Red Hat Satellite is a great tool to automate deployment, provisioning, patching and configuration of your infrastructure, but how can you automate Satellite itself?
Using the Red Hat Ansible Automation Platform and the Satellite Ansible Content Collection, of course!
Since you’re already tuning in, you probably don’t need convincing that automation is great; it helps enable easier collaboration, better accountability and easier reproducibility. But have you already heard about Collections?
We’ll show you how you can use the Satellite Ansible Content Collection to manage your Satellite installations via Ansible
What is the Satellite Ansible Content Collection?
The Satellite Ansible Content Collection is, as you might have guessed already, a set of Ansible modules and plugins to interact with Red Hat Satellite.
These modules are an evolution from the foreman and katello modules previously available in Ansible itself, as those are deprecated since Ansible 2.8 and are scheduled for removal in 2.12. Due to the use of a Satellite-specific library, the old modules would not work properly in plain Foreman setups and often lacked features that were not present in Red Hat Satellite. At the same time, using the modules together with Satellite wasn’t easy either, as the used library only supported a specific Satellite release and you had to find the right version of Satellite for yourself.
Over the past year, the community sat together, cleaned up the modules, created tests and documentation, and finally ported the modules to a Satellite independent library.
Today, we cover many core Satellite workflows and examples. We would also love your feedback to extend to other workflows like OpenSCAP and Remote Execution.
Where can the Collection be downloaded?
You can download the redhat.satellite Collection from Automation Hub (requires Ansible Automation Platform subscription) immediately (along with the updated Satellite 6.7.z erratum), or wait for the forthcoming ansible-collection-redhat-satellite RPM from the Satellite 6.8 repositories later this year. When installing from Automation Hub, you’ll also have to make sure you have the latest apypie Python library now available from the Satellite repository.
The community can download and contribute to the corresponding unsupported upstream theforeman.foreman Collection from Ansible Galaxy as well.
Information on how to configure downloading via the ansible.cfg or requirements.yml files, please refer to the blog entitled, “Hands On With Ansible Collections.”
How can the modules be used?
Usually you’ll find one module per Satellite entity (Organization, Location, Host Group, etc.) or action (Repository Sync, Content Upload, etc.). Each module takes a set of common parameters:
- server_url: the URL of your Satellite instance (e.g. https://satellite.example.com)
- username: the login of the user that will be used for API authentication (e.g. admin)
- password: the password of said user (e.g. changeme)
- validate_certs: whether or not to validate the TLS certificates the server presents
For example, if you’re about to create a new domain, the task in your Ansible playbook will look like this:
- name: create example.org domain
redhat.satellite.domain:
name: example.org
state: present
server_url: https://satellite.example.com
username: admin
password: changeme
That’s it! All modules follow the same basic calling convention and you’re set up using them in your environment. Now is a good time to look through the list of available modules and start writing playbooks for the most common workflows.
Examples
The previous example was quite short. Here are a few real world examples of how we use the modules today. For the sake of readability, the server_url, username and password parameters were omitted.
Enable and sync a repository from the CDN and add it to a Content View
One very common workflow is to sync content from the Red Hat CDN and then publish it to the clients. For that, the following steps need to happen:
- The repository set needs to be enabled, which will create all the necessary products in Satellite. This is a step that needs to happen once.
- The repository needs to be synced. This will usually happen regularly either by executing the workflow from Tower on a schedule or by creating a Sync Plan in Satellite. We show the scheduled variant here.
- A content view needs to exist and contain the repository in question, so that clients can consume it.
- The content view needs to be published to get the newly synced content.
- hosts: localhost
vars:
content_view: RHEL
product: "Red Hat Enterprise Linux Server"
repo: "Red Hat Enterprise Linux 7 Server (RPMs)"
repo_variants:
- releasever: "7Server"
basearch: "x86_64"
organization: ACME
tasks:
- name: "Enable {{ repo }} repository"
redhat.satellite.repository_set:
name: "{{ repo }}"
product: "{{ product }}"
repositories: "{{ repo_variants }}"
organization: "{{ organization }}"
state: enabled
- name: "Sync {{ repo }} repository"
redhat.satellite.repository_sync:
repository: "{{ repo }}"
product: "{{ product }}"
organization: "{{ organization }}"
- name: "Create RHEL ContentView"
redhat.satellite.content_view:
name: "{{ content_view }}"
repositories:
- name: "{{ repo }}"
product: "{{ product }}"
organization: "{{ organization }}"
state: present
- name: "Publish RHEL content view"
redhat.satellite.content_view_version:
content_view: "{{ content_view }}"
organization: "{{ organization }}"
Create Lifecycle Environment and Activation Key
Another common workflow is to organize system updates in Lifecycle Environments. This allows clients to vary on patching cadence and enables the use of a set of machines as a testing environment. To achieve that, we first create a Lifecycle Environment and then an Activation Key that “points” to that Lifecycle Environment. Now when a system is set up, utilizing this Activation Key in the registration step will allow the admin to assign the system directly into the correct environment.
- hosts: localhost
vars:
activation_key: rhel
lifecycle_env: Test
content_view: RHEL
subscriptions:
- name: "Red Hat Enterprise Linux"
organization: ACME
tasks:
- name: "Create {{ lifecycle_env }} LCE"
redhat.satellitelifecycle_environment:
name: "{{ lifecycle_env }}"
prior: "Library"
organization: "{{ organization }}"
state: present
- name: "Create {{ activation_key }}-{{ lifecycle_env }} Activation Key"
redhat.satellite.activation_key:
name: "{{ activation_key }}-{{ lifecycle_env }}"
lifecycle_environment: "{{ lifecycle_env }}"
content_view: "{{ content_view }}"
subscriptions: "{{ subscriptions }}"
organization: "{{ organization }}"
state: present
You can execute the modules on any target host that has the apypie Python library installed, but it is probably the easiest to do so directly on the controller node.
Takeaways/Going Forward
Now is the best time to try out the Collection - we’d love to hear about the workflows that you implement with it and especially the ones that you’re still missing so we can make the Collection even better!
If you want to learn more, check out the following resources:
- Read a Red Hat sponsored study by IDC about how Red Hat Satellite helps optimize infrastructure with automation.
- Read the Red Hat Ansible Automation Platform E-Books.
- Sign up for updates to AnsibleFest 2020.
저자 소개
채널별 검색
오토메이션
기술, 팀, 인프라를 위한 IT 자동화 최신 동향
인공지능
고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트
오픈 하이브리드 클라우드
하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요
보안
환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보
엣지 컴퓨팅
엣지에서의 운영을 단순화하는 플랫폼 업데이트
인프라
세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보
애플리케이션
복잡한 애플리케이션에 대한 솔루션 더 보기
오리지널 쇼
엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리
제품
- Red Hat Enterprise Linux
- Red Hat OpenShift Enterprise
- Red Hat Ansible Automation Platform
- 클라우드 서비스
- 모든 제품 보기
툴
체험, 구매 & 영업
커뮤니케이션
Red Hat 소개
Red Hat은 Linux, 클라우드, 컨테이너, 쿠버네티스 등을 포함한 글로벌 엔터프라이즈 오픈소스 솔루션 공급업체입니다. Red Hat은 코어 데이터센터에서 네트워크 엣지에 이르기까지 다양한 플랫폼과 환경에서 기업의 업무 편의성을 높여 주는 강화된 기능의 솔루션을 제공합니다.