study and implementation of katello patch management

Support
1

Hi,

The company I work for is considering implementing Foremam Katello patch management to implement patch updates for linux servers.
I would like to know some information like:

Need to install on a CentOS server?
Need distributed stream servers;
Need Additional Services like DNS, DHCP AND NTP Servers?
Do you need katello agents on the customer’s machine?
Need Scripting?
Need Database?

What is the purpose of this implementation:

a view of the entire linux park (hostname, OS version, etc);

a view of each Linux srv if it has outdated packages;

desirable: a new package version approval mechanism;

desirable: after approval, package updates are installed on servers;

desirable: possibility of scheduling the application of updates, rebooting the servers;

1 Like
2

Hey, welcome to the community!

For patch management, you’ll need Foreman with the Katello plugin. The Katello plugin handles all content management. One word of caution: you have to install this as part of your initial installation. At the moment you cannot add this at a later stage.

For patch management, you would need to install Foreman with Katello on a Centos or RHEL server.

With regards to the rest of the questions, can I direct you to some resources. I’m hoping others will chime in here also.

For a full understanding of content management in Foreman, please watch @iballou’s recent overview and intro:

We also have a comprehensive guide. https://docs.theforeman.org/3.1/Content_Management_Guide/index-katello.html

Take a look at our installation guide for a full understanding of all the requirements to run Foreman with Katello: Installing Foreman 3.1 Server with Katello 4.3 Plugin on RHEL/CentOS

Katello agents are gone, so no. For more information about remotely executing jobs on endpoints, take a look at this guide: Managing Hosts

Take a look at content views https://docs.theforeman.org/3.1/Content_Management_Guide/index-katello.html#_using_content_views

For more information about remotely executing jobs on endpoints, take a look at this guide: Managing Hosts

Perhaps I’ve misunderstood something, or said something wrong. In general I try to provide the source of truth :slight_smile: I think I’ve given you enough to work with for now, but I trust that other people might step in with further guidance :wink:

3 Likes
3

Do you need katello agents on the customer’s machine?

Clarifying this a bit, there are two options for running jobs on client machines-- katello-agent and remote execution via SSH. Katello-agent is deprecated; it’s not removed quite yet but I wouldn’t recommend a new installation using it, as it will disappear in the next couple releases. Instead we recommend using REX (remote execution) which does not require an agent running on the client.

2 Likes