Synchronizing software between Red Hat Satellite servers

Red Hat Satellite features multiple methods of synchronizing software from the Red Hat Content Delivery Network (CDN). The intention is to adapt Satellite to your requirements for regularly importing content outside your organization's firewall. Some organizations permit the import of data across networks through a DMZ. Others demand more security and maintain an "air gap," where data must be copied onto removable media and walked across a self-contained network.

This blog discusses the various methods of synchronizing software in Satellite and their intended use cases, including the following:

• Inter-Satellite Sync (ISS) network synchronization
• ISS export synchronization
• ISS syncable exports
• Alternate Content Sources

Definitions

The following definitions clarify the terms this article uses:

• Content view: A customized set of repositories and products. Use content views to constrain access to software from your hosts.
• Inter-Satellite Sync (ISS): A feature that enables software synchronization between two or more Satellite servers.
• Upstream Satellite: A source of software content.
• Downstream Satellite: A Satellite server that is the target for software synchronization.
• Alternate content sources (ACS): Helps speed up the synchronization of new repositories with sources that provide better network throughput.
• Library: A view of all the repositories selected for synchronization in Satellite.

Inter-Satellite Sync (ISS)

Red Hat Satellite's ISS feature exports content from one upstream Satellite to be imported by a downstream Satellite. ISS features three synchronization modes between Satellite servers: network sync, export sync and syncable exports. You can also choose to synchronize a subset of software from an upstream Satellite server to a downstream Satellite server or synchronize all content, including repositories and content views.

See the following documentation for more information on content views.

Depending on how you manage your hosts, these ISS network and ISS export synchronization options can help you save bandwidth and storage while meeting infosec requirements for network connectivity.

ISS syncable exports allow you to export individual repositories as YUM repositories. You can serve the exported YUM repositories with a webserver to create HTTP or FTP-based repositories.

Refer to the table below to see the difference between the three modes of ISS sync.

Note: See the following documentation to import and export individual repositories.

Network sync

You can configure an upstream Satellite server as a software source with ISS network sync. The diagram below shows a "primary" or upstream Satellite in a network DMZ. The upstream Satellite synchronizes software from the Red Hat CDN.

VLAN A and VLAN B contain Satellite servers A and B that download content from the upstream Satellite server instead of the Red Hat CDN. In this diagram, Satellite servers A and B are the downstream Satellites.

ISS network sync allows synchronization from specified lifecycle environments and/or content views, making controlling how content is distributed to downstream Satellite servers easier.

See the following documentation for more information on performing ISS network sync.

Export sync

ISS export sync exports a file package from the upstream Satellite that can be copied to downstream Satellites where it is imported. ISS export sync operations can be performed on the CLI or with the Satellite Ansible collection.

For more information on performing ISS export sync, see the following documentation.

Syncable exports

ISS syncable exports enable the export of repositories in a YUM repository format so that they can be served via HTTP or FTP to provide software. ISS syncable exports help store content that can be used as upstream synchronization sources like a CDN. If desired, syncable exports can also be imported through the command line interface with the hammer utility.

See the following documentation for more information on ISS syncable exports.

Alternate Content Sources

Alternate Content Sources (ACS) provide a method for saving bandwidth when synchronizing content between Satellite and Capsule servers. Unlike ISS, ACS is not used for synchronization between upstream and downstream Satellite servers.

The diagram below shows a Satellite server in Data Center 1 (DC1) and a Satellite Capsule in Data Center 2 (DC2). The connection between DC1 and DC2 may have low bandwidth or be expensively metered. ACS can transfer metadata between DC1 and DC2, but the content/software can be synchronized directly with the Red Hat CDN.

Administrators may reduce data costs in maintaining a resilient Satellite environment in public cloud platforms.

For more information on ACS, see the following documentation.

Satellite helps you maintain your hybrid cloud infrastructure

Red Hat Satellite provides several modes of software synchronization to provide flexibility in deploying and managing your Red Hat Enterprise Linux environment. There are options to enable synchronization from upstream Satellites in a network DMZ through network sync or export sync to conform with security requirements. Syncable exports are available to provide the capability to build your own CDN. ACS saves bandwidth costs when synchronizing software between data centers or avoids excessive ingress costs.

Further reading

• Official Red Hat Satellite documentation: How to configure ISS
• Red Hat Satellite