Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1024530

Summary: Section 6.2 Satellite Nodes feedback
Product: Red Hat Satellite Reporter: Mike McCune <mmccune>
Component: Docs Install GuideAssignee: Athene Chan <achan>
Status: CLOSED CURRENTRELEASE QA Contact: Dan Macpherson <dmacpher>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.0.2CC: achan, mmccune, mmurray
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-03-26 17:22:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mike McCune 2013-10-29 21:01:51 UTC 
- Note: Need to set selinux to permissive on the box where the node is to be installed.

 - Need to note that the "node-certs-generate" command should be run on the Satellte 6 server. 

 - What is the child in child-fqdn?  Need to clarify that the child is the node.

 - Change "Content Definition View" to "Content View Definition"

 - For consistency, recommend adding the '-v' to the node-certs-generate (similar to node-install). Also, may want to note somewhere that the logs for those commands may be found in /var/log/kafo, in case the user needs to refer to them later.

 - After node-install and node-certs-generate, recommend that the user 'echo $?' to see the status of the command.  If it returns 0, the command was successful; otherwise, it an error occured.  If an error occured, the user may want to look over the logs in /var/log/kafo to debug the cause of the failure.

 - Need to indicate that "OAUTH_SECRET=$(cat /etc/katello/oauth_token-file)" needs to be from the Satellite 6 server itself, not on the node.  The key part of that command is that the variable is populated with the value in /etc/katello/oauth_token-file on the Satellite server.

 - For consistency we should remove the #s from options 1 and 2
Comment 1 RHEL Program Management 2013-10-29 21:05:26 UTC 
Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.
Comment 3 Athene Chan 2013-10-30 01:30:56 UTC 
Changed:
If configuring as a Content Node: Generate certificates for the Content Node from the Satellite server.
			
to

If configuring as a Content Node: Generate certificates for the Content Node from the Satellite server.
			

Add the node-certs product to the Content Definition View for your product.		
to
Add the node-certs product to the Content View Definition for your product.
				

# node-certs-generate --child-fqdn satnode.example.com   --katello-org "Satellite Infrastructure" --katello-user admin --katello-password admin --katello-activation-key node

to

# node-certs-generate -v --child-fqdn satnode.example.com   --katello-org "Satellite Infrastructure" --katello-user admin --katello-password admin --katello-activation-key node

All instances of "Run the following commands as the root user" to "Run the following commands as the root user on the Satellite Server" for OAUTH.

Added:
Prerequisite
Set the SELinux permissions to permissive on the system designated as the Satellite node.

Note:
To test if the configuration is successful, run this command as the user on the node:
# echo $?
This command should return a "0" to indicate success. If it does not, check /var/log/kafo to debug the cause of failure. /var/log/kafo is the log file for the output generated by the commands node-certs-generate and node-install.


TBC -> need the --help for node-generate-cert to fulfill the child-fqdn request.

Mike, can you generate the list for me?
Comment 4 Mike McCune 2013-10-30 20:40:36 UTC 
# node-certs-generate --help
Usage:
    node-certs-generate [OPTIONS]

Options:
    -i, --interactive             Run in interactive mode
    -v, --verbose                 Display log on STDOUT instead of progressbar
    -n, --noop                    Run puppet in noop mode? (default: false)
    -d, --dont-save-answers       Skip saving answers to answers.yaml? (default: true)
    --[no-]enable-node-certs      Enable puppet module node_certs? (default: true)
    --katello-user                Katello username used for creating repo with certs.
                                  This param indicates that we want to distribute the certs via
                                  Katello repo (default: nil)
    --katello-password            Katello password (default: nil)
    --katello-repo-provider       Provider name to create a repository in (default: "node-installer")
    --child-fqdn                  fqdn of the child node. REQUIRED (default: nil)
    --parent-fqdn                 fqdn of the parent node. Usually not need to be set. (default: "dhcp-8-30-77.lab.eng.rdu2.redhat.com")
    --katello-activation-key      Activation key that registers the system
                                  with access to the cert repo (OPTIONAL) (default: nil)
    --katello-product             Product name to create a repository in (default: "node-certs")
    --certs-tar                   path to tar file with certs to generate (default: nil)
    --regenerate                  regenerate certs for the node (default: false)
    --katello-org                 Organization name to create a repository in (default: "Katello Infrastructure")
    -h, --help                    print help