offline setup with 400 RHEL production server. all server are not RHEL subscirbed. Is Katello-Foreman tool is feasible for production enviroment?

        1. Dear Amol,

          Yes, foreman with Katello is more than enough. But, the challenge is you need to manage end to end whenever facing some issue with your foreman server. You need to be more active in foreman forum to get solutions.

          If you have a valid RHEL subscription for those 400 RHEL servers then get the manifest from your Red Hat account and import into foreman. That’s it, then you can subscribe all your machines to foreman and manage from one console.

          Thanks & Regards,
          Bobin Lonston

  3. Hello Babin,

    Thaks for you post (great details as always)

    Could you please write a guide on how to register a Debian server with Foreman ?

    Thanks in advance !

  4. Hi Babin
    I just followed your guide to setup the Katello-Foreman server and configuration worked but however I find the Errata and all related information is missing from the Content Host page.

    1. @Paul.Leong,

      I’m publishing an article in two days about how to import errata information for CentOS 7.x.

      Thanks & Regards,
      Babin Lonston

Comments are closed.