Difference between revisions of "Install Foreman 35 katello rhel8"
Jump to navigation
Jump to search
| Line 70: | Line 70: | ||
[[File:foreman_35_menu.png|1024px|Foreman Menu]] | [[File:foreman_35_menu.png|1024px|Foreman Menu]] | ||
| − | + | ||
=Manage Repos with Foreman= | =Manage Repos with Foreman= | ||
| Line 114: | Line 114: | ||
:* Content View: cv_rhel8 | :* Content View: cv_rhel8 | ||
:* Repository Sets: Disable all but needed | :* Repository Sets: Disable all but needed | ||
| + | |||
| + | =Patch Cycle Ideas Brainstorming= | ||
| + | ==Prerequisites== | ||
| + | * Daily Sync of all Foreman Libraries (Product upstream Repos) | ||
| + | * Working Repos as mentioned above | ||
| + | * Systems are grouped and registered in Lifecycle Environments | ||
| + | :* TEST | ||
| + | :* TEST-LATE | ||
| + | :* PROD | ||
| + | :* PROD-LATE | ||
| + | The meaning of "LATE" is to patch this systems later to avoid production issues (eg: half of the systems of a Cluster (DNS, Web, ...) | ||
| + | ==Patch Cycle== | ||
| + | * All systems get patched at least every 4 weeks | ||
| + | :* A Rundeck Job does update the Content Views on a regular base. | ||
| + | <pre> | ||
| + | EXAMPLE: | ||
| + | ---------------------------------- | ||
| + | KW01 -> "Library" (daily sync) into "TEST" Content View as Version "KW01" | ||
| + | KW02 -> Version "KW01" into "TEST-LATE" Content View | ||
| + | KW03 -> Version "KW01" into "PROD" Content View | ||
| + | KW04 -> Version "KW01" into "PROD-LATE" Content View | ||
| + | |||
| + | KW05 -> "Library" (daily sync) into "TEST" Content View as Version "KW01" | ||
| + | KW06 -> Version "KW01" into "TEST-LATE" Content View | ||
| + | KW07 -> Version "KW01" into "PROD" Content View | ||
| + | KW08 -> Version "KW01" into "PROD-LATE" Content View | ||
| + | |||
| + | ... | ||
[[Category:Foreman]] | [[Category:Foreman]] | ||
Revision as of 10:00, 11 May 2023
Contents
1 VM SETUP
- CPU: 4
- MEM: 20G
- DISK: 200G
2 LINKS
3 OUTSIDE CONNECTIVITY NEEDS
4 Install
subscription-manager register
dnf -y install firewalld
systemctl enable firewalld --now
firewall-cmd \
--add-port="80/tcp" --add-port="443/tcp" \
--add-port="5647/tcp" \
--add-port="8000/tcp" --add-port="9090/tcp" \
--add-port="8140/tcp" \
#--add-port="53/udp" --add-port="53/tcp" \
#--add-port="67/udp" \
#--add-port="69/udp"
firewall-cmd --runtime-to-permanent
firewall-cmd --list-all
public (active)
services: cockpit dhcpv6-client ssh
ports: 80/tcp 443/tcp 5647/tcp 8000/tcp 9090/tcp 8140/tcp
ping -c1 localhost
ping -c1 `hostname -f`
hostnamectl set-hostname `hostname -f`
dnf -y install https://yum.theforeman.org/releases/3.5/el8/x86_64/foreman-release.rpm
dnf -y install https://yum.theforeman.org/katello/4.7/katello/el8/x86_64/katello-repos-latest.rpm
dnf -y install https://yum.puppet.com/puppet7-release-el-8.noarch.rpm
dnf config-manager --set-enabled powertools
dnf module enable katello:el8 pulpcore:el8
dnf clean all
dnf makecache
dnf -y upgrade
yum -y install chrony
systemctl start chronyd
systemctl enable chronyd
echo sources | chronyc
reboot
5 Setup Foreman
foreman-installer --scenario katello --foreman-initial-organization "BITBULL" --foreman-initial-location "Verwaltung" --foreman-initial-admin-username admin --foreman-initial-admin-password admin --enable-foreman-cli-ansible --enable-foreman-cli --enable-foreman-cli-katello --enable-foreman-plugin-ansible --enable-foreman-plugin-remote-execution --enable-foreman-plugin-remote-execution-cockpit --enable-foreman-plugin-statistics --enable-foreman-plugin-tasks # --skip-checks-i-know-better --tuning development
6 Foreman Content Management - Menu Overview
7 Manage Repos with Foreman
- https://opensource.com/article/21/9/centos-stream-foreman
- https://www.youtube.com/watch?v=XsCi9Jy2lGs&t=3s
8 Create Content
- Content > Subscriptions
- Import Manifest
- Content > Red Hat Repositories
- Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)
- Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)
- Content > Sync Plans
- Create Sync Plan > Daily
- Content > Products > [X] Red Hat Enterprise Linux for x86_64
- Manage Sync Plan > Daily
- Sync Selected
- Content > Lifecycle Environment > Create
- TestLcEnv > ProdLcEnv
- Content > Content views > Create
- Name: cv_rhel8
- Solve dependencies: TRUE
- Content > Content views > cv_rhel8 > Publish new version
- Promote: TRUE
- Version: 1.0
- Env: TestLcEnv + ProdLcEnv
- Content > Activation Keys > Create
- Name: ak_rhel8_test
- Environment: TestLcEnv
- Content View: cv_rhel8
- Repository Sets: Disable all but needed
- Content > Activation Keys > Create
- Name: ak_rhel8_prod
- Environment: ProdLcEnv
- Content View: cv_rhel8
- Repository Sets: Disable all but needed
9 Patch Cycle Ideas Brainstorming
9.1 Prerequisites
- Daily Sync of all Foreman Libraries (Product upstream Repos)
- Working Repos as mentioned above
- Systems are grouped and registered in Lifecycle Environments
- TEST
- TEST-LATE
- PROD
- PROD-LATE
The meaning of "LATE" is to patch this systems later to avoid production issues (eg: half of the systems of a Cluster (DNS, Web, ...)
9.2 Patch Cycle
- All systems get patched at least every 4 weeks
- A Rundeck Job does update the Content Views on a regular base.
EXAMPLE:
KW01 -> "Library" (daily sync) into "TEST" Content View as Version "KW01" KW02 -> Version "KW01" into "TEST-LATE" Content View KW03 -> Version "KW01" into "PROD" Content View KW04 -> Version "KW01" into "PROD-LATE" Content View KW05 -> "Library" (daily sync) into "TEST" Content View as Version "KW01" KW06 -> Version "KW01" into "TEST-LATE" Content View KW07 -> Version "KW01" into "PROD" Content View KW08 -> Version "KW01" into "PROD-LATE" Content View ...
