I hope to document the issues I ran into on this page so that others can hopefully save a bunch of time.
Environment
- Single Satellite 6 server with an integrated capsule.
- Windows 2008 R2 for DHCP and DNS.
- A VLAN (with an ip helper pointing at the windows dhcp server) just for linux provisioning. I placed my Satellite 6 server directly in this VLAN. If your environment already has some PXE booting solution like SCCM, I highly recommend creating a new VLAN.
Configure Satellite 6 for provisioning
The default installation of Satellite 6 does not include all the necessary configuration options for provisioning services. Enable everything necessary by running the following command as root on the satellite 6 server
- # katello-installer --capsule-parent-fqdn $(hostname) --capsule-dns true --capsule-dns-forwarders <X.X.X.X> --capsule-dns-interface <interface> --capsule-dns-zone <dns zone> --capsule-dns-reverse <X.X.X.in-addr.arpa> --capsule-tftp true --capsule-tftp-servername <servername.fqdn.tld>
Change the items in <>'s to whatever they are in your environment. After issuing this command, the installer will run (takes a few moments) and enables the provisioning items that were missing. To verify, browse to the Satellite 6 interface, select Infrastructure > Capsules. The satellite server should be listed and have "TFTP, DNS, Puppet, Puppet CA, and Pulp" listed as features.
Configure Foreman Discovery Module
The discovery module allows "unknown" hosts to automatically register with the Satellite server. This means that you can rack a new server, network boot and then configure the rest from Satellite.
- Install some packages that might be missing on the satellite 6 server
- yum -y install foreman-discovery-image rubygem-hammer_cli_import
- Configure the "PXELinux global default" provisioning template so it will know where the discovery image is located.
- In 6.0.1, there is a bug which "locks" this template from editing. Unlock it from the command line using these commands:
- foreman-rake console (will ask for admin password)
- ct = ConfigTemplate.find_by_name("PXELinux global default"); ct.locked = false; ct.save!
- exit
- In the Satellite 6 web interface, browse to Hosts > Provisioning Templates. Find the PXELinux global default template and click on it.
- In the template editor on the right, put in the following code after the "local" section:
- In the upper right corner of the Provisioning Templates screen, Click Build PXE default.
LABEL discovery
MENU LABEL Foreman Discovery
MENU DEFAULT
KERNEL boot/foreman-discovery-image-latest.el6.iso-vmlinuz
APPEND rootflags=loop initrd=boot/foreman-discovery-image-latest.el6.iso-img root=live:/foreman.iso rootfstype=auto ro rd.live.image rd.live.check rd.lvm=0 rootflags=ro crashkernel=128M elevator=deadline max_loop=256 rd.luks=0 rd.md=0 rd.dm=0 rd.bootif=0 rd.neednet=0 nomodeset selinux=0 stateless
IPAPPEND 2
Press submit
Configure Windows DHCP Server Scope
- Open the DHCP management console as a domain adminstrator. Find the DHCP scope for the vlan that will be provisoning Linux servers from Satellite.
- Expand the scope and click on scope options. Right click on scope options and click configure options.
- Scroll down to option 066, Boot Server Host Name. Check the checkbox and type in the FQDN of the Satellite server. Click Apply
- Check the check box next to option 067, Bootfile Name. Type in pxelinux.0
- Make sure the network configuration on the router has an IP Helper setup for this vlan so it knows where to send DHCP requests.
- Also make sure the DHCP scope actually has an address range configured.
Configure SRV Record in Windows DNS
When the server loads the boot image, it starts loading up a 180 mb linux image that connects to the Satellite server and adds an entry for the server so it can be provisioned. There are a couple ways of doing this, adding the "foreman.url" option to the kernel boot parameter in the provisioning image or creating a srv record. Using the foreman.url option did not work for me at all, but using the SRV record did.
- Open the DNS management console as domain admin.
- Right click on the DNS zone to add the SRV record to, click New Other Records.
- Scroll down to Service Location (SRV). Select it and click on Create Record.
- In the service field, type: _x-foreman
- In the Protocol field, type: _tcp
- In the priority field, type: 0
- in the Weight field, type; 5
- In the port number field, type: 443
- In the Host offering this service field: type the FQDN of the satellite server.
- Click OK
Provisioning an Unknown Host
After performing all of the above steps, you should now be able to provision a new host by just network booting it.
- Power on the server to be provisioned and select network boot. The server should PXE boot and start downloading the foreman discovery image.
- Wait for the image to download and for the OS to load. Eventually, the console will show "Registering with foreman."
- Open up the satellite 6 interface. Click on Hosts > Discovered Hosts. The server should be listed there.
- Click the server name and then click on Provision in the upper right.
- Select host group or manually enter all the information.
- Click build
- The server to be provisioned should automatically reboot and then start installing Linux
To Do:
Will come back and update this later. I still need to:
- Integrate an activation key into the build process so systems can get packages from Satellite
- Figure out how to make the provisioned server actually use the IP address entered into the provisioning screen. Out of the box, seems like Sat 6 tries to do MAC address reservation with DHCP which will not work when using an external DHCP server.
- Mess with the kickstart file so that it will enable the rh-common repository and install the katello-agent after the OS installation is done. The subscription-manager that is on RHEL 5 and RHEL 6 does not support enabling repositories from the Satellite web interface. Pretty silly.
