“How did you register the host exactly?”
I have a small ansible playbook for this
-
name: Gather facts
setup:
gather_subset: min
when: ansible_os_family is not defined
-
name: Configure rhsm
block:
-
name: Check if system already registered
stat:
path: /etc/pki/consumer/cert.pem
register: certificate
-
name: Configure /etc/hosts
lineinfile:
path: /etc/hosts
line: “_foreman_ip foreman_fqdn”
state: present
-
name: Install Katello certificates
yum:
name: “http://foreman_fqdn/pub/katello-ca-consumer-latest.noarch.rpm”
state: latest
disable_gpg_check: true
when: not certificate.stat.exists
-
name: Register CentOS7 server in Foreman/Katello
command: subscription-manager register --org=“ORG” --activationkey=“org-centos7-main”
when: not certificate.stat.exists and ansible_distribution_major_version == “7”
-
name: Register RHEL8 server in Foreman/Katello
command: subscription-manager register --org=“ORG” --activationkey=“org-rhel8-main”
when: not certificate.stat.exists and ansible_distribution_major_version == “8”
when: ansible_os_family == “RedHat” and ansible_distribution_major_version | int >= 7
“Verify that the required rpms are installed on the client:”
[root@smsk-cnt7ad03t ~]# rpm -qa katello-host*
[root@smsk-cnt7ad03t ~]# rpm -qa katello-ca*
katello-ca-consumer-foreman_fqdn-1.0-1.noarch
“Make sure to refresh:”
[root@smsk-cnt7ad03t ~]# subscription-manager refresh --force
1 local certificate has been deleted.
All local data refreshed
“Check the identity of the client”
[root@smsk-cnt7ad03t ~]# subscription-manager identity
system identity: 088b956c-d152-4cb0-a356-bf45fbb225a4
name: smsk-cnt7ad03t
org name: ORG
org ID: ORG
environment name: MAIN/centos7
“Verify that the shown system identity is the same as shown on your foreman server on the content page of the client host.”
Yes, they are equal
“Also make sure that the repositories required are in the content view of the client, i.e. your content view “centos7” contains all the repositories you need.
Make sure the current published version of the content view contains those repositories or publish a new version to be sure.
Make sure the latest version containing those repositories has been promoted to the lifecycle environment of the client, i.e. in your case “MAIN”.”
I have verified all the above - everything looks good
“Verify that it’s published correctly by access /pulp/content/ URI on your foreman server, assuming you don’t use a content proxy (e.g. https://foreman.example.com/pulp/content/)
Check that there are links listed aka ORG/MAIN/centos7/custom/product/reponame/ for each product and repository which are part of that content view.”
All repos are available directly (via HTTP), and I can use them if configure manually
“Otherwise the output of subscription-manager config might be helpful to continue here…”
[root@smsk-cnt7ad03t ~]# subscription-manager config
[server]
hostname = foreman_fqdn
insecure = [0]
no_proxy =
port = [443]
prefix = /rhsm
proxy_hostname =
proxy_password =
proxy_port =
proxy_scheme = [http]
proxy_user =
server_timeout = [180]
ssl_verify_depth = [3]
[rhsm]
auto_enable_yum_plugins = [1]
baseurl = https://foreman_fqdn/pulp/content/
ca_cert_dir = [/etc/rhsm/ca/]
consumercertdir = [/etc/pki/consumer]
entitlementcertdir = [/etc/pki/entitlement]
full_refresh_on_yum = 1
inotify = [1]
manage_repos = [1]
package_profile_on_trans = 1
pluginconfdir = [/etc/rhsm/pluginconf.d]
plugindir = [/usr/share/rhsm-plugins]
productcertdir = [/etc/pki/product]
repo_ca_cert = /etc/rhsm/ca/katello-server-ca.pem
repomd_gpg_url =
report_package_profile = [1]
[rhsmcertd]
auto_registration = [0]
auto_registration_interval = [60]
autoattachinterval = [1440]
certcheckinterval = [240]
disable = [0]
splay = [1]
[rhsmd]
processtimeout = [300]
[logging]
default_log_level = [INFO]
- Default value in use