Hide Forgot
Document URL: https://access.redhat.com/documentation/en/red-hat-satellite/6.2/paged/installation-guide/chapter-2-preparing-your-environment-for-installation Section Number and Name: 2.5. Ports and Firewalls Requirements Describe the issue: Capsule server is also a client system first for satellite. So need to add a note that what all ports need to open for client to satellite also should open for capsule to satellite 6. Suggestions for improvement: Ports need to open from Capsule to Satellite. 80 443 5646 5647 Additional information:
Hello Currently we have this text in the 6.2 guide under the heading "Ports and Firewalls Requirements" [1]: The Satellite Server has an integrated Capsule and any host that is directly connected to the Satellite Server is a Client of the Satellite in the context of these tables. This includes the base system on which a Capsule Server is running. The bit *This includes the base system on which a Capsule Server is running.* is saying what you have asked. If it is not clear enough then we could extend that. Perhaps: "This includes the base system on which a Capsule Server is running because Capsules are clients of Satellite Server." ? In the table "Ports for Capsule to Satellite Communication" the ports you mention, except port 80, is mentioned. Looking in the Matrix table [2] I see it has an entry: Client to Satellite using port 80 "Downloads the katello-ca-latest RPM " So that is a reason for port 80 to be open on the Satellite for traffic from the Capsule's base system. It is when you are configuring the system that will become the Capsule that you install the katello-ca-latest RPM using HTTP (port 80). I will add a reminder to that KBase that a Capsule's base system is a Client. I the 6.1 guide, below the table "Ports for Client to Satellite Communication", there is this text: Any managed host that is directly connected to the Satellite Server is a Client in this context. This includes the base system on which a Capsule Server is running. Unfortunately that was removed, or just lost, in the change to 6.2 but later I added the text mentioned above "The Satellite Server has an integrated Capsule and any host that is directly connected to the Satellite Server is a Client of the Satellite in the context of these tables. This includes the base system on which a Capsule Server is running." In the 6.1 guide, below the table "Ports for Capsule to Satellite Communication", we had this text: The base system on which a Capsule Server is running is a managed host, a client, that is directly connected to the Satellite Server. See Table 1.5, “Ports for Client to Satellite Communication”. Unfortunately that was removed, or just lost, in the change to 6.2 In the section "Enabling Connections from a Client to Satellite Server", it does not mention that a Capsule's base system is a Client, we could add that. But see the next section "Enabling Connections from Capsule Server to Satellite Server" it states: "A Capsule Server’s base system is a client of the Satellite Server, therefore the procedure in Enabling Connections from a Client to Satellite Server should be completed first. This procedure opens the extra ports required by an external Capsule Server" [1] https://access.redhat.com/documentation/en/red-hat-satellite/6.2/paged/installation-guide/chapter-2-preparing-your-environment-for-installation#ports_prerequisites [2] Knowledgebase solution [Red Hat Satellite 6.2 List of Network Ports](https://access.redhat.com/solutions/2470641).
In the Architecture Guide, Capsule Networking [1] Re the intro text for Figure 2.1. Satellite Topology with Isolated Capsule To this existing text "The following image shows how the Satellite components interact when hosts connect directly to the Satellite Server. " we could add "Note that the base system of an external Capsule is a Client of the Satellite." [1] https://access.redhat.com/documentation/en/red-hat-satellite/6.2/paged/architecture-guide/23-capsule-networking
Re comment 5 I have added the following text: Note that as the base system of an external Capsule is a Client of the Satellite, this diagram is relevant even if you do not intend to have directly connected hosts to the into to "Satellite Topology with Internal Capsule" [1] [1] https://access.redhat.com/documentation/en/red-hat-satellite/6.2/paged/architecture-guide/23-capsule-networking
Hello These changes are now live on the customer portal. Thank you
Hello, Thank you for making necessary changes in installation document. Could you please add a note below "Table 2.6. Ports for Capsule to Satellite Communication" stating that capsule is also a client for satellite therefore client to satellite ports has to be opened as well. Preetesh
Hello In the 6.1 guide I put this underneath "Table 7.2. Ports for Capsule to Satellite Communication": The base system on which a Capsule Server is running is a managed host, a client, that is directly connected to the Satellite Server. See Table 1.5, “Ports for Client to Satellite Communication”. I will try to think of something shorter. How about: Remember that the base system on which a Capsule Server is running is a client connected to the Satellite Server. See Table 2.4. Ports for Client to Satellite Communication
Hello the update as per comment 18 is now live on the customer portal.