Bug 1024530 - Section 6.2 Satellite Nodes feedback
Section 6.2 Satellite Nodes feedback
Status: CLOSED CURRENTRELEASE
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Docs Install Guide (Show other bugs)
6.0.2
Unspecified Unspecified
unspecified Severity high (vote)
: Unspecified
: --
Assigned To: Athene Chan
Dan Macpherson
: Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-10-29 17:01 EDT by Mike McCune
Modified: 2015-05-11 18:09 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-03-26 13:22:18 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mike McCune 2013-10-29 17:01:51 EDT
- Note: Need to set selinux to permissive on the box where the node is to be installed.

 - Need to note that the "node-certs-generate" command should be run on the Satellte 6 server. 

 - What is the child in child-fqdn?  Need to clarify that the child is the node.

 - Change "Content Definition View" to "Content View Definition"

 - For consistency, recommend adding the '-v' to the node-certs-generate (similar to node-install). Also, may want to note somewhere that the logs for those commands may be found in /var/log/kafo, in case the user needs to refer to them later.

 - After node-install and node-certs-generate, recommend that the user 'echo $?' to see the status of the command.  If it returns 0, the command was successful; otherwise, it an error occured.  If an error occured, the user may want to look over the logs in /var/log/kafo to debug the cause of the failure.

 - Need to indicate that "OAUTH_SECRET=$(cat /etc/katello/oauth_token-file)" needs to be from the Satellite 6 server itself, not on the node.  The key part of that command is that the variable is populated with the value in /etc/katello/oauth_token-file on the Satellite server.

 - For consistency we should remove the #s from options 1 and 2
Comment 1 RHEL Product and Program Management 2013-10-29 17:05:26 EDT
Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.
Comment 3 Athene Chan 2013-10-29 21:30:56 EDT
Changed:
If configuring as a Content Node: Generate certificates for the Content Node from the Satellite server.
			
to

If configuring as a Content Node: Generate certificates for the Content Node from the Satellite server.
			

Add the node-certs product to the Content Definition View for your product.		
to
Add the node-certs product to the Content View Definition for your product.
				

# node-certs-generate --child-fqdn satnode.example.com   --katello-org "Satellite Infrastructure" --katello-user admin --katello-password admin --katello-activation-key node

to

# node-certs-generate -v --child-fqdn satnode.example.com   --katello-org "Satellite Infrastructure" --katello-user admin --katello-password admin --katello-activation-key node

All instances of "Run the following commands as the root user" to "Run the following commands as the root user on the Satellite Server" for OAUTH.

Added:
Prerequisite
Set the SELinux permissions to permissive on the system designated as the Satellite node.

Note:
To test if the configuration is successful, run this command as the user on the node:
# echo $?
This command should return a "0" to indicate success. If it does not, check /var/log/kafo to debug the cause of failure. /var/log/kafo is the log file for the output generated by the commands node-certs-generate and node-install.


TBC -> need the --help for node-generate-cert to fulfill the child-fqdn request.

Mike, can you generate the list for me?
Comment 4 Mike McCune 2013-10-30 16:40:36 EDT
# node-certs-generate --help
Usage:
    node-certs-generate [OPTIONS]

Options:
    -i, --interactive             Run in interactive mode
    -v, --verbose                 Display log on STDOUT instead of progressbar
    -n, --noop                    Run puppet in noop mode? (default: false)
    -d, --dont-save-answers       Skip saving answers to answers.yaml? (default: true)
    --[no-]enable-node-certs      Enable puppet module node_certs? (default: true)
    --katello-user                Katello username used for creating repo with certs.
                                  This param indicates that we want to distribute the certs via
                                  Katello repo (default: nil)
    --katello-password            Katello password (default: nil)
    --katello-repo-provider       Provider name to create a repository in (default: "node-installer")
    --child-fqdn                  fqdn of the child node. REQUIRED (default: nil)
    --parent-fqdn                 fqdn of the parent node. Usually not need to be set. (default: "dhcp-8-30-77.lab.eng.rdu2.redhat.com")
    --katello-activation-key      Activation key that registers the system
                                  with access to the cert repo (OPTIONAL) (default: nil)
    --katello-product             Product name to create a repository in (default: "node-certs")
    --certs-tar                   path to tar file with certs to generate (default: nil)
    --regenerate                  regenerate certs for the node (default: false)
    --katello-org                 Organization name to create a repository in (default: "Katello Infrastructure")
    -h, --help                    print help

Note You need to log in before you can comment on or make changes to this bug.