One of the foundation building blocks is a system to manage the servers and repositories as well as keeping stock of the puppet infrastructure. For this we use Katello.
Katello gives us content management, provisioning and configuration management. With the help of so-called Capsules we can extend its capabilities with functions like DHCP, CA, TFTP and more.
Katello may be installed onto a baremetal host or on a virtual guest. The minimum requirements are:
- Two Logical CPUs
- 4 GB of memory (8 GB highly recommended)
- The filesystem holding /var/lib/pulp needs to be large, but may vary depending on how many different Operating Systems you wish to syncronize:
- Allocate 30 GB of space for each operating system. Even though an operating system may not take up this much space now, this allows space for future updates that will be syncronized later.
- The filesystem holding /var/lib/mongodb needs at least 4 GB to install, but will vary depending on how many different Operating Systems you wish to syncronize:
- Allocate around 40% of the capacity that has been given to the /var/lib/pulp filesystem
- The root filesystem needs at least 20 GB of Disk Space
The following ports need to be open to external connections:
- 80 TCP – HTTP, used for provisioning purposes
- 443 TCP – HTTPS, used for web access and api communication
- 5647 TCP – qdrouterd – used for client and capsule actions
- 9090 TCP – HTTPS – used for communication with the smart proxy
To install Katello we first need to get a number of repositories.
yum -y localinstall http://fedorapeople.org/groups/katello/releases/yum/2.4/katello/RHEL/7Server/x86_64/katello-repos-latest.rpm yum -y localinstall http://yum.theforeman.org/releases/1.10/el7/x86_64/foreman-release.rpm yum -y localinstall http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm yum -y localinstall http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
After installing these repositories we first need to refresh the yum cache with
yum clean all yum repolist
Now we can install the foreman-release-scl package with
yum -y install foreman-release-scl
and install the katello packages. This will install the katello-installer
yum -y install katello
And run the actual katello installer itself with
For extra information on this installer you can add ‘–help’ to see a list of options.
To enable access modify the firewall (firewalld) with
firewall-cmd --permanent --add-service=https firewall-cmd --permanent --add-port=5647/tcp --add-port=9090/tcp firewall-cmd --reload
Your firewall now should look something like this
[root@node3 puppet]# firewall-cmd --list-all public (default, active) interfaces: eno1 sources: services: dhcpv6-client http https ssh ports: 9090/tcp 5647/tcp masquerade: no forward-ports: icmp-blocks: rich rules:
Get to work with Katello