Red Hat Satellite Installation and Configuration

LAB-1: Installing and Configuring Satellite Server

In this lab, we will perform a Red Hat Satellite Server installation from an ISO image and complete its initial configuration. Before starting installation and configuration, let's perform the pre-requisites like the configuration of local repository and DNS services.

Create Local Repository

First, let's create a local repository for RHEL-7. Mount the Red Hat 7 ISO image on /mnt folder.

[root@sat01 ~]#mount /dev/cdrom /mnt/

             
Install the VSFTP package. 

[root@sat01 ~]# rpm -ivh /mnt/Packages/vsftpd-3.0.2-25.el7.x86_64.rpm

                
Enable and start VSFTP service.     

[root@sat01 ~]# systemctl start vsftpd

[root@sat01 ~]# systemctl enable vsftpd

            
Create folder to store RHEL-7 packages.

[root@sat01 pub]# mkdir /var/ftp/pub/repo/

[root@sat01 pub]# cd /var/ftp/pub/repo/

Copy the packages in the repo folder.

      

[root@sat01 repo]# cp -ruv /mnt/* .

                 

Configure DNS Services

Install DNS packages.

 [root@sat01 ~]#yum install bind bind-utils.

Update the DNS configuration file.

[root@sat01 ~]#vi /etc/named.conf

Add the IP address of the host machine to the listen-on port:

options {

        listen-on port 53 { 127.0.0.1; 192.168.2.110; };  ### Add the ip-address host machine.

#       listen-on-v6 port 53 { ::1; };

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query-cache     { localhost; 192.168.2.0/24; };     ### Add the ip-address host machine.

Create the below zone entry.

zone "example.com" IN {

        type master;

        file "forward.sat01";

        allow-update { none; };

};

zone "2.168.192.in-addr.arpa" IN {

        type master;

        file "reverse.sat01";

        allow-update { none; };

};

Create forward zone and update the below value.

[root@sat01 grub2]# cat /var/named/forward.sat01

$TTL 1D

@       IN SOA  sat01.example.com. root.example.com. (

                                        10      ; serial

                                        1D      ; refresh

                                        1H      ; retry

                                        1W      ; expire

                                        3H

                                        )       ; minimum

@       IN      NS      sat01.example.com.

sat01  IN       A       192.168.2.110

cdn01  IN       A       192.168.2.111

[root@sat01 grub2]#

Create reverse zone and update the below value.

[root@sat01 grub2]# cat /var/named/reverse.sat01

$TTL 1D

@       IN SOA  sat01.example.com. root.example.com. (

                                        0       ; serial

                                        1D      ; refresh

                                        1H      ; retry

                                        1W      ; expire

                                        3H

                                        )       ; minimum

@       IN      NS      sat01.example.com.

110     IN      PTR     sat01.example.com.

111     IN      PTR     cdn01.example.com.

[root@sat01 grub2]#

Enable and start DNS service.

[root@sat01 ~]#systemctl start named

[root@sat01 ~]#systemctl enable named

Open port on the firewall for DNS, VSFTP and make is permanent.

[root@sat01 ~]#firewall-cmd --add-service=dns

[root@sat01 ~]#firewall-cmd --add-service=dns --permanent

[root@sat01 ~]#firewall-cmd --add-service=ftp

[root@sat01 ~]#firewall-cmd --add-service=ftp --permanent

Mount the Red Hat Satellite ISO image and install the Satellite packages.

 mount /dev/cdrom /mnt/

[root@sat01 ~]#cd /mnt/

[root@sat01 mnt]# ./install_packages

This script will install the satellite packages on the current machine.

   - Ensuring we are in an expected directory.

   - Copying installation files.

   - Creating a Repository File

   - Creating RHSCL Repository File

   - Creating sat-maintenance Repository File

   - Checking to see if Satellite is already installed.

   - Importing the gpg key.

   - Installation repository will remain configured for future package installs.

   - Installation media can now be safely unmounted.

Install is complete. Please run satellite-installer --scenario satellite

[root@sat01 mnt]#

Unmount the installation media.

[root@sat01 mnt]# cd

[root@sat01 ~]# umount /mnt/

Perform the initial configuration of the Satellite Server. Execute the satellite-installer script, specifying satellite as the scenario, admin as the administrator username and redhat as the password. The script will take approximately 15 minutes to complete.

[root@sat01 ~]#satellite-installer --scenario satellite --foreman-admin-username admin --foreman-admin-password redhat

 Success!

  * Satellite is running at https://sat01.example.com

   Initial credentials are admin / redhat

   * To install an additional Capsule on separate machine continue by running:

   capsule-certs-generate --foreman-proxy-fqdn "$CAPSULE" --certs-tar "/root/$CAPSULE-certs.tar"

   * To upgrade an existing 6.4 Capsule to 6.5:

      Please see official documentation for steps and parameters to use when upgrading a 6.4 Capsule to 6.5.

   The full log is at /var/log/foreman-installer/satellite.log

yum install -y -q rh-mongodb34-syspaths finished successfully!

[root@sat01 media]#

Open ports on firewall for Red Hat Satellite and make is permanent.

[root@sat01 ~]#firewall-cmd --add-service=RH-Satellite-6

[root@sat01 ~]#firewall-cmd --add-service=RH-Satellite-6 --permanent

Connect to the Satellite Server web UI by entering the URL,https://sat01.example.com, in your web browser. Accept the self-signed certificate and log in with the username of admin and the password redhat.

LAB-2: Create Red Hat Content Delivery Network Channels 

In this lab, we will create CDN (Content Delivery Network) Channels to sync with Red-Hat Satellite since we are not going to connect our Red Hat Satellite server to internet.

1. Login to cdn01 server & Install httpd package.

[root@cdn01 ~]##yum install httpd

[root@cdn01 ~]# mkdir -p /var/www/html/pub/cdn/

Recursively copy the contents of the ISO image to the directory.

[root@cdn01 rhel6]# mount /dev/cdrom /mnt/

[root@cdn01 rhel6]#cp -ruv /mnt/* /var/www/html/pub/cdn/

[root@cdn01 rhel6]# umount /mnt/

Below are ISO which we are going to use for creating CDN.

sat-6-isos--rhel-7-ha-x86_64-2019-08-03T01.01-01

sat-6-isos--rhel-7-server-x86_64-2019-06-22T03.15-01

sat-6-isos--rhel-7-server-x86_64-2019-06-22T03.15-02

sat-6-isos--satellite-6-rhel-7-server-x86_64-2019-08-31T00.06-01

Now we will create new repository with name optrpms.

[root@cdn01 ~]# mv optrpms.tar.gz /var/www/html/pub/

Install createrepo package on cdn01

[root@cdn01 pub]# yum install createrepo

[root@cdn01 pub]# cd /var/www/html/pub/

Untar file in /var/www/html/pub/

[root@cdn01 pub]# tar -zxvf optrpms.tar.gz

Create repository using createrepo command for optrpms packages.

[root@cdn01 pub]# createrepo -v /var/www/html/pub/optrpms

Start Apache and open port on firewall. 

[root@cdn01 rhel6]# systemctl start httpd

[root@cdn01 rhel6]# systemctl enable httpd

[root@cdn01 rhel6]# firewall-cmd --add-service http

[root@cdn01 rhel6]# firewall-cmd --add-service http --permanent

Lab-3: Importing Manifest and Sync Repository 

1. Log into the Satellite Server web UI as the admin user with the password of redhat.

2. Click Content >Red Hat Subscriptions, then click the Manage Manifest button.

3. Click the edit icon next to Red Hat CDN URL, enter  http://cdn01.example.com/pub/cdn/ , and click the Save button.

4. Click the browse button to select the manifest_skath-satellite-test_20190927T095242Z manifest file and then click on upload button to install it.

5. Click the Content >Red Hat Repositories, then the RPMs tab.

6. Search for below repository  and click then expand on enable.

Red Hat Satellite 6.5 for RHEL 7 Server RPMs x86_64

Red Hat Satellite Tools 6.5 for RHEL 7 Server RPMs x86_64

Red Hat Enterprise Linux High Availability for RHEL 7 Server RPMs x86_64 7Server

     Red Hat Satellite Capsule 6.5 for RHEL 7 Server RPMs x86_64

7. Navigate to Content >Sync Status, then click the Expand All link. Click the checkbox repository enabled then click the Synchronize Now button to begin the repository synchronization. The Sync Status page will then begin displaying the status of the synchronization.

8. Create optrpm repository by click on Content > Product > Repo Discovery

9. Update "The URL to Discover" with http://cdn01.example.com/pub/optrpms/ and click on discover.

10. Create  New Content View and update the repository and publish it.

Lab-4: Registering the client in Red Hat Satellite. 

Using the Satellite Server instance which was installed previously on sat01.example.com,install the provided manifest, configure it for the locally provided CDN (content delivery network), and then enable and synchronize the required repositories. Finally, register the client, cap01. example.com, attach it to the provided subscription, as well as add it to the Ops Servers host collection.

Prepare the client for registration to the Satellite Server GUI.

1. Log into the client system, cap01.example.com, as the root user.

2. Verify that the subscription-manager, and yum packages are installed on the Satellite client, cap01.example.com.

[root@cap01 ~]# rpm -q subscription-manager yum

subscription-manager-1.24.13-1.el7.x86_64

yum-3.4.3-163.el7.noarch

[root@cap01 ~]#

3. Download and install a copy of the CA Certificate from the following URL on the Satellite Server:

[root@cap01 ~]#yum -y localinstall http://sat01.example.com/pub/katello-ca-consumer-latest.noarch.rpm

5. Register the client to the Satellite Server.

5.1. Clear old registration data from the system.

[root@cap01 ~]#  subscription-manager clean

5.2. Register the system to the Operations organization on the Satellite Server. Enter the authentication information for the admin user on the Satellite Server when prompted for username and password.

[root@cap01 ~]# # subscription-manager register --org=Default_Organization

Username: admin

Password: redhat
Environment: Library

6. Verify the client registration in the Satellite web UI.

6.1. Log into the Satellite web UI as the admin user.

6.2. Click Hosts >Content Hosts. Your newly registered client should appear in the table of content hosts.

7. Set the release version for the content host.

7.1. On the Content Hosts page, click the cap01.example.com entry in the table of content hosts.

7.2. Click the Details tab.

7.3. Under the Content Host Content section, select  7  Server for the Release Version.

7.4. Click the Save button.

8. Attach the client to the provided subscription.

8.1. Click the Subscriptions tab and select Subscriptions.

8.2. Add the subscription by selecting its corresponding checkbox under the Add tab then click the Add Selected button.

9. Assign the client to the Ops Servers host collection.

9.1. On the Content Host detail page, click the Host Collections tab.

9.2. Click the Add tab, and select the checkbox next to Ops Servers.

9.3. Click the Add Selected button.

10. Modify the product content enable setting for the Red Hat Satellite Tools 6.2 (For RHEL 7Server)(RPMs) repository.

10.1. On the Content Host detail page, click the Product Content tab.

10.2.Click the plus sign to the left of the Red Hat Enterprise Linux Server product to expand it.

10.3.Click the edit icon next to the Enabled? setting for the Red Hat Satellite Tools 6.2 (For

RHEL 7 Server)(RPMs) repository.

10.4.Select Override to Yes option from the dropdown menu.

10.5.Click the Save button.

11. Install Katello Agent on the client system.

11.1. As root on servera.lab.example.com, refresh the client's subscription status.

[root@cap01 ~]# subscription-manager refresh

[root@cap01 ~]#subscription-manager list --available
[root@cap01 ~]#subscription-manager attach --pool=402882ee70285dd90170296f4526008d

11.2. Verify that the Red Hat Satellite Tools 6.2 (For RHEL 7 Server)(RPMs) repository is now

enabled on the client.

[root@cap01 ~]# subscription-manager repos --list

+----------------------------------------------------------+

    Available Repositories in /etc/yum.repos.d/redhat.repo

+----------------------------------------------------------+

Repo ID:   rhel-7-server-satellite-tools-6.5-rpms

Repo Name: Red Hat Satellite Tools 6.5 (for RHEL 7 Server) (RPMs)

Repo URL:  https://sat01.example.com/pulp/repos/Default_Organization/Library/con

           tent/dist/rhel/server/7/7Server/$basearch/sat-tools/6.5/os

Enabled:   1

[root@cap01 ~]#

[root@cap01 ~]#subscription-manager repos --enable=rhel-7-server-satellite-tools-6.5-rpms

11.3. Install the katello-agent package.

[root@cap01 ~]#  yum install -y katello-agent

12. The client is now successfully registered.

 To prepare for the next exercise, un register the client using the following command. After the system has been unregistered, reset cap01.example.com.

[root@cap01 ~]# subscription-manager unregister

Unregistering from: sat01.example.com:443/rhsm

System has been unregistered.

[root@cap01 ~]#

Automating Satellite client registrations

Activation keys are defined within an organizational context. Therefore, an organization must be selected to access the Activation Key page in the Satellite web UI. 
To create an activation key, execute the following steps in the Satellite web UI as the Satellite admin user.

1. Click Any Context >Any Organization >Default_Organization from the menu in the top-left corner to enter the Default_Organization context.

2. Click Content >Activation Keys.

3. Click the New Activation Key button.

4. Enter a name for the activation key in the Name field 'OS-key'

5. Check or uncheck the Unlimited Content Hosts checkbox to indicate whether or not to limit the number of hosts that can use the activation key. If unchecked, enter the number of hosts to allow in the Limit field.

6. Enter a description for the activation key in the Description field.

7. Select the Environment and Content View to associate the activation key to.

8. Click the Save button to finalize the creation of the activation key.

Automated client registration with activation keys

Once an activation key is created, it can be referenced in the invocation of the subscription manager utility during client registration to the Satellite Server. Preparation of the client for registration to the Satellite Server as described previously is still required. Once preparation has been finished, execute the following steps on the client system as the root user to register it to the Satellite Server.

1. Clear any old registration data from the system.

[root@cap01 ~]# # subscription-manager clean

2. Register the system to the organization of your choice on the Satellite Server. Reference the activation key with the --activation key flag.

[root@cap01 ~]# subscription-manager register --org Default_Organization --activationkey OS-key

The system has been registered with ID: 0afe9e31-f815-423d-a305-18eeb354fea2

The registered system name is: cap01.example.com

Installed Product Current Status:

Product Name: Red Hat Enterprise Linux Server

Status:       Subscribed

[root@cap01 ~]#

[root@cap01 ~]# subscription-manager repos --enable rhel-7-server-satellite-tools-6.5-rpms

Repository 'rhel-7-server-satellite-tools-6.5-rpms' is enabled for this system.

3. Once a client is registered to the Satellite Server, it will gain access to repository contents. However, administrators will not yet be able to perform package and errata management on the client from the Satellite web UI. These client management functions require the installation of the Katello Agent on the client system.

[root@cap01 ~]# yum install katello-agent

[root@cap01 ~]# systemctl status goferd

4. Once the client is registered, verify that it appears in the Satellite web UI.

4.1. Log into the Satellite web UI as the admin user.

4.2. Click Any Context >Any Organization >Default_Organizationf rom the menu in the top left corner to enter the Default_Organization context, which the client was registered to.

4.3. Click Hosts >Content Hosts. Your newly registered client should appear in the table of content hosts.

Lab: 5 Remote Execution of Command through Red Hat Satellite.

Enabling Remote Execution on a Host On the Satellite Server, distribute the key to the host.

[root@sat01 ~]#  ssh-copy-id -i ~foreman-proxy/.ssh/id_rsa_foreman_proxy.pub cap01

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/usr/share/foreman-proxy/.ssh/id_rsa_foreman_proxy.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

root@cap01's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'cap01'"

and check to make sure that only the key(s) you wanted were added.

[root@sat01 ~]#

Satellite provides default job templates for executing remote jobs. 

1. Go to Hosts → All hosts and click the check box next to the host’s name.
2. Click Select Action and select Schedule Remote Job from the drop-down menu.
3. In the Job category drop-down menu, select Command.
4. In the Job template drop-down menu, select Run-Command SSH Default.
5. In the command field, enter the df -h >> data.
6. Select Execute now and click Submit. 

Hammer command line CLI.

[root@sat01 ~]# hammer shell

Welcome to the hammer interactive shell.

Type 'help' for usage information.

hammer> ping

candlepin:

    Status:          ok

    Server Response: Duration: 16ms

candlepin_auth:

    Status:          ok

    Server Response: Duration: 13ms

pulp:

    Status:          ok

    Server Response: Duration: 54ms

pulp_auth:

    Status:          ok

    Server Response: Duration: 23ms

foreman_tasks:

    Status:          ok

    Server Response: Duration: 4ms

hammer> exit

 [root@sat01 ~]# hammer --help

Use the following command to create an organization:

$ hammer organization create --name "org_name" --label "org_label" --description "org_description"

Starting the httpd Service on Selected Hosts

Using Satellite 6 API Requests on the Command Line

You can use the curl command to interact with the Satellite 6 API. For example:

Example GET Requests

Example GET requests to list organizations, hosts, and users within Satellite 6.

# SATUSER=admin

# SATPASS='redhat'

# SATURL="https://sat01.example.com"

# curl -k -u $SATUSER:$SATPASS -X GET -H 'Accept: application/json'  $SATURL/api/v2/organizations | json_reformat

# curl -k -u $SATUSER:$SATPASS -X GET -H 'Accept: application/json' $SATURL/api/v2/hosts | json_reformat

# curl -k -u $SATUSER:$SATPASS -X GET -H 'Accept: application/json' $SATURL/api/v2/users | json_reformat

# curl -k -u $SATUSER:$SATPASS -X GET -H 'Accept: application/json' $SATURL/api/v2/users/test-user | json_reformat

Example DELETE Request

An example DELETE request to remove an existing user with known ID "9" based on a previous list of users.

#curl -k -u $SATUSER:$SATPASS -X DELETE -H 'Accept: application/json' $SATURL/api/v2/users/test-user | json_reformat

Example POST Request

An example POST request to create a new user called example, passing the true flag to enable administrator privileges for the user.

# curl -k -u $SATUSER:$SATPASS -X POST -d '{ "mail": "root@localhost", "firstname": "Example", "lastname": "User", "login": "example", "password": "redhat", "admin": 'true', "auth_source_id": 1 }' -H 'Accept: application/json' -H 'Content-Type: application/json' $SATURL/api/v2/users/ | json_reformat

Example PUT Request

An example PUT request to change the email address of the existing example user with known ID "10" to example@localhost.

# curl -k -u $SATUSER:$SATPASS -X PUT -d '{ "id": 6, "mail": "example@localhost" }' -H 'Accept: application/json' -H 'Content-Type: application/json' $SATURL/api/v2/users/example | json_reformat

Lab:6 Troubleshooting.

Start and stop of Red Hat satellite service.
[root@sat01 ~]# katello-service status
[root@sat01 ~]# katello-service stop

[root@sat01 ~]# katello-service start

Logs are stored in /var/log folders. 

Satellite Backup

A Satellite Server or a Capsule Server backup is a collection of archived database and configuration files that you can use to restore or debug Satellite or Capsule. Use the foreman-maintain backup utility to create a backup.

Types of backup

·         Full

·         Incremental

·         Without Pulp content 

Backup methods

·         Offline

·         Online

·         Snapshot

Create a backup from Logical Volume Manager (LVM) snapshots. Satellite or Capsule is offline while creating snapshots.

The foreman-maintain backup utility creates the backup in a time-stamped subdirectory in the directory that you specify. You can provide a different name for the subdirectory using the --preserve-directory option. If you use the --preserve-directory option, the subdirectory is not cleaned up when the backup fails.

For a Satellite or Capsule configured to use remote databases, the utility performs a database dump when performing offline or snapshot backup.

Full Backup

A full Satellite or Capsule Server backup contains all the database and configuration files required to restore a Satellite or a Capsule instance.

Backup contents

A full backup contains the following files:

• Compressed configuration files
• Compressed MongoDB files
• Compressed PostgreSQL database files
• Pulp directory files
• A configuration file containing Satellite environment details

Storage requirements

During a full backup, the files are copied and then compressed, therefore enough storage to hold both is required. Additionally, metadata files created during archiving and compression require extra space.

A full backup of Satellite or Capsule requires an amount of storage that is equal to the sum of the following:

• Satellite databases and configuration files size
• Compressed Satellite databases and configuration files size
• 20% of the sum of the uncompressed and compressed databases and configuration files sizes

Estimating the Size of a Full Backup

To estimate the backup size, find the total space used by the database and configuration files. Use this result to calculate the backup size.

Procedure

1. Find the size of the database and configuration files using the du command:

Example:

# du -csh /var/lib/mongodb /var/lib/pgsql/data /var/lib/pulp /var/lib/qpidd /var/lib/tftpboot /etc /root/ssl-build /var/www/html/pub /opt/puppetlabs

480G     /var/lib/mongodb

100G    /var/lib/pgsql/data

100G     /var/lib/pulp

886M    /var/lib/qpidd

16M     /var/lib/tftpboot

37M     /etc

900K     /root/ssl-build

100K     /var/www/html/pub

2M           /opt/puppetlabs

681G    total

The size of the files in this example is 681 GB.

2. Calculate the space required to store the compressed data using the above result:
3. Calculate the amount of additional free space required:

The additional space required is 20% of the sum of compressed and uncompressed files. So, the additional space required is 178 GB in this example.

4. Calculate the sum of the above results.

In this example,

Uncompressed size = 861 GB

Compressed size = 180 GB

Additional free space required = 172 GB

Sum = 1033 GB

The estimated size of the backup in this example is 1033 GB.

Performing a Full Backup Offline

Perform a full backup using the offline method. The backup process takes a long time to complete and the Satellite is unavailable during the process.

Prerequisites

• The backup location has enough free disk space to store the backup.
• The postgres user has write permission to the backup directory.

Procedure

1. Run the foreman-maintain backup script:

# foreman-maintain backup offline /var/backup_directory

2. Enter y when prompted to start the backup:

Do you want to proceed?, [y(yes), q(quit)] y

The backup process takes a long time to complete.

Performing a Full Backup Online

To debug and troubleshoot issues, perform a full backup using the online method. Satellite remains available during the process.

To ensure a successful backup, do not perform the following operations until the backup is complete:

• Publish, add, or delete content views
• Promote content view versions
• Add, change, or delete sync-plans
• Add, delete, or sync repositories

The backup process takes a long time to complete.

Prerequisites

• The backup location has enough free disk space to store the backup.
• The postgres user has write permission to the backup directory.

Procedure

1. Run the foreman-maintain backup script:

# foreman-maintain backup online /var/backup_directory

2. Enter y when prompted to start the backup:

Do you want to proceed?, [y(yes), q(quit)] y

The backup process takes a long time to complete.

Incremental Backup

An incremental backup contains the changes that occurred in the database and configuration files since a previously performed backup.

The first incremental backup is based on a full backup and any following incremental backups are based on previous ones. To restore Satellite using incremental backups, all the incremental backups and the first full backup are required.

Performing an Incremental Backup Offline

Perform an incremental backup using the offline method. Satellite is unavailable during the process.

Prerequisites

• You have a previous backup available to use as a base for the incremental backup.
• The postgres user has write permission to the backup directory.

Procedure

1. Run the foreman-maintain backup script:

# foreman-maintain backup offline --incremental /var/backup_dir/previous_backup_dir /var/backup_dir

Replace the previous_backup_dir with the name of the previous backup that you are using as a base for the incremental backup.

2. Enter y when prompted to start the backup:

Do you want to proceed?, [y(yes), q(quit)] y

Performing an Incremental Backup Online

To debug and troubleshoot issues, perform an incremental backup using the online method. Satellite remains available during the process.

To ensure a successful backup, do not perform the following operations until the backup is complete:

• Publish, add, or delete content views
• Promote content view versions
• Add, change, or delete sync-plans
• Add, delete, or sync repositories

Prerequisites

• You have a previous backup available to use as a base for the incremental backup.
• The postgres user has write permission to the backup directory.

Procedure

1. Run the foreman-maintain backup script:

# foreman-maintain backup online --incremental /var/backup_dir/previous_backup_dir /var/backup_dir

Replace the previous_backup_dir with the name of the previous backup that you are using as a base for the incremental backup.

2. Enter y when prompted to start the backup:

Do you want to proceed?, [y(yes), q(quit)] y

Backup Without Pulp Content

A backup without Pulp content excludes the repository information of Satellite or Capsule Server. Backing up repository information contained in the Pulp database is the most time intensive part of the Satellite backup process. You can skip backing up the Pulp database with the option --skip-pulp-content. This excludes backing up the /var/lib/pulp directory.

You cannot restore from a backup without Pulp content.

Performing a Backup Without Pulp Content Offline

To debug and troubleshoot issues, perform a backup without Pulp content using the offline method. Satellite is unavailable during the process.

Procedure

1. Run the foreman-maintain backup script:

# foreman-maintain backup offline --skip-pulp-content /var/backup_directory

2. Enter y when prompted to start the backup:

Do you want to proceed?, [y(yes), q(quit)] y

You can copy the contents of /var/lib/pulp using methods such as rsync or shared storage.

Performing a Backup Without Pulp Content Online

To debug and troubleshoot issues, perform a backup without Pulp content using the online method. Satellite remains available during the process.

Procedure

1. Run the foreman-maintain backup script:

# foreman-maintain backup online --skip-pulp-content /var/backup_directory

2. Enter y when prompted to start the backup:

Do you want to proceed?, [y(yes), q(quit)] y

You can copy the contents of /var/lib/pulp using methods such as rsync or shared storage.

Snapshot Backup

The snapshot backup method creates Logical Volume Manager (LVM) snapshots of Pulp, MongoDB and PostgreSQL databases and mounts the snapshots on a separate Logical Volume (LV).

The foreman-maintain backup utility creates snapshots when Satellite services are active, and stops only those services that impact the backup. Satellite or Capsule is unavailable only when the snapshot is created. After a successful backup, all the services are restarted and the LVM snapshots are removed. Performing a snapshot backup takes less time than performing a full backup offline, and reduces the Satellite or Capsule downtime.

8.5.1. Performing a Snapshot Backup

Perform a backup using the snapshot method. Satellite is unavailable when the LVM snapshot is created.

Prerequisites

• The system uses LVM for the following directories:
• /var/lib/pulp/
• /var/lib/mongodb/
• /var/lib/pgsql/
• The free disk space in the relevant volume group (VG) is three times the size of the snapshot. More precisely, the VG must have enough space unreserved by the member logical volumes (LVs) to accommodate new snapshots. In addition, one of the LVs must have enough free space for the backup directory.
• The target backup directory is on a different LV than the directories that you snapshot.

Procedure

1. Run the foreman-maintain backup script:

# foreman-maintain backup snapshot /var/backup_directory

2. Enter y when prompted to start the backup:

Do you want to proceed?, [y(yes), q(quit)] y

Restoring from a Full Backup

Use this procedure to restore Red Hat Satellite or Capsule Server from a full backup. When the restore process completes, all processes are online, and all databases and system configuration revert to the state at the time of the backup.

Prerequisites

• Ensure that you are restoring to the correct instance. The Red Hat Satellite instance must have the same host name, configuration, and be the same major version as the original system.
• Ensure that you have an existing target directory. The target directory is read from the configuration files contained within the archive.

·         Ensure that you have enough space to store this data on the base system of Satellite Server or Capsule Server as well as enough space after the restoration to contain all the data in the /etc/ and /var/ directories contained within the backup.

To check the space used by a directory, enter the following command:

# du -sh/var/backup_directory

To check for free space, enter the following command:

# df -h /var/backup_directory

Add the --total option to get a total of the results from more than one directory.

·         Ensure that all SELinux contexts are correct. Enter the following command to restore the correct SELinux contexts:

# restorecon -Rnv /

Procedure

1.Choose the appropriate method to install Satellite or Capsule: 

2. Copy the backup data to Satellite Server’s local file system. Use /var/ or /var/tmp/.

3. Run the restoration script.

# foreman-maintain restore /var/backup_directory

Where backup_directory is the time-stamped directory or subdirectory containing the backed-up data.

The restore process can take a long time to complete, because of the amount of data to copy.

Additional Resources

• For troubleshooting, you can check /var/log/foreman/production.log and /var/log/messages.

Restoring from Incremental Backups

Use this procedure to restore Satellite or Capsule Server from incremental backups. If you have multiple branches of incremental backups, select your full backup and each incremental backup for the “branch” you want to restore, in chronological order.
When the restore process completes, all processes are online, and all databases and system configuration revert to the state at the time of the backup.

Procedure

1. Restore the last full backup using the previous instructions
2. Remove the full backup data from Satellite Server’s local file system, for example, /var/ or /var/tmp/.
3. Copy the incremental backup data to Satellite Server’s local file system, for example, /var/ or /var/tmp/.

4.Restore the incremental backups in the same sequence that they are made:

5. # foreman-maintain restore -i/var/backup_directory/FIRST_INCREMENTAL

# foreman-maintain restore -i/var/backup_directory/SECOND_INCREMENTAL

If you created the backup using the foreman-maintain backup command, you do not need to use -i option in the command.

Additional Resources

• For troubleshooting, you can check /var/log/foreman/production.log and /var/log/messages.

Backup and Restore Capsule Server Using a Virtual Machine Snapshot

If your Capsule Server is a virtual machine, you can restore it from a snapshot. Creating weekly snapshots to restore from is recommended. In the event of failure, you can install, or configure a new Capsule Server, and then synchronize the database content from Satellite Server.

If required, deploy a new Capsule Server, ensuring the host name is the same as before, and then install the Capsule certificates. You may still have them on Satellite Server, the package name ends in -certs.tar, alternately create new ones. Follow the procedures in Installing Capsule Server until you can confirm, in the web UI, that Capsule Server is connected to Satellite Server. Then use the procedure to synchronize from Satellite.