Spacewalk User new to Foreman

Hi Guys,

I am new to Foreman. I have been using Spacewalk for my Linux infra to keep track of the number of systems and applying security patches. As I search spacewalk alternative I see foreman on the top of the list. I was able to deploy the foreman and bring up the Web UI. It looks quite different compare to Spacewalk. I am looking for some basic guideline:

- Does "Hosts" means in Foreman the same as "Systems" in spacewalk
- How do I add a Client different Linux distro to Foreman
- How do I setup Channels/Repos

Please share any link or document that would help to get me up to speed

Thank you

Yes and no, the content host is nearly the same and the host is provisioning and configuration management view of the system which is as similar as possibly if the tooling differs widely for this part.

The subscription-manager is available for different distros so this should be the same, but this brings me to your third question as registering is only one side and you need a product too.

In Katello you have Product which is a group of repositories, repositories which can be yum but also deb and some other types and you have content views which are for doing a snapshot of content and grouping products/repositories (so the object most similar to channels) and life cycle environments to stage the content view version from development over testing to production (or how you want to name it).

Best is having a look at the docs, so the content management guide is perhaps the most important for you: Content Management Guide

Regarding clients:

• yum.theforeman.org/client/nightly for EL and SLES 11/12
• apt.atix.de for Debian 10 and Ubuntu 20.04

You basically sync and manage those clients as you handle any other content. When provisioning a host, for example Ubuntu 20.04 where there is no subscription-manager available in its base repos, you need to provide this repo at time of installation. For more information, see Managing Hosts running Ubuntu 20.04.

Thanks guys for your quick response.

Before I get too deep into this I want to make sure that I will be able to see a list of systems identifying which system requires security patches (ERRATA) and able to push it from the foreman console to selected systems

Like I have in the spacewalk :

Untitled1575×752 120 KB

Hi @salton

Once you have your host registered subscribed with a subscription if Red Hat repos, you will be able to see which systems need Errata after the clients push up their package/repo list and it is calculated. To apply errata to clients from the UI, you will want to make sure you have Remote Execution installed and configured.

In foreman, I don’t see a left menu option for Content. so, I need to install Katello. The foreman is installed on CentOS Stream release 8. How do I install Katello? The document link is not showing any installation instructions for version 4.0

Capture1216×602 49.9 KB

What version of Katello I should install?

The earlier version of Katello (3.18) only showing options for Enterprise Linux 7 (CentOS,etc)

Capture21186×743 98.7 KB

Hi @salton,

With the release of Katello 3.18+ the docs have been moved over to docs.theforeman.org

Here are the steps to install Katello on CentOS/RHEL

https://docs.theforeman.org/2.4/Installing_Server_on_Red_Hat/index-katello.html

Thanks, @cintrix84
it looks like this is what I needed.

The old doc page shows a link to the new docs. It’s in your screenshot: “Documentation is available at docs.theforeman.org”.

On a sidenote: it’s not supported to install katello on top of an existing foreman installation. As you have already installed foreman you’ll need to install katello (which includes foreman) on a new server.

I did click on that link but I didn’t follow the sub links. I do see it now via the main link.

if I am installing it from scratch then I can have both Foreman and Katello on the same server. I like to keep both on the same server for testing but will keep them separate for prod?

@gvde that’s pretty clearly noted in the Katello docs up to 3.18, but with the new pages, it’s nowhere near as clearly stated, although it is implied by the RPM install of foreman-installer-katello.

@salton, I’ve been tinkering w/ tFm/Katello for some time (getting much closer,) and running with a collapsed install on a single server. Ultimately, I expect to run capsule servers for content deployment in remote data centers, retaining central control.

In the system requirements:

Foreman server must be installed on a freshly provisioned system that serves no other function except to run Foreman server.

Of course, the new docs are much more extensive and detailed and thus it‘s easier to miss…

I am getting this error. I don’t think missed a step.

[root@fmn01]# foreman-installer --scenario katello --foreman-initial-organization “MyTest-Server” --foreman-initial-location “CA1” --foreman-initial-admin-username admin --foreman-initial-admin-password password
2021-06-16 14:09:30 [NOTICE] [root] Loading default values from puppet modules…
2021-06-16 14:09:35 [NOTICE] [root] … finished
2021-06-16 14:09:37 [NOTICE] [root] Running validation checks
Failed to ensure foreman-selinux, katello-selinux, candlepin-selinux, pulpcore-selinux are installed
2021-06-16 14:10:27 [ERROR ] [root] Failed to ensure foreman-selinux, katello-selinux, candlepin-selinux, pulpcore-selinux are installed
Error: Execution of ‘/bin/dnf -d 0 -e 1 -y install katello-selinux’ returned 1: Error: Unable to find a match: katello-selinux
Error: /Stage[main]/Main/Package[katello-selinux]/ensure: change from ‘purged’ to ‘present’ failed: Execution of ‘/bin/dnf -d 0 -e 1 -y install katello-selinux’ returned 1: Error: Unable to find a match: katello-selinux
Error: Execution of ‘/bin/dnf -d 0 -e 1 -y install candlepin-selinux’ returned 1: Error: Unable to find a match: candlepin-selinux
Error: /Stage[main]/Main/Package[candlepin-selinux]/ensure: change from ‘purged’ to ‘present’ failed: Execution of ‘/bin/dnf -d 0 -e 1 -y instal l candlepin-selinux’ returned 1: Error: Unable to find a match: candlepin-selinux
Error: Execution of ‘/bin/dnf -d 0 -e 1 -y install pulpcore-selinux’ returned 1: Error: Unable to find a match: pulpcore-selinux
Error: /Stage[main]/Main/Package[pulpcore-selinux]/ensure: change from ‘purged’ to ‘present’ failed: Execution of ‘/bin/dnf -d 0 -e 1 -y install pulpcore-selinux’ returned 1: Error: Unable to find a match: pulpcore-selinux
2021-06-16 14:10:27 [ERROR ] [root] Error: Execution of ‘/bin/dnf -d 0 -e 1 -y install katello-selinux’ returned 1: Error: Unable to find a matc h: katello-selinux
Error: /Stage[main]/Main/Package[katello-selinux]/ensure: change from ‘purged’ to ‘present’ failed: Execution of ‘/bin/dnf -d 0 -e 1 -y install katello-selinux’ returned 1: Error: Unable to find a match: katello-selinux
Error: Execution of ‘/bin/dnf -d 0 -e 1 -y install candlepin-selinux’ returned 1: Error: Unable to find a match: candlepin-selinux
Error: /Stage[main]/Main/Package[candlepin-selinux]/ensure: change from ‘purged’ to ‘present’ failed: Execution of ‘/bin/dnf -d 0 -e 1 -y instal l candlepin-selinux’ returned 1: Error: Unable to find a match: candlepin-selinux
Error: Execution of ‘/bin/dnf -d 0 -e 1 -y install pulpcore-selinux’ returned 1: Error: Unable to find a match: pulpcore-selinux
Error: /Stage[main]/Main/Package[pulpcore-selinux]/ensure: change from ‘purged’ to ‘present’ failed: Execution of ‘/bin/dnf -d 0 -e 1 -y install pulpcore-selinux’ returned 1: Error: Unable to find a match: pulpcore-selinux
[root@fmn01~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
[root@fmn01 ~]#

I tried to google the error but didn’t really get any resolution but it seems this is not stable on CentOS 8 as yet. if so, please let me know a stable release that should work out of the box.

Which docs exactly are you using? What is the URL?

This is on a new provisioned server and not on a server on which you have had foreman (without katello) installed before?

You don’t have the katello repositories (enabled). Check with

dnf repolist

It’s definitively in the instructions for katello: Installing Foreman 2.4 server with Katello 4.0 plugin on Enterprise Linux

That’s right I don’t see Katello in the list. Let me try this again. I was following the same link

root@fmn01 ~]# dnf repolist
repo id repo name
appstream CentOS Stream 8 - AppStream
baseos CentOS Stream 8 - BaseOS
extras CentOS Stream 8 - Extras
foreman Foreman 2.4
foreman-plugins Foreman plugins 2.4
powertools CentOS Stream 8 - PowerTools
puppet6 Puppet 6 Repository el 8 - x86_64

It’s step 3 in Installing Foreman 2.4 server with Katello 4.0 plugin on Enterprise Linux chapter “3.1.2 CentOS 8”.

I successfully deployed the Foreman 2.4 server with Katello 4.0. I have also created the content repo for Fedora-31 which successfully syncs all the packages.

I was not able to find any instructions for Fedora client-side setup on google but I was able to get my fedora client registered and remove the old spacewalk registration.

I ran the following to get my fedora client registered with the foreman:

yum -y install subscription-manager
rpm -Uvh http://fmn01/pub/katello-ca-consumer-latest.noarch.rpm
subscription-manager register --org="MyTest" --activationkey="fedora31"

Now, I see Fedora client on Content Hosts list showing subscription status green but I see Katello Agent is not installed. Do I need this agent installed?

ClientCapture761×683 40.8 KB

No. The agent is obsolete. If you need remote execution you have to install the remote execution plugin.

I am getting the following error. I remember been told that katello-agent has been deprecated. Can you please share other processes for pushing the updates to the client?

Host did not respond within 20 seconds. The task has been cancelled. Is katello-agent installed and goferd running on the Host?