Yes, that was very much a “huh” moment for me as well, and a thorough deal-killer. I had just gotten things set up so high-level admins could use SW 2.10 to push updated zone files via a config channel and then bounce named via an action chain. It’s the simplest, most brain-dead way for non-vi / non-cli /non-emacs users to get the job done.
Is that optimal in my world? Not always, but the presence of choice and simplicity often overrides “latest greatest whiz-bang” when dealing with people who would look at YAML and also have a “huhwhu?” moment.
I suspect as CentOS 7 finally ages out and we move to (possibly) RockyLinux, Foreman will come back to the forefront as our lifecycle management tool of choice. By then, hopefully it’s a bit more polished and presentable in the areas where it still shows rough edges.
That said, no one should take this as suggesting Foreman is junk or garbage. It’s quite an effort, with a lot of moving pieces. As a small-time FOSS coder myself, I appreciate some of the challenges of herding cats and trying to “just make it work”.
Aside from an automated publishing option, maybe some sort of icon next to the content view if it has out of date packages might be interesting. @katello I’m curious if anyone else has any ideas.
Very true, it’s not the first time we hear that. However it’s possible to deploy a cron job with a script that would regularly pull template of type “script” that could write those templates. But there is really no concept of a configuration channel or configuration in Foreman UI or API.
I’m waiting for Katello to make the el8 install jump before I begin a test migration of Spacewalk to Katello/Foreman. Forewarning that this is for a home install and not in any way for enterprise.
+1’ing emmitchell’s comment: the absence of configuration channels, configuration file tracking, and a configuration channel hierarchy is what gives me the most pause about the migration. Since this is a home setup, I can’t tell you the number of times I’ve updated a config file on a server only to forget I’d done it later on and have Spacewalk remind me (at which point I’d backfill the changes). It really saved my bacon and made rebuilds and the migrations from CentOS 7 to CentOS 8 relatively painless.
We talked about this feature way back and IIRC the consensus was: configuration management tool is to solution to the problem, we should not be building another one. I can understand that Satellite 5 way of doing this was comfortable, right from the UI, no git involved, no writing of manifests, roles or modules.
Maybe it’s the time to reconsider this, I like the idea of building it on top of an existing configuration management tool (or tools). A plugin that would provide web UI and CLI to create configuration files and it would generate required ansible/puppet modules that could be easily imported into Foreman or Katello sounds nice. What exactly would you expect from such a tool? I am assuming ability to define a file (filename) and contents (as a ERB template) and associate this with hosts/hostgroups. Anything else?
The templates we ship by default are part of our repository.
If you think it’s useful for others, contributions are highly encouraged. This area is IMHO the easiest for users place for users to contribute back and it greatly helps other users.
Interesting, I was under the impression that those ansible roles are to control Foreman/Katello as a service, not to deploy files or performing actions on the client servers. I will check up on that. Thank you!
We already had some thousand RHEL-hosts running with Katello repositories/contentviews/activationskeys and moved some hundred SLES-VMs from SUSE Manager 3.2 to Katello 3.14 in 2020 successfully but with some problems still remaining:
“Could not calculate errata status, ensure host is registered and the katello-host-tools package is installed (Errata)” – both SLES12 and SLES15
“System Purpose = Mismatched” – only SLES12
Katello served repos can not completely be enabled on SLES-VMs - therefore we manage the repos with a simple puppet template file instead of using an actication-key with the repos needed for SLES12SPx or SLES15SPy - have a look at: Entitlement certificate not containing all content (…SLES systems not getting all their repositories…)
Katello works and thinks different than SUSE Manager, so we had to reorg our brains from SUMA-speak to Katello-speak - done.
Any particular concept that you wished was explained better?
No, we already knew Katello due to managing RHEL with Katello
Any obstacles you hit?
The SCC plugin was/is not documented very well (this could be made better). Therefore we had much try and error to do
After adding a “product” within the “SUSE Subscriptions” there’s no chance to remove/unsubscribe it afterwards. Or we don’t know due to missing documentation?!
Anything you learned that you wish you knew before?
We would have learned less, if there had been a better documentation
Any Foreman-related resources that were of particular use to you?
We needed to build some packages for katello-host-tools and some more for SLES15. It really would have been nice if these packages had already been built and would be/will be distributed by the foreman community:
This will be gone in the future anyway and replaced by Remote Execution, which will get a pull-based provider for those needing this communication direction in the future.
One thing I’ve found, and I can’t tell if it’s a bug because of the repeatedly mentioned lack of documentation, but Pulp only syncs yum content to smart proxies so they lack the actual tree of files required to perform a Kickstart (squashfs.img etc.). This is a deal breaker for using Foreman in my environment for network-related reasons, besides all the other bugs and learning from trial and error that have to take place in order to get to the point of using Foreman from scratch, and the concerns about being able to back the thing up without just shutting it down and taking VM snapshots every day.
I know a few who are still holding Spacewalk installations in the air, waiting due to “all” the Pulp2/3 issues, presumably waiting a bit into the katello 4.0 release. And I can confirm most of what has been written by @rbremer, where Katello seems to be the biggest concept that people have a hard time getting their head around.
Regarding stability, then for me it is mainly the dreaded updates. I believe that I have only experience about two updates the last 2 years, that didn’t have any issues and just worked. A few of them I have created as topics here, and the others got resolved by reading other peoples topics with similar issues. I have maintained a few pure Foreman installations in the same time, and they have upgraded with no noticeable issue.
I only really remember the iPXE chain(?) template that got updated around 2.1 ish, with the foreman_url having the MAC parameter inside the function call, which got fixed in 2.3 and not backported (as I remember - a revert of the template would have been nice).
I typically try to wait to .3 or .4 Z-releases before upgrading, if possible, in order to try not to get affected by those upgrade issues. Sometimes I even bundle two minor releases together, and then setting aside the entire day to handle the issues,
When being used to Spacewalk just upgrading with no issues, then this is really a major thing, among the people I talk to. The typical response from people, have been that they rather just reinstall from scratch if any errors happens during upgrades.
We are hosting this event this coming Thursday, if any of the Spacewalk folks would like to come along: Introduction to Katello or I’d happily try and organise a separate session if there’s something more specific that people need.
I’m late to the game here, but I’m going to chime in (I’ve been absent since the first of the year to other higher priority projects/issues.)
I’ve been using Spacewalk/RHS5 for the better part of 10 years (first RHS5 install was on RHEL 5.4 or so.) I have burned it down and rebuilt it from scratch a couple of times, with some homebrewed Perl automation & the API calls. For most purposes, SW has worked very well, but the errata handling has been a major nightmare for me.
Conversion… I should have had this running on tFm/Katello 6 months ago. The Pulp2 to Pulp3 conversion on my trial server… I chased the nil pointer issue for several hours and figured I really just did not have enough time to chase. Nuked it from orbit with a fresh CentOS7 and latest stable build. Chasing CentOS repo sync issues at the moment.
In SW, I had channel families built and tied to online repositories for nightly downloads. I created dev, QA and prod channel sets as clones of the download sets, and rolled the content periodically when patching occurs. This was one of my hang-ups in the Katello world. This turns into a combination of content views and lifecycle environments. I also relied heavily on the underlying cobbler tools for provisioning, and I’ve managed to get operating systems configured, along with migrations of my rather custom kickstarts.
For any Spacewalk users contemplating this conversion… yes, it’s a very significant undertaking. My best advice is to pretty much forget how you did it in Spacewalk, learn the native Foreman and Katello tools and methodologies. If you try to shoehorn your Spacewalk methods into tFm/Katello, only madness lies down that road. For all intents and purposes, Spacewalk is dead.
Here is another spacewalk user coming to Foreman. I am not sure where to begin. I just installed successfully foreman and able to login to Web UI. trying to get myself familiar with the product and trying to find some guideline/howtos for basics, adding a client, setting up a repo/channels
Feel free to create a new topic describing the details of your setup and we will try to help!
Edit: I see you’ve already created another topic. Excellent!
First of all, sorry for the long post and reviving this thread but I felt like the right place.
I manage around 400 hosts spread out on 10+ sites around the world. When Spacewalk went EOL some years ago the hunt for a replacement started and the obvious choice was Foreman/Katello. Back then when trying out Foreman/Katello it felt like such a downgrade of the tools compared to what Spacewalk provided so I basically gave up and figured, lets wait a couple of years and see if things get better. Now I am back and this time I guess I figured lets actually deploy this. Now working with Foreman and Spacewalk side by side again really makes me wondering why there are still so many features missing in the Foreman web interface. Just to name a few that stands out the most.
The menu system. Spacewalk uses menus both at the top and left with collapsible menus on the left (using all space on the left). Selecting the top menu changes the left menu so it only contains what you need for the task. Foreman only use a small menu on the left taking 40% of the space and contains everything so you have to keep opening that slow menu over and over just to toggle between for example the hosts and content hosts menu.
Spacewalk uses Systems and all machines and actions you want to do with them is in the same place. This separation of Hosts and Content Hosts in Foreman makes me so frustrated since I have to keep track what I can see and do from Hosts and Content Hosts menus.
In Spacewalk you have the excellent way to select systems you want to do things with and then click manage. From there you have 50+ shortcuts to things you can do with these systems and they stick around as selected until you clear it. Super handy when you want to perform multiple actions on the same group of machines without them actually having to be in a created group. You can go back and forth in different menus and they are still selected.
In Foreman you select some machines but the selection does not stick and very limited actions you can do with the selected hosts.
Advanced Search in Spacewalk is really nice when you ex. want to get a list of what systems has a package and what version of that package they use and from the search hit list, select the hosts you want to do things with. Have not found anything like that in Foreman.
Spacewalk has the shortcut to systems that needs to reboot and then selecting systems from that list and schedule reboots. Have not seen that in Foreman.
In spacewalk you can see all extra packages machines have that does belong in the subscribed repos. Super helpful to track down machines that needs an extra repo or rouge installed packages. Do not see that in Foreman. Closest I get is to define a search query in the content hosts list that somehow gives me a list of hosts that has unresolved traces and select those and go to manage host traces and restart with no way to schedule the restarts.
All actions in spacewalk always let you run them now or schedule them. In Foreman there is so often no choice but to execute them now.
System currency list in Spacewalk showing a list of all machines that are in need of patching with the machines that need them the most at the top, ranking them with a score. Super handy view to get a quick overview of the patching situation. Foreman is lacking this.
Configuration in Spacewalk is really handy to be able to have a super simple way to push out files to the subscribed systems or when a new system is subscribed and keep track if the files changes on the systems. Foreman has no way to do this what I know.
If I see a handful of systems that has packages that can be upgraded in spacewalk I can select these systems, click upgrade, get a list of what packages can be upgraded and to what version and if errata is applicable. If I select all packages the next window will let me know what packages with be upgrades on what systems and give me a choice to schedule the update now or change it to a later date. Click confirm and off it goes.
In Foreman the content hosts view is the only way to see if a list of hosts has a package that can be upgraded. I select the hosts that has updates and my choice now is “Select action” and “Manage Packages”. From this choice I do not see what is going to happen to what packages or hosts and I can only select to do it now, not scheduled.
My feeling with Foreman as it is now is that there is so much under the hood not easily accessible from the web interface and if it was, it could transform the experience totally. That said, I do see the potential and I will be sticking around and hopefully we will manage to implement some nice new “Spacewalk like” features in the future.
While I agree on most of your points (speaking generally, Katello is still lacking functionality which some users took for granted in Spacewalk), there are points which need correcting:
The Job Invocation page should always show at the bottom:
Schedule o Execute now o Schedule future execution o Set up recurring execution
When you show the advanced fields, there are even more options to change the concurrency level, time span, and randomizing the order of execution across all your chosen hosts.
Remote execution through Foreman is much improved over the equivalent functionality in Spacewalk.
The UX designers would have you believe Foreman uses the optimal menu design. I’m somewhat sceptical about this, but I don’t find it hard to use.
The journey to fixing this (finally) looks to be starting in recent Foreman/Katello releases with the new Hosts page. It doesn’t have all the details from the Content Hosts page yet, but hopefully this improves.
An equivalent to System Set Manage would be a real boost. Sure, I can carry out actions on sets of hosts, but the flexible selection of systems to add/remove from SSM in Spacewalk was a real winner.
Configuration files was dropped completely in Foreman/Katello in favour of using Puppet. Although that is now being deprecated.
