Add cheatsheet for adding Ubuntu repository to Red Hat Satellite 6
This commit is contained in:
135
ubuntu-repo-satellite-cheatsheet.md
Normal file
135
ubuntu-repo-satellite-cheatsheet.md
Normal file
@@ -0,0 +1,135 @@
|
||||
### Adding an Ubuntu Repository to Red Hat Satellite 6
|
||||
|
||||
Red Hat Satellite 6 is a systems management tool primarily designed for managing Red Hat Enterprise Linux (RHEL) environments, including content repositories, provisioning, and configuration. However, it can be extended to support Debian-based distributions like Ubuntu by enabling the Debian (deb) content plugin in Katello (Satellite's content management component). This allows you to sync and manage Ubuntu repositories as custom content.
|
||||
|
||||
**Important Notes Before Starting:**
|
||||
- Satellite 6 does not natively support Ubuntu out of the box; you must enable the deb plugin, which is not enabled by default.
|
||||
- This process assumes you have administrative access to a Satellite 6 server and are comfortable with CLI commands (e.g., via Hammer, Satellite's CLI tool) or the web UI.
|
||||
- Ubuntu repositories are treated as custom/third-party repos. Ensure you comply with licensing and only use official Ubuntu sources to avoid security risks.
|
||||
- Security considerations: Always validate repository URLs for authenticity (e.g., use HTTPS), enable GPG key verification, and apply least privilege principles when granting access to content views. Test in a non-production environment first.
|
||||
- If you're managing mixed RHEL/Ubuntu environments, note that full features like OS provisioning for Ubuntu may require additional setup (e.g., with Foreman/Puppet integration).
|
||||
- Based on Red Hat documentation and community discussions (e.g., Red Hat Customer Portal solutions), this may not provide seamless support compared to RHEL repos, and some features like automatic deb discovery might be limited.
|
||||
|
||||
Below, I'll outline the detailed steps using both the web UI and CLI (Hammer) methods. The CLI is often more efficient for scripting and automation. These steps are derived from official Red Hat guides on syncing third-party repositories (like EPEL) and enabling Debian support.
|
||||
|
||||
#### Step 1: Enable the Debian Content Plugin
|
||||
Satellite 6 requires the deb plugin to handle Ubuntu's deb package format. This is done via the Satellite installer.
|
||||
|
||||
- **CLI Method (Recommended):**
|
||||
Run the following on your Satellite server as root:
|
||||
```
|
||||
satellite-installer --foreman-proxy-content-enable-deb true --katello-enable-deb true
|
||||
```
|
||||
- This enables the deb plugin for both Foreman Proxy (content proxy) and Katello.
|
||||
- Restart services if prompted: `systemctl restart httpd foreman-proxy`.
|
||||
- Verify: Check `satellite-installer --help | grep deb` to confirm the options are set to `true`.
|
||||
|
||||
- **If Already Installed:** If Satellite is running, re-run the installer with the flags above. It won't disrupt existing configurations.
|
||||
|
||||
If the plugin isn't available, ensure your Satellite version supports it (Satellite 6.10+ is recommended; check with `rpm -q satellite`).
|
||||
|
||||
#### Step 2: Create a Custom Product
|
||||
Products in Satellite group related repositories. Create one for Ubuntu.
|
||||
|
||||
- **Web UI Method:**
|
||||
1. Log in to the Satellite web interface (e.g., https://your-satellite-server).
|
||||
2. Navigate to **Content > Products**.
|
||||
3. Click **Create Product**.
|
||||
4. Enter details:
|
||||
- Name: e.g., "Ubuntu Custom".
|
||||
- Label: Auto-generated or custom (e.g., "ubuntu_custom").
|
||||
- GPG Key: Optional; upload Ubuntu's GPG key for verification (download from https://keyserver.ubuntu.com).
|
||||
- Sync Plan: Optional; select or create one for automated syncing (e.g., daily).
|
||||
5. Click **Save**.
|
||||
|
||||
- **CLI Method (Hammer):**
|
||||
```
|
||||
hammer product create --name "Ubuntu Custom" --organization "YourOrg" --description "Ubuntu repositories"
|
||||
```
|
||||
|
||||
#### Step 3: Add the Ubuntu Repository to the Product
|
||||
Now add the specific Ubuntu repo (e.g., for Ubuntu 22.04 "Jammy Jellyfish").
|
||||
|
||||
- **Key Details for Ubuntu Repo:**
|
||||
- Type: Set to "deb" (enabled in Step 1).
|
||||
- URL: Use an official mirror, e.g., `http://archive.ubuntu.com/ubuntu/` (prefer HTTPS if available: `https://us.archive.ubuntu.com/ubuntu/`).
|
||||
- Releases: e.g., "jammy" (for main release), "jammy-updates", "jammy-security".
|
||||
- Components: e.g., "main", "universe", "restricted", "multiverse".
|
||||
- Architectures: e.g., "amd64" (filter to reduce sync size).
|
||||
|
||||
- **Web UI Method:**
|
||||
1. Go to **Content > Products**, select your new product (e.g., "Ubuntu Custom").
|
||||
2. In the **Repositories** tab, click **New Repository**.
|
||||
3. Enter details:
|
||||
- Name: e.g., "Ubuntu 22.04 Main".
|
||||
- Label: Auto-generated.
|
||||
- Type: "deb".
|
||||
- Upstream URL: e.g., `http://archive.ubuntu.com/ubuntu/`.
|
||||
- Releases: e.g., "jammy".
|
||||
- Components: e.g., "main universe".
|
||||
- Architectures: e.g., "amd64".
|
||||
- Verify SSL: Enable if using HTTPS.
|
||||
- GPG Key: Select if uploaded.
|
||||
- Download Policy: "On Demand" for efficiency (downloads packages only when requested).
|
||||
4. Click **Save**.
|
||||
5. Repeat for additional repos (e.g., updates, security).
|
||||
|
||||
- **CLI Method (Hammer):**
|
||||
```
|
||||
hammer repository create --name "Ubuntu 22.04 Main" --product "Ubuntu Custom" --organization "YourOrg" \
|
||||
--content-type "deb" --deb-releases "jammy" --deb-components "main universe" --deb-architectures "amd64" \
|
||||
--url "http://archive.ubuntu.com/ubuntu/" --download-policy "on_demand"
|
||||
```
|
||||
|
||||
#### Step 4: Sync the Repository
|
||||
Syncing downloads metadata and packages from Ubuntu.
|
||||
|
||||
- **Web UI Method:**
|
||||
1. In the product’s **Repositories** tab, select the repo and click **Sync Now**.
|
||||
2. Monitor progress under **Content > Sync Status**.
|
||||
|
||||
- **CLI Method (Hammer):**
|
||||
```
|
||||
hammer repository synchronize --name "Ubuntu 22.04 Main" --product "Ubuntu Custom" --organization "YourOrg"
|
||||
```
|
||||
- For large repos, this can take time and disk space. Use `--async` for background syncing.
|
||||
- Optimize: Set architectures and components to minimize data (e.g., avoid syncing "source" if not needed).
|
||||
|
||||
#### Step 5: Add to Content View and Publish
|
||||
To make the repo available to hosts, add it to a Content View and publish.
|
||||
|
||||
- **Web UI Method:**
|
||||
1. Go to **Content > Content Views > Create New View**.
|
||||
2. Name it (e.g., "Ubuntu View"), add a description.
|
||||
3. In the view, go to **Deb Content > Repositories > Add**, select your Ubuntu repo(s).
|
||||
4. Click **Publish New Version** (add a comment for versioning).
|
||||
|
||||
- **CLI Method (Hammer):**
|
||||
```
|
||||
hammer content-view create --name "Ubuntu View" --organization "YourOrg"
|
||||
hammer content-view add-repository --name "Ubuntu View" --organization "YourOrg" --repository "Ubuntu 22.04 Main" --product "Ubuntu Custom"
|
||||
hammer content-view publish --name "Ubuntu View" --organization "YourOrg"
|
||||
```
|
||||
|
||||
#### Step 6: Assign to Hosts or Activation Keys
|
||||
- Create an Activation Key (**Content > Activation Keys**) and associate it with the Content View.
|
||||
- Register Ubuntu hosts to Satellite using the activation key (install `subscription-manager` if needed, though for Debian it's via `katello-agent` or manual repo config).
|
||||
- For Ubuntu clients: Configure `/etc/apt/sources.list.d/` to point to your Satellite's capsule or server (e.g., `deb https://satellite.example.com/pulp/deb/...`).
|
||||
|
||||
#### Troubleshooting and Best Practices
|
||||
- **Common Issues:**
|
||||
- Plugin not enabled: Errors like "deb content type not available" – re-run the installer.
|
||||
- Sync failures: Check URLs, firewalls, and proxy settings. Use `hammer repository info` for details.
|
||||
- No packages syncing: Ensure components/releases match Ubuntu's structure.
|
||||
- Disk space: Ubuntu repos are large; monitor `/var/lib/pulp`.
|
||||
- **Security Best Practices:**
|
||||
- Use HTTPS for repo URLs where possible.
|
||||
- Enable GPG verification to prevent tampered packages.
|
||||
- Apply input validation in any scripts (e.g., sanitize URLs).
|
||||
- Least privilege: Restrict content views to specific organizations/locations.
|
||||
- Recommend penetration testing for custom repos in production.
|
||||
- **Efficiency Tips:** Use "On Demand" download policy to save resources. Schedule syncs via Sync Plans.
|
||||
- **Limitations:** Satellite's deb support is basic compared to RHEL; for advanced Ubuntu management, consider tools like Landscape or Foreman standalone.
|
||||
- **Further Reading:** Refer to Red Hat Customer Portal articles like "How to sync Ubuntu repositories in Red Hat Satellite 6?" (Solution 6930591) or "How to add Custom Repository to the Content View" for visuals and updates.
|
||||
|
||||
If you encounter errors or need help with a specific Satellite version, provide more details for tailored advice. For hands-on implementation, I can guide you through creating scripts or configs if needed.
|
||||
Reference in New Issue
Block a user