├── README.md
├── Sat61-Lab-Hammer.sh
├── add-CMDB-attributes.sh
├── cap63-setup.sh
├── hv-setup.sh
├── sat62-setup.sh
├── sat63-ks.cfg
├── sat63-setup.sh
├── sat65-bootstrap.sh
├── sat65-minimal.sh
└── sat65-setup.sh


/README.md:
--------------------------------------------------------------------------------
1 | # hammer-scripts
2 | 


--------------------------------------------------------------------------------
/Sat61-Lab-Hammer.sh:
--------------------------------------------------------------------------------
  1 | #! /bin/bash
  2 | 
  3 | clear
  4 | 
  5 | echo
  6 | echo
  7 | echo "This script is a pretty much complete series of commands to walk through the"
  8 | echo "OpenTLC Satellite 6.1 implementation lab."
  9 | echo "It performs the steps and activities described in"
 10 | echo "http://file.rdu.redhat.com/~rjerrido/Satellite_61_Implementation_Beta/"
 11 | echo
 12 | echo "In order to allow automatic remote execution of commands on the client,"
 13 | echo "this script must run as root user on the satellite instance."
 14 | echo
 15 | echo "The total run time of this script is approximately 210 minutes (3 hrs 30 min)."
 16 | echo
 17 | echo "You should run this script in a screen session!"
 18 | echo "Consider capturing the output with tee:"
 19 | echo "./Sat61-Lab-Hammer.sh 2>&1 | tee labScript.out"
 20 | echo
 21 | echo "There is only one interactive step required to start the performance."
 22 | echo "Please Type in your OpenTLC username followed by your password to download the Satellite Manifest."
 23 | read -p "OpenLC username (something like jdoe-redhat.com):" TLCUSER
 24 | echo
 25 | echo
 26 | 
 27 | export TLCUSER
 28 | GUID=$(hostname -s|cut -d'-' -f2)
 29 | export GUID
 30 | export ORG='Default Organization'
 31 | export ORG_LABEL='Default_Organization'
 32 | export LOC='Default Location'
 33 | export adminpasswd='2vhf8GM9mbaetYBh'
 34 | 
 35 | 
 36 | wget --user $TLCUSER -P /tmp --ask-password https://www.opentlc.com/classes/si-class/materials/Sat6_Class_manifest.zip
 37 | 
 38 | echo
 39 | echo "That was it, now the show can begin..."
 40 | echo
 41 | date
 42 | echo Lab0
 43 | echo "opening firewall ports for Satellite server"
 44 | lokkit --port 443:tcp --port 5671:tcp --port 80:tcp --port 8140:tcp --port 9090:tcp --port 8443:tcp --port 5674:tcp --port 67:udp --port 69:udp
 45 | 
 46 | echo Lab2
 47 | echo "installing and configuring Satellite-6"
 48 | echo yum takes ~8 min
 49 | echo katello-installer takes ~20 min
 50 | time yum install -q -y katello-installer
 51 | date
 52 | time katello-installer --capsule-tftp true --capsule-dhcp true --foreman-admin-username admin --foreman-admin-password "$adminpasswd" --foreman-initial-organization "$ORG" --foreman-initial-location "$LOC"
 53 | 
 54 | mkdir ~/.hammer 2>/dev/null
 55 | cat > .hammer/cli_config.yml <<EOF
 56 | :foreman:
 57 |     :host: 'https://sat-$GUID.rhpds.opentlc.com/'
 58 |     :username: 'admin'
 59 |     :password: '$adminpasswd'
 60 | 
 61 | EOF
 62 | 
 63 | echo Lab3
 64 | echo "loading manifest into Satellite"
 65 | hammer subscription upload --organization "$ORG" --file /tmp/Sat6_Class_manifest.zip
 66 | hammer subscription refresh-manifest --organization "$ORG"
 67 | hammer organization update --id 1 --redhat-repository-url http://sat-$GUID.rhpds.opentlc.com/pub/cds/prod
 68 | 
 69 | echo Lab4
 70 | echo "selecting Red Hat products to manage with Satellite"
 71 | hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='6Server' --name 'Red Hat Enterprise Linux 6 Server (RPMs)'    
 72 | hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='6.6' --name 'Red Hat Enterprise Linux 6 Server (Kickstart)' 
 73 | hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --name 'Red Hat Satellite Tools 6.1 (for RHEL 6 Server) (RPMs)'
 74 | 
 75 | echo Lab5
 76 | echo "sync of Red Hat Product repos takes ~90min"
 77 | date
 78 | time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Satellite Tools 6.1 for RHEL 6 Server RPMs x86_64'
 79 | time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 6 Server Kickstart x86_64 6.6' 2>/dev/null
 80 | time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 6 Server RPMs x86_64 6Server' 2>/dev/null
 81 | date
 82 | 
 83 | echo Lab6
 84 | 
 85 | echo "no automation"
 86 | 
 87 | echo Lab7
 88 | echo "registering remote client to Satellite via ssh"
 89 | ssh cli-$GUID.rhpds.opentlc.com yum -y install http://sat-$GUID.rhpds.opentlc.com/pub/katello-ca-consumer-latest.noarch.rpm
 90 | echo -e "admin\n$adminpasswd\n" | ssh cli-$GUID.rhpds.opentlc.com subscription-manager register --org=$ORG_LABEL --environment=Library
 91 | 
 92 | echo Lab8
 93 | echo "integrating remote client as content host to Satellite via ssh"
 94 | ssh cli-$GUID.rhpds.opentlc.com subscription-manager list --available
 95 | ssh cli-$GUID.rhpds.opentlc.com subscription-manager attach --auto
 96 | ssh cli-$GUID.rhpds.opentlc.com subscription-manager repos --enable  rhel-6-server-satellite-tools-6.1-rpms
 97 | ssh cli-$GUID.rhpds.opentlc.com yum -q -y install katello-agent
 98 | ssh cli-$GUID.rhpds.opentlc.com chkconfig --list goferd
 99 | ssh cli-$GUID.rhpds.opentlc.com service goferd status
100 | 
101 | echo Lab9
102 | echo "creating Satellite Class product"
103 | hammer product create --name='Satellite Class' --organization "$ORG"
104 | hammer content-host update --organization "$ORG" --name cli-$GUID.rhpds.opentlc.com --release-ver 6Server
105 | # !!! Subscription->Add->Satellite Class is missing?
106 | 
107 | echo Lab10
108 | echo "adding Simple Modules repo to Satellite Class"
109 | hammer repository create  --organization "$ORG" --name='Simple Modules' --product='Satellite Class' --content-type='puppet' --publish-via-http=true
110 | 
111 | echo Lab11
112 | echo "uploading puppet modules to Simple Modules"
113 | hammer repository upload-content --organization "$ORG" --name "Simple Modules" --product "Satellite Class" --path /var/www/html/pub/simple_modules/puppetlabs-ntp-3.0.3.tar.gz
114 | hammer repository upload-content --organization "$ORG" --name "Simple Modules" --product "Satellite Class" --path /var/www/html/pub/simple_modules/thoraxe-motd-0.1.1.tar.gz
115 | 
116 | 
117 | echo Lab13
118 | echo "creating Wordpress product"
119 | hammer product create --organization "$ORG" --name 'Wordpress'
120 | hammer repository create  --organization "$ORG" --name='Wordpress Packages' --product='Wordpress' --content-type='yum' --publish-via-http=true --url=http://sat-$GUID.rhpds.opentlc.com/pub/wordpress/el6/x86_64
121 | time hammer repository synchronize --organization "$ORG"  --product='Wordpress' --name='Wordpress Packages'
122 | 
123 | 
124 | echo Lab14
125 | echo "adding Wordpress Puppet Modules repo and loading with content"
126 | hammer repository create  --organization "$ORG" --name='Wordpress Puppet Modules' --product='Wordpress' --content-type='puppet' --publish-via-http=true
127 | hammer repository upload-content --organization "$ORG" --name='Wordpress Puppet Modules' --product='Wordpress' --path /var/www/html/pub/wordpress-puppet/puppetlabs-concat-1.1.0-rc1.tar.gz
128 | hammer repository upload-content --organization "$ORG" --name='Wordpress Puppet Modules' --product='Wordpress' --path /var/www/html/pub/wordpress-puppet/puppetlabs-firewall-1.0.0.tar.gz
129 | hammer repository upload-content --organization "$ORG" --name='Wordpress Puppet Modules' --product='Wordpress' --path /var/www/html/pub/wordpress-puppet/puppetlabs-mysql-2.2.1.tar.gz
130 | hammer repository upload-content --organization "$ORG" --name='Wordpress Puppet Modules' --product='Wordpress' --path /var/www/html/pub/wordpress-puppet/puppetlabs-stdlib-4.1.0.tar.gz
131 | hammer repository upload-content --organization "$ORG" --name='Wordpress Puppet Modules' --product='Wordpress' --path /var/www/html/pub/wordpress-puppet/summit-wordpress-0.0.1.tar.gz
132 | 
133 | echo Lab15
134 | echo "creating life cycle environments"
135 | hammer lifecycle-environment create --organization "$ORG" --description 'Development' --name 'Development' --label development --prior Library
136 | hammer lifecycle-environment create --organization "$ORG" --description 'Production' --name 'Production' --label production --prior 'Development'
137 | 
138 | echo Lab16
139 | echo "creating content views"
140 | hammer content-view create --organization "$ORG" --name 'RHEL6_Base' --label rhel6_base --description 'Core Build for RHEL 6'
141 | hammer content-view add-repository --organization "$ORG" --name 'RHEL6_Base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 6 Server RPMs x86_64 6Server'
142 | hammer content-view add-repository --organization "$ORG" --name 'RHEL6_Base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 6 Server Kickstart x86_64 6.6'
143 | hammer content-view add-repository --organization "$ORG" --name 'RHEL6_Base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.1 for RHEL 6 Server RPMs x86_64'
144 | hammer content-view puppet-module add --organization "$ORG" --content-view RHEL6_Base --author thoraxe --name motd
145 | 
146 | echo Lab17
147 | echo publishing content view RHEL6_Base takes ~10min
148 | date
149 | time hammer content-view publish --organization "$ORG" --name RHEL6_Base --description 'Initial Publishing' 2>/dev/null
150 | # wait for publish to finish
151 | 
152 | echo Lab18
153 | echo promoting RHEL6_Base takes ~5min
154 | date
155 | time hammer content-view version promote --organization "$ORG" --content-view RHEL6_Base --to-lifecycle-environment Development  2>/dev/null
156 | # wait for promotion to finish
157 | hammer content-host update --organization "$ORG" --name cli-$GUID.rhpds.opentlc.com --lifecycle-environment Development --content-view 'RHEL6_Base'
158 | 
159 | echo Lab19
160 | echo "creating host group"
161 | hammer hostgroup create --content-source-id 1 --content-view RHEL6_Base --lifecycle-environment Development --locations "$LOC" --name RHEL6_Dev_Servers --organizations "$ORG" --puppet-ca-proxy sat-$GUID.rhpds.opentlc.com --puppet-proxy  sat-$GUID.rhpds.opentlc.com --puppet-classes "motd"
162 | 
163 | echo Lab20
164 | echo "installing puppet on remote client via ssh"
165 | ssh cli-$GUID.rhpds.opentlc.com yum -y install puppet
166 | ssh cli-$GUID.rhpds.opentlc.com puppet config set server sat-$GUID.rhpds.opentlc.com --section agent
167 | 
168 | echo Lab21
169 | echo "running puppet on remote client via ssh and signing cert locally"
170 | ssh cli-$GUID.rhpds.opentlc.com puppet agent --test --onetime
171 | puppet cert sign cli-$GUID.rhpds.opentlc.com
172 | 
173 | echo Lab22
174 | echo "running puppet agent on remote client again"
175 | ssh cli-$GUID.rhpds.opentlc.com puppet agent --test --onetime
176 | 
177 | echo Lab23
178 | echo "adding host group to freshly integrated puppet host"
179 | hammer host update --name cli-$GUID.rhpds.opentlc.com --organization "$ORG" --location "$LOC" --hostgroup RHEL6_Dev_Servers --environment "KT_${ORG_LABEL}_development_rhel6_base_2"
180 | 
181 | echo Lab24
182 | 
183 | echo "no automation"
184 | 
185 | echo Lab25
186 | 
187 | echo "no automation"
188 | 
189 | echo Lab26
190 | 
191 | echo "no automation"
192 | 
193 | echo Lab27
194 | echo "add puppet modules to RHEL6_Base content view"
195 | hammer content-view puppet-module add --organization "$ORG" --content-view RHEL6_Base --author puppetlabs --name stdlib
196 | hammer content-view puppet-module add --organization "$ORG" --content-view RHEL6_Base --author puppetlabs --name ntp
197 | 
198 | echo publishing v2 of RHEL6_Base takes ~10min
199 | date
200 | time hammer content-view publish --organization "$ORG" --name RHEL6_Base --description 'Adding NTP module and dependencies.'  2>/dev/null
201 | # wait for publish to finish
202 | echo promoting v2 of RHEL6_Base takes ~10min
203 | date
204 | time hammer content-view version promote --organization "$ORG" --content-view RHEL6_Base --to-lifecycle-environment Development --version 2.0 2>/dev/null
205 | # wait for promote to finish
206 | 
207 | echo Lab28
208 | 
209 | echo "no automation"
210 | 
211 | echo Lab29
212 | 
213 | echo "no automation"
214 | 
215 | echo Lab30
216 | 
217 | echo "no automation"
218 | 
219 | echo Lab31
220 | 
221 | echo "no automation"
222 | 
223 | echo Lab32
224 | echo "loading kickstart template"
225 | hammer template create  --name "My_Kickstart" --locations "$LOC" --organizations "$ORG" --type provision --file /var/www/html/pub/materials/kickstart_template.erb --operatingsystems 'RedHat 6.6'
226 | 
227 | echo Lab33
228 | echo "assigning kickstart template to OS"
229 | hammer template list | grep My
230 | hammer os list
231 | hammer os set-default-template --config-template-id 50 --id 1
232 | 
233 | echo Lab34
234 | echo "create domain and subnet"
235 | hammer subnet create --organizations "$ORG" --locations "$LOC" --name "VM-Net" --network '192.168.0.0' --mask '255.255.0.0' --gateway '192.168.0.2' --dns-primary '192.168.0.1' --from '192.168.100.100' --to '192.168.100.110'
236 | hammer domain update --name rhpds.opentlc.com --organizations "$ORG"  --locations "$LOC"
237 | hammer subnet update --name VM-Net --dhcp-id 1 --tftp-id 1 --organizations "$ORG" --domains rhpds.opentlc.com --locations "$LOC"
238 | 
239 | 
240 | echo Lab35
241 | echo "update hostgroup for kickstart, domain and subnet"
242 | hammer hostgroup update --organizations "$ORG" --name 'RHEL6_Dev_Servers' --architecture x86_64 --domain rhpds.opentlc.com --subnet VM-Net --partition-table 'Kickstart default' --operatingsystem 'RedHat 6.6' --medium "${ORG_LABEL}/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_6_Server_Kickstart_x86_64_6_6"
243 | hammer host create --name pxeclient --hostgroup RHEL6_Dev_Servers --mac "52:54:00:ca:92:ee" --ip "192.168.100.100" --build yes --location "$LOC" --organization "$ORG" --root-pass "r3dh4t12" --environment KT_"${ORG_LABEL}_development_rhel6_base_2"
244 | 
245 | echo Lab36
246 | 
247 | echo "no automation"
248 | 
249 | echo Lab37
250 | echo "create activation key"
251 | RHEL_SUB_ID=$(hammer --csv --csv-separator ':' subscription list --organization "$ORG" | grep 'Red Hat Enterprise Linux Server, Standard (Physical or Virtual Nodes)' | cut -f 8 -d ':')
252 | SAT_CLASS_SUB_ID=$(hammer --csv --csv-separator ':' subscription list --organization "$ORG" | grep 'Satellite Class' | cut -f 8 -d ':')
253 | hammer activation-key create --organization "$ORG" --description 'Basic RHEL6 Key for Registering to Dev' --content-view 'RHEL6_Base' --unlimited-content-hosts yes --name ak-Reg_To_Dev --lifecycle-environment 'Development'
254 | hammer activation-key add-subscription --organization "$ORG" --name ak-Reg_To_Dev --subscription-id $RHEL_SUB_ID
255 | hammer activation-key add-subscription --organization "$ORG" --name ak-Reg_To_Dev --subscription-id $SAT_CLASS_SUB_ID
256 | hammer hostgroup set-parameter --name kt_activation_keys --value 'ak-Reg_To_Dev' --hostgroup 'RHEL6_Dev_Servers'
257 | 
258 | echo Lab38
259 | echo "prepare remote client for pxe boot of VM"
260 | hammer bootdisk host --file /tmp/pxeclient.rhpds.opentlc.com.iso --host pxeclient.rhpds.opentlc.com
261 | scp /var/lib/tftpboot/boot/* cli-$GUID.rhpds.opentlc.com:/var/lib/libvirt/images
262 | # ssh cli-$GUID.rhpds.opentlc.com virsh start --console pxeclient
263 | 
264 | 
265 | echo Lab39
266 | echo "create Wordpress content view"
267 | hammer content-view create --organization "$ORG" --name 'Wordpress View' --label wordpress_view --description 'Wordpress View'
268 | hammer content-view add-repository --organization "$ORG" --name 'Wordpress View' --product 'Wordpress' --repository 'Wordpress Packages'
269 | hammer content-view puppet-module add --organization "$ORG" --content-view 'Wordpress View'  --author puppetlabs --name firewall 
270 | hammer content-view puppet-module add --organization "$ORG" --content-view 'Wordpress View'  --author puppetlabs --name mysql
271 | hammer content-view puppet-module add --organization "$ORG" --content-view 'Wordpress View'  --author puppetlabs --name concat
272 | hammer content-view puppet-module add --organization "$ORG" --content-view 'Wordpress View'  --author summit --name wordpress
273 | time hammer content-view publish --organization "$ORG" --name 'Wordpress View' --description 'Initial Publishing' 2>/dev/null
274 | time hammer content-view version promote --organization "$ORG" --content-view 'Wordpress View' --to-lifecycle-environment Development 2>/dev/null
275 | 
276 | echo Lab40
277 | echo "create Webserver composite content view"
278 | RHEL6_BASE_ID=$(hammer --csv --csv-separator ':' content-view list --organization "$ORG"|grep RHEL6_Base| cut -f 1 -d ':')
279 | Wordpress_ID=$(hammer --csv --csv-separator ':' content-view list --organization "$ORG"|grep "Wordpress View"| cut -f 1 -d ':')
280 | hammer content-view info --id $RHEL6_BASE_ID --organization "$ORG"
281 | hammer content-view info --id $Wordpress_ID --organization "$ORG"
282 | hammer content-view create --organization "$ORG" --composite --component-ids 3,4 --name 'Web Server View' --label web_server_view --description 'Web Server View'
283 | 
284 | echo Lab41
285 | 
286 | echo publish Web Server View takes ~12min
287 | date
288 | time hammer content-view publish --organization "$ORG" --name 'Web Server View' --description 'Initial Publishing' 2>/dev/null
289 | # 12 min
290 | echo promote Web Server View takes ~6min
291 | date
292 | time hammer content-view version promote --organization "$ORG" --content-view 'Web Server View' --to-lifecycle-environment Development 2>/dev/null
293 | # 6 min
294 | 
295 | echo Lab42
296 | echo "create activation key for Wordpress"
297 | WORDPRESS_SUB_ID=$(hammer --csv --csv-separator ':' subscription list --organization "$ORG" | grep 'Wordpress' | cut -f 8 -d ':')
298 | hammer activation-key create --organization "$ORG" --description 'Registering to Wordpress' --content-view 'Web Server View' --unlimited-content-hosts yes --name ak-Wordpress --lifecycle-environment 'Development'
299 | hammer activation-key add-subscription --organization "$ORG" --name ak-Wordpress --subscription-id $WORDPRESS_SUB_ID
300 | 
301 | echo Lab43
302 | echo "create hostgroup for Wordpress"
303 | hammer hostgroup create --architecture x86_64 --content-source-id 1 --content-view 'Web Server View' --domain rhpds.opentlc.com --lifecycle-environment Development --locations "$LOC" --name 'LAMP Wordpress' --organizations "$ORG" --puppet-ca-proxy sat-$GUID.rhpds.opentlc.com --puppet-proxy sat-$GUID.rhpds.opentlc.com --subnet VM-Net --partition-table 'Kickstart default' --operatingsystem 'RedHat 6.6' --puppet-classes "wordpress" --medium "${ORG_LABEL}/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_6_Server_Kickstart_x86_64_6_6"  --parent RHEL6_Dev_Servers
304 | 
305 | hammer hostgroup set-parameter --name kt_activation_keys --value 'ak-Wordpress,ak-Reg_To_Development' --hostgroup 'LAMP Wordpress'
306 | 
307 | echo Lab44
308 | 
309 | echo "no automation"
310 | echo Lab45
311 | 
312 | echo "no automation"
313 | echo "Lab walkthrou is finished"
314 | date
315 | 
316 | exit 0
317 | 
318 | # cleanup
319 | # this section cleans up server and client in order to start the whole Lab all over again.
320 | GUID=$(hostname -s|cut -d'-' -f2)
321 | export GUID
322 | ssh cli-$GUID.rhpds.opentlc.com subscription-manager unregister
323 | ssh cli-$GUID.rhpds.opentlc.com yum -y erase katello-ca-consumer*
324 | ssh cli-$GUID.rhpds.opentlc.com yum -y erase katello-agent puppet
325 | ssh cli-$GUID.rhpds.opentlc.com rm -fr /var/lib/puppet
326 | /usr/share/katello/script/katello-remove
327 | 


--------------------------------------------------------------------------------
/add-CMDB-attributes.sh:
--------------------------------------------------------------------------------
 1 | # In many cases it is required to link hosts managed by Satellite to an external CMDB and
 2 | # add labels or group systems according to external parameters.
 3 | # This script shows how to attach labels and organize hosts in collections using
 4 | # a simple CSV list with such data.
 5 | # The first parameter "Service Group" is translated into a Host Collection,
 6 | # the other parameters are set as host parameters.
 7 | 
 8 | # The script relies on hosts with valid Hostname to be present in Satellite.
 9 | 
10 | # The CSV for this examples takes the following entries:
11 | 
12 | # Service Group,Service Team,System Status,Hostname,Virtualization Area
13 | # Storage,Linux L1,Live,host01.example.com,Convered Cloud
14 | # Network,Linux L2,Live,host02.example.com,Public Cloud
15 | # Business,Linux L3,Build Up,host03.example.com,On premise 
16 | # Backup,Linux L2,Offline,host04.example.com,On premise
17 | # Business,Linux L3,Disassembling,host05.example.com,On premise
18 | 
19 | 
20 | export ORG="ACME"
21 | 
22 | while IFS=, read -r service_group service_team system_status hostname virtualization_area
23 | do
24 |     hammer host-collection info --organization=${ORG} --name="$service_group" >/dev/null 2>&1 || \
25 |       hammer host-collection create --organization=${ORG} --name="$service_group"
26 |     hammer host-collection add-host --organization=${ORG} --name "$service_group" --hosts "$hostname"
27 |     hammer host set-parameter --host $hostname --name system_status --value="$system_status"
28 |     hammer host set-parameter --host $hostname --name service_team --value="$service_team"
29 |     hammer host set-parameter --host $hostname --name virtualization_area --value="$virtualization_area"
30 | done < inventory.csv
31 | 
32 | 
33 | # hammer host info --name $name
34 | # hammer host list --search "params.system_status=Live"
35 | 


--------------------------------------------------------------------------------
/cap63-setup.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # vim: ft=sh:sw=2:et
  3 | cat <<EOF
  4 | 
  5 | 
  6 | Capsule-6.3 Demo/Test/PoC Setup Script
  7 | ========================================
  8 | 
  9 | This script is intended to automate a Capsule-6.3 server installation on top of a Satellite-6.3 setup for demo, test or PoC purposes.
 10 |  
 11 | The script helps to perform the initial steps to finish the prerequisites, it installs and configures the software,
 12 | it fills the Capsule with various types of content, it creates activation keys and content views,
 13 | it customizes some smart class parameter overrides and finally installs a couple of new hosts.
 14 | 
 15 | With this setup, the script is well suited as a Capsule-6 test.
 16 | In an PoC scenario, it allows to emphasize on the actual use cases and requirements from the very first moment.
 17 | 
 18 | This demo setup shows some of the features and benefits of Capsule-6.3:
 19 | - Capsule is configured to use the existing IPA CA (again, IPA is prerequisite, out of scope for this demo).
 20 | - Capsule is configured to register hosts automatically into the IPA REALM.
 21 | - The simple baseline host is hardened so that root login is disabled.
 22 | 
 23 | This demo is intended to run in a VM on a libvirt/KVM host. The Capsule VM requires least 8GB of RAM and 4 cores. 12GB RAM and 6 cores are recommended.
 24 | I recommend using a dedicated server from a hosting provider which is available for less than €50 per month.
 25 | The network setup must allow Capsule to run DHCP and TFTP on a dedicated interface.
 26 | With all features enabled, the demo setup will consume around 180GB of disk space for package content in /var/lib/pulp.
 27 | Using the immediate sync policy, the content sync alone takes more than 24 hours even with a high bandwidth internet connection.
 28 | In preparation for a Capsule-6 PoC this script can be used to perform this time consuming procedure ahead of the actual PoC engagement.
 29 | 
 30 | There is at least one manual intervention required directly after
 31 | satellite-install has finished and a second halt is included right before the
 32 | demo hosts are created at the end.  So be prepared to be around for at least an
 33 | hour or so after starting the script to proceed after the first manual
 34 | intervention.  After that, you may go home and proceed the next day...
 35 | 
 36 | You may want to run this script in a screen session.
 37 | 
 38 | The header section of this script declares a lot of variables that are used later on to customize the script.
 39 | Read through the values carefully and change where appropriate.
 40 | When finished, delete or comment the following exit command.
 41 | 
 42 | EOF
 43 | exit 0
 44 | 
 45 | set -x
 46 | set -e
 47 | longname=$(hostname | tr '.' '_')
 48 | 
 49 | # STAGE Level:
 50 | # 1 = preqequisite preparation
 51 | # 2 = Capsule 6 installation
 52 | export STAGE=1
 53 | 
 54 | # This demo setup is built with IPA integration as one important feature to show.
 55 | # While it is possible to use IPA and leave Capsule with the self signed internal CA cert,
 56 | # it is recommended to demonstrate/test this feature as well.
 57 | # The IPA_EXT_CERT switch is mainly offered for debugging purposes.
 58 | export IPA_EXT_CERT=true
 59 | 
 60 | 
 61 | # The following block of parameters needs to reflect your environment.
 62 | # Most of the parameters are used with the satellite-installer
 63 | # The purpose should be pretty much self explanatory. In doubt, look at 'satellite-installer --help'
 64 | export SAT_IP=172.24.200.3
 65 | export SAT_NAME=satellite.example.com
 66 | export CAP_IP=172.24.100.5
 67 | export ORG="ACME"
 68 | export LOC="Elsewhere"
 69 | export ADMIN=capsule
 70 | export ADMIN_PASSWORD=',4d4jynIt3KZOD'
 71 | export IPA_SERVER=ipa.example.com
 72 | export DOMAIN=example.com
 73 | export REALM=EXAMPLE.COM
 74 | export C=DE
 75 | export ST=Berlin
 76 | export L=Berlin
 77 | export OU=IT-Ops
 78 | export DNS=172.24.100.2
 79 | export DNS_REV=100.24.172.in-addr.arpa
 80 | export DHCP_RANGE="172.24.100.20 172.24.100.50"
 81 | export DHCP_GW=172.24.100.1
 82 | export DHCP_DNS=172.24.100.2
 83 | export CAP_INTERFACE=eth1
 84 | export SUBNET=172.24.100.0
 85 | export SUBNET_MASK=255.255.255.0
 86 | export SUBNET_NAME='elsenet'
 87 | export SUBNET_IPAM_BEGIN=172.24.100.100
 88 | export SUBNET_IPAM_END=172.24.100.150
 89 | # The host prefix is used to distinguish the demo hosts created at the end of this script.
 90 | export HOST_PREFIX='el-'
 91 | # This is the default password used in hostgroup declarations.
 92 | export HOST_PASSWORD='Geheim!!'
 93 | 
 94 | # This demo is intended to run on a simple libvirt/KVM hypervisor.
 95 | # A dedicated server hosted by an internet service provider may be a cost effective choice for this ressource.
 96 | export CONFIGURE_LIBVIRT_RESOURCE=true
 97 | export COMPUTE_RES_FQDN="kvm2.hoster.com"
 98 | export COMPUTE_RES_NAME="Else"
 99 | 
100 | # This script alternatively allows to use a RHV virtualization backend using the following parameters
101 | export CONFIGURE_RHEV_RESOURCE=false
102 | # export COMPUTE_RES_FQDN="rhv.example.com"
103 | # export COMPUTE_RES_NAME="RHV"
104 | export RHV_VERSION_4=true
105 | export RHV_RES_USER="admin@internal"
106 | export RHV_RES_PASSWD="Geheim!!"
107 | export RHV_RES_UUID="Default"
108 | 
109 | if [ $CONFIGURE_RHEV_RESOURCE = 'true' -a $CONFIGURE_LIBVIRT_RESOURCE = 'true' ]; then
110 |     echo "Only one of CONFIGURE_RHEV_RESOURCE and CONFIGURE_LIBVIRT_RESOURCE may be true."
111 |     exit 1
112 | fi
113 | 
114 | # This is the end of the header section.
115 | # Depending on the STAGE declared above, the script will start at some point and continue all the way to the end -- if everything goes well ;-)
116 | # As mentioned before, there is a halt for manual intervention right after satellite-install and a second halt at the end before creating the demo hosts.
117 | 
118 | 
119 | 
120 | # BEGIN preqeq prep
121 | if [ $STAGE -le 1 ]; then
122 |     echo "${CAP_IP} $(hostname)" >>/etc/hosts
123 |     rpm -Uvh http://$SAT_NAME/pub/katello-ca-consumer-latest.noarch.rpm || true
124 |     subscription-manager register || true
125 |     subscription-manager repos --disable "*"
126 |     subscription-manager repos --enable=rhel-7-server-rpms \
127 |         --enable=rhel-server-rhscl-7-rpms \
128 |         --enable=rhel-7-server-optional-rpms \
129 |         --enable=rhel-7-server-satellite-tools-6.3-rpms \
130 |         --enable=rhel-7-server-satellite-capsule-6.3-rpms \
131 |         --enable=rhel-7-server-satellite-capsule-6.3-puppet4-rpms
132 |     rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm || true
133 |     yum-config-manager --disable epel
134 |     yum -y upgrade
135 |     yum install -y screen yum-utils vim katello-agent
136 | 
137 |     yum install -y ipa-client ipa-admintools
138 | #    ipa-client-install --server=$IPA_SERVER --domain=$DOMAIN --realm=$REALM
139 |     kinit admin@${REALM}
140 |     ipa service-add HTTP/$(hostname)
141 |     if [ $IPA_EXT_CERT = 'true' ]; then
142 |         mkdir -p /root/certs
143 | 	openssl req -nodes -newkey rsa:2048 -keyout /root/certs/key.pem -out /root/certs/${longname}.csr -subj "/C=${C}/ST=${ST}/L=${L}/O=${ORG}/OU=${OU}/CN=$(hostname)"
144 |         serial=$(ipa cert-request --add --principal=host/$(hostname) /root/certs/${longname}.csr|grep number:|cut -d' ' -f5)
145 |         ipa cert-show --out /root/certs/${longname}.crt $serial
146 |     fi
147 | 
148 | 
149 |     read -p "
150 | 
151 | Manual action required!
152 | 
153 |     To proceed you need to copy /root/certs/key.pem /root/certs/${longname}.crt and /root/certs/${longname}.csr to /root/capsule-certs/
154 |     on the Satellite server and generate the capsule cert package.
155 | 
156 |     capsule-certs-generate --foreman-proxy-fqdn "$(hostname)" --certs-tar  "~/$(hostname)-certs.tar" --server-cert "/root/capsule-certs/${longname}.crt" --server-cert-req "/root/capsule-certs/${longname}.csr" --server-key "/root/capsule-certs/key.pem"--server-ca-cert "/etc/ipa/ca.crt"
157 | 
158 |     Then you need to edit this script, insert the OAUTH keys for the capsule integration as provided by capsule-certs-generate and proceed with stage 2.
159 |     Hit Enter to exit Stage 1." answer
160 | 
161 |     exit 0
162 | fi
163 | # END preqeq prep
164 | 
165 | export OAUTH_CONSUMER_KEY='5RDhyAovwyDkysG6bQGbUBcJWayKaTYL'
166 | export OAUTH_CONSUMER_SEC='uYhAqHTj55Y7VQaMtECA3JjZyCSyM8SG'
167 | export PROXY_OAUTH_SECRET='Y4xmYLy3rLQJoEp2EipK7im9vzrK3wHD'
168 | 
169 | # BEGIN installation
170 | if [ $STAGE -le 2 ]; then
171 |     yum -y install satellite-capsule qpid-dispatch-router tfm-rubygem-hammer*
172 | 
173 |     firewall-cmd --permanent --add-port="53/udp" --add-port="53/tcp" \
174 |     --add-port="67/udp" --add-port="69/udp" \
175 |     --add-port="80/tcp" --add-port="443/tcp" \
176 |     --add-port="5000/tcp" --add-port="5647/tcp" \
177 |     --add-port="8000/tcp" --add-port="8140/tcp" \
178 |     --add-port="8443/tcp" --add-port="9090/tcp"
179 | 
180 |     firewall-cmd --reload
181 | 
182 |     if [ ! -f /root/.hammer/cli_config.yml ]; then
183 |         mkdir -p /root/.hammer
184 |         cat > /root/.hammer/cli_config.yml <<EOF
185 | :foreman:
186 |     :host: 'https://$SAT_NAME/'
187 |     :username: '$ADMIN'
188 |     :password: '$ADMIN_PASSWORD'
189 |     :request_timeout: -1
190 | EOF
191 |     fi
192 | 
193 |     if [ ! -f /root/freeipa.keytab ]; then
194 |         read -p "
195 | 
196 |         Manual action required!
197 | 
198 |             To proceed you need to manually copy the freeipa.keytab from your existing Satellite server.
199 |             The file is located in /etc/foreman-proxy/freeipa.keytab.
200 |             Make sure it is owned by foreman-proxy.foreman-proxy and has permission 0600.
201 |             Do not run foreman-prepare-realm again. This will invalidate all pre-existing freeipa.keytab files.
202 |             
203 |             Hit Enter after the freeipa.keytab has been copied." answer
204 | 
205 |     else
206 |         echo "Using existing keytab in /root/freeipa.keytab"
207 |     fi
208 |     cp /root/freeipa.keytab /etc/foreman-proxy
209 |     chown foreman-proxy:foreman-proxy /etc/foreman-proxy/freeipa.keytab
210 |     chmod 0600 /etc/foreman-proxy/freeipa.keytab
211 |     cp /etc/ipa/ca.crt /etc/pki/ca-trust/source/anchors/ipa.crt
212 |     update-ca-trust enable
213 |     update-ca-trust
214 | 
215 | 
216 |     time satellite-installer --scenario capsule -v \
217 |       --foreman-proxy-content-parent-fqdn           "$SAT_NAME"\
218 |       --foreman-proxy-register-in-foreman           "true"\
219 |       --foreman-proxy-foreman-base-url              "https://$SAT_NAME"\
220 |       --foreman-proxy-trusted-hosts                 "$SAT_NAME"\
221 |       --foreman-proxy-trusted-hosts                 "$(hostname)"\
222 |       --foreman-proxy-oauth-consumer-key            "$OAUTH_CONSUMER_KEY"\
223 |       --foreman-proxy-oauth-consumer-secret         "$OAUTH_CONSUMER_SEC"\
224 |       --foreman-proxy-content-pulp-oauth-secret     "$PROXY_OAUTH_SECRET"\
225 |       --foreman-proxy-content-certs-tar             "/root/$(hostname)-certs.tar"\
226 |       --puppet-server-foreman-url                   "https://$SAT_NAME"\
227 |       --foreman-proxy-dns=true \
228 |       --foreman-proxy-dns-interface=$CAP_INTERFACE \
229 |       --foreman-proxy-dns-zone=$DOMAIN  \
230 |       --foreman-proxy-dns-forwarders=$DNS \
231 |       --foreman-proxy-dns-reverse=$DNS_REV  \
232 |       --foreman-proxy-dhcp=true \
233 |       --foreman-proxy-dhcp-interface=$CAP_INTERFACE \
234 |       --foreman-proxy-dhcp-range="$DHCP_RANGE" \
235 |       --foreman-proxy-dhcp-gateway=$DHCP_GW \
236 |       --foreman-proxy-dhcp-nameservers=$DHCP_DNS \
237 |       --foreman-proxy-tftp=true \
238 |       --foreman-proxy-tftp-servername=$CAP_IP \
239 |       --foreman-proxy-puppetca=true \
240 |       --foreman-proxy-realm=true \
241 |       --foreman-proxy-realm-keytab=/etc/foreman-proxy/freeipa.keytab \
242 |       --foreman-proxy-realm-principal="realm-proxy@${REALM}" \
243 |       --foreman-proxy-realm-provider=freeipa \
244 |       --enable-foreman-proxy-plugin-openscap \
245 |       --enable-foreman-proxy-plugin-discovery \
246 |       --enable-foreman-proxy-plugin-remote-execution-ssh
247 | 
248 | 
249 |     service foreman-proxy restart
250 |     yum install -y puppet-foreman_scap_client
251 |     yum install -y foreman-discovery-image
252 |     mkdir -p /etc/puppet/environments/production/modules
253 | 
254 | fi
255 | # END installation
256 | 
257 | exit 0
258 | 
259 | # BEGIN environment setup
260 | if [ $STAGE -le 3 ]; then
261 |     hammer capsule content add-lifecycle-environment --name=$(hostname) --organization=$ORG --environment=Production
262 | 
263 |     hammer domain update --id 1 --organizations "$ORG" --locations "$LOC"
264 | 
265 |     CAPSULE_ID=$(hammer --output='csv' capsule list --search=$(hostname) | tail -n+2 | head -n1 | cut -d',' -f1)
266 | 
267 |     hammer subnet create --name $SUBNET_NAME \
268 |       --network $SUBNET \
269 |       --mask $SUBNET_MASK \
270 |       --gateway $DHCP_GW \
271 |       --dns-primary $DHCP_DNS \
272 |       --ipam 'Internal DB' \
273 |       --from $SUBNET_IPAM_BEGIN \
274 |       --to $SUBNET_IPAM_END \
275 |       --tftp-id $CAPSULE_ID \
276 |       --dhcp-id $CAPSULE_ID \
277 |       --dns-id $CAPSULE_ID \
278 |       --domain-ids 1 \
279 |       --organizations "$ORG" \
280 |       --locations "$LOC"
281 | 
282 |     if [ $CONFIGURE_LIBVIRT_RESOURCE = 'true' ]; then
283 |         hammer compute-resource create --organizations "$ORG" --name "$COMPUTE_RES_NAME" --locations "$LOC" --provider Libvirt --url qemu+ssh://root@${COMPUTE_RES_FQDN}/system --set-console-password false
284 |     fi
285 | 
286 |     if [ $CONFIGURE_RHEV_RESOURCE = 'true' ]; then
287 |         hammer compute-resource create --name "${COMPUTE_RES_NAME}" --provider "Ovirt" --description "RHV4 Managment Server" --url "https://${COMPUTE_RES_FQDN}/ovirt-engine/api/v3" --user "${RHV_RES_USER}" --password "${RHV_RES_PASSWD}" --locations "$LOC" --organizations "$ORG" --uuid "${RHV_RES_UUID}"
288 |     fi
289 | 
290 |     LOC_IDS=''
291 |     for LOC in $(hammer --output=csv location list|tail -n+2|cut -d',' -f1); do LOC_IDS="${LOC_IDS}${LOC_IDS:+,}$LOC"; done
292 | 
293 |     hammer location add-medium --name=$LOC --medium="RHEL 7.5 Kickstart"
294 |     hammer location add-hostgroup --name=$LOC --hostgroup='RHEL7_Base'
295 |     hammer location add-domain --name=$LOC --domain=$DOMAIN
296 |     hammer realm update --name=$REALM --location-ids=$LOC_IDS
297 |     hammer capsule content synchronize --organization=$ORG --name=$(hostname)
298 | 
299 | fi
300 | # END environment setup
301 | 
302 |     if [ $CONFIGURE_LIBVIRT_RESOURCE = 'true' ]; then
303 |         read -p "
304 | 
305 |         Manual action required!
306 | 
307 |         To proceed you need to manually add /usr/share/foreman/.ssh/id_rsa.pub to root@${COMPUTE_RES_FQDN}:.ssh/authorized_keys
308 | 
309 |         Hit Enter after the key has been authorized." answer
310 |     fi
311 | 
312 |     read -p "
313 | 
314 | Manual action required!
315 | 
316 |     To proceed you need to manually adjust Compute Profiles.
317 |     Log into your Satellite-6.3 as admin and go to Infrastructure->Compute Profiles.
318 |     Go through all profile sizes and make sure the network interfaces are correctly selected for the Capsule subnet.
319 | 
320 |     Hit Enter after all Compute Profiles are set up correctly." answer
321 | 
322 |     read -p "
323 | 
324 | Manual action required!
325 | 
326 |     To proceed you may need to fix realm settings.
327 |     Edit /etc/foreman-proxy/settings.d/realm_freeipa.yml
328 |     and make sure it reads
329 |     :principal: realm-proxy@${REALM}
330 | 
331 |     In case you need to edit the file, you also need to restart Satellite
332 | 
333 |     katello-service restart
334 | 
335 |     Hit Enter after realm settings are verified to be correct." answer
336 | 
337 | 
338 | # Check your kickstart-network-setup snippet and check if you need to adjust for your
339 | # network setup. The following lines may serve as an example:
340 | # sed -ri 's/^PEERDNS=yes/PEERDNS=no/' /etc/sysconfig/network-scripts/ifcfg-eth1
341 | # sed -ri 's/^ONBOOT=no/ONBOOT=yes/' /etc/sysconfig/network-scripts/ifcfg-eth1
342 | # echo "DEFROUTE=no" >>/etc/sysconfig/network-scripts/ifcfg-eth0
343 | # systemctl restart network
344 | 
345 | hammer host create --organization="$ORG" --location="$LOC" --compute-resource="$COMPUTE_RES_NAME" --compute-profile='1-Small' --hostgroup='RHEL7_Base' --name="${HOST_PREFIX}-rhel7std01"
346 | hammer host start --name="${HOST_PREFIX}-rhel7std01.${DOMAIN}"
347 | hammer host create --organization="$ORG" --location="$LOC" --compute-resource="$COMPUTE_RES_NAME" --compute-profile='2-Medium' --hostgroup='inf-git-rhel7' --name="${HOST_PREFIX}-git"
348 | hammer host start --name="${HOST_PREFIX}-git.${DOMAIN}"
349 | hammer host create --organization="$ORG" --location="$LOC" --compute-resource="$COMPUTE_RES_NAME" --compute-profile='2-Medium' --hostgroup='inf-docker-rhel7' --name="${HOST_PREFIX}-docker01"
350 | hammer host start --name="${HOST_PREFIX}-docker01.${DOMAIN}"
351 | hammer host create --organization="$ORG" --location="$LOC" --compute-resource="$COMPUTE_RES_NAME" --compute-profile='3-Large' --hostgroup='inf-builder-rhel7' --name="${HOST_PREFIX}-build01"
352 | hammer host start --name="${HOST_PREFIX}-build01.${DOMAIN}"
353 | 
354 | 


--------------------------------------------------------------------------------
/hv-setup.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # vim: ft=sh:sw=2:et
  3 | # set -x
  4 | # set -e
  5 | 
  6 | # This script prepares a Satellite-6 server to provision RHEL as RHV hypervisor.
  7 | # It first make sure all required products/repos are enabled and synced into Satellite.
  8 | # Then the script creates a Content View with those repos and a number of Puppet modules
  9 | # required to implement the hypervisor role.
 10 | # This hypervisor profile and the cockpit module it depends on can be found on Github:
 11 | # https://github.com/shetze/puppet-modules
 12 | # The other dependencies can be resolved with modules from PuppetForge.
 13 | #
 14 | # After the Content View has been published and promoted, an Activation Key and
 15 | # Hostgroup are created for provisioning of new hosts for that hypervisor role.
 16 | #
 17 | # At last, a couple of smart class parameters are made available to the Hostgroup
 18 | # for configuration of the hypervisor hosts.
 19 | 
 20 | 
 21 | # The following block of parameters needs to reflect your environment.
 22 | # The purpose should be pretty much self explanatory.
 23 | export ORG="LunetIX"
 24 | export LOC="BX-Lab"
 25 | export DOMAIN=lunetix.org
 26 | export REALM=LUNETIX.ORG
 27 | export SUBNET_NAME='BX-Front'
 28 | # This is the default password used in hostgroup declarations.
 29 | export HOST_PASSWORD='Geheim!!'
 30 | 
 31 | export profile_name='hypervisor'
 32 | export profile_type='inf'
 33 | export profile_gen='rhel7'
 34 | export stage='Development'
 35 | export stage_prefix='dev'
 36 | 
 37 | hypervisor_view=${profile_type}-${profile_name}-${profile_gen}
 38 | hypervisor_group=${stage_prefix}-${profile_name}-${profile_gen}
 39 | hypervisor_env=${stage}_${profile_type}_${profile_name}_${profile_gen}
 40 | 
 41 | 
 42 | cat <<EOD | tr -d "'" |
 43 | 'Red Hat Enterprise Linux Server','Red Hat Enterprise Linux 7 Server (RPMs)','x86_64','7Server',''
 44 | 'Red Hat Enterprise Linux Server','Red Hat Enterprise Linux 7 Server - Extras (RPMs)','x86_64','','immediate'
 45 | 'Red Hat Enterprise Linux Server','Red Hat Satellite Tools 6.2 (for RHEL 7 Server) (RPMs)','x86_64','',''
 46 | 'Red Hat Enterprise Virtualization','Red Hat Virtualization 4 Management Agents for RHEL 7 (RPMs)','x86_64','7Server','on-demand'
 47 | EOD
 48 | 
 49 | while IFS=, read product reposet basearch releasever policy; do
 50 |   if [ -n $releasever ]; then releasestr=" $releasever"; else releasestr="$releasever"; fi
 51 |   repo=$(echo $reposet $basearch$releasestr|tr -d "()")
 52 |   echo Ensure availability for repo: $repo
 53 |   hammer repository-set info --organization "$ORG" --product "$product" --name "$reposet" >/dev/null 2>/dev/null
 54 |   if [ $? != 0 ]; then echo "product not found: make sure you have a subscription for $product in your manifest"; fi
 55 |   hammer repository info --organization "$ORG" --product "$product" --name "$repo" >/dev/null 2>/dev/null
 56 |   if [ $? != 0 ]; then
 57 |     echo "Enabling repo $repo"
 58 |     if [ -n $releasever ]; then
 59 |       hammer repository-set enable --organization "$ORG" --product "$product" --basearch="$basearch" --name "$reposet"
 60 |     else
 61 |       hammer repository-set enable --organization "$ORG" --product "$product" --basearch="$basearch" --releasever="$releasever" --name "$reposet"
 62 |     fi
 63 |     if [ -n $policy ]; then
 64 |      hammer repository update --organization "$ORG" --product "$product" --name "$repo" --download-policy "$policy"
 65 |     fi
 66 |     time hammer repository synchronize --organization "$ORG" --product "$product" --name "$repo" 2>/dev/null
 67 |   fi
 68 | done
 69 | 
 70 | hammer content-view info --organization "$ORG" --name "$hypervisor_view" >/dev/null 2>/dev/null
 71 | if [ $? != 0 ]; then
 72 |   echo "add Content View $hypervisor_view"
 73 |   cfx_firewall_id=$(hammer --output=csv puppet-module list --organization=$ORG --search "crayfishx firewalld 2.2.0"| tail -n+2 | head -n1 | cut -d',' -f1)
 74 |   hammer content-view create --organization "$ORG" --name "$hypervisor_view" --label "$hypervisor_view" --description 'RHV Hypervisor'
 75 |   hammer content-view add-repository --organization "$ORG" --name "$hypervisor_view" --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
 76 |   hammer content-view add-repository --organization "$ORG" --name "$hypervisor_view" --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
 77 |   hammer content-view add-repository --organization "$ORG" --name "$hypervisor_view" --product 'Red Hat Enterprise Virtualization' --repository 'Red Hat Enterprise Virtualization Management Agents for RHEL 7 RPMs x86_64 7Server'
 78 |   hammer content-view puppet-module add --organization "$ORG" --content-view "$hypervisor_view" --author puppetlabs --name stdlib
 79 |   hammer content-view puppet-module add --organization "$ORG" --content-view "$hypervisor_view" --author puppetlabs --name concat
 80 |   hammer content-view puppet-module add --organization "$ORG" --content-view "$hypervisor_view" --author puppetlabs --name ntp
 81 |   hammer content-view puppet-module add --organization "$ORG" --content-view "$hypervisor_view" --author saz --name ssh
 82 |   hammer content-view puppet-module add --organization "$ORG" --content-view "$hypervisor_view" --id $cfx_firewall_id
 83 |   hammer content-view puppet-module add --organization "$ORG" --content-view "$hypervisor_view" --author LunetIX --name hypervisor
 84 |   hammer content-view puppet-module add --organization "$ORG" --content-view "$hypervisor_view" --author LunetIX --name cockpit
 85 |   time hammer content-view publish --organization "$ORG" --name "$hypervisor_view" --description 'Initial Publishing' 2>/dev/null
 86 |   time hammer content-view version promote --organization "$ORG" --content-view "$hypervisor_view" --to-lifecycle-environment "$stage"  2>/dev/null
 87 | else
 88 |   echo "Content View $hypervisor_view already exists, change manually if required"
 89 | fi
 90 | 
 91 | 
 92 | hammer activation-key info --organization "$ORG" --name "$hypervisor_group" >/dev/null 2>/dev/null
 93 | if [ $? != 0 ]; then
 94 |   echo "add Activation Key $hypervisor_group"
 95 |   RHEL_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Red Hat Enterprise Linux Server with Smart Management, Standard (Physical or Virtual Nodes)' | grep -v 'ATOM\|Resilient\|Hyperscale' | tail -n+2 | head -n1 | cut -d',' -f1)
 96 |   PuppetForge_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Puppet Forge' | tail -n+2 | head -n1 | cut -d',' -f1)
 97 |   RHEV_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Red Hat Enterprise Virtualization (2-sockets), Standard' | tail -n+2 | head -n1 | cut -d',' -f1)
 98 | 
 99 |   hammer activation-key create --organization="$ORG" --name="$hypervisor_group" --unlimited-hosts --lifecycle-environment="$stage" --content-view="$hypervisor_view"
100 |   hammer activation-key add-subscription --organization="$ORG" --name="$hypervisor_group" --subscription-id="$PuppetForge_Sub_ID" 
101 |   hammer activation-key add-subscription --organization="$ORG" --name="$hypervisor_group" --subscription-id="$RHEV_Sub_ID" 
102 |   hammer activation-key add-subscription --organization="$ORG" --name="$hypervisor_group" --subscription-id="$RHEL_Sub_ID" 
103 |   hammer activation-key content-override --organization="$ORG" --name="$hypervisor_group" --content-label='rhel-7-server-satellite-tools-6.2-rpms' --value=1
104 |   hammer activation-key content-override --organization="$ORG" --name="$hypervisor_group" --content-label='rhel-7-server-rhv-4-mgmt-agent-rpms' --value=1
105 |   hammer activation-key content-override --organization="$ORG" --name="$hypervisor_group" --content-label='rhel-7-server-extras-rpms' --value=1
106 |   hammer activation-key update --organization="$ORG" --name="$hypervisor_group" --release-version='7Server' --service-level='Standard' --auto-attach=0
107 | else
108 |   echo "Activation Key $hypervisor_group already exists, change manually if required"
109 | fi
110 | 
111 | hammer hostgroup info --name "$hypervisor_group" >/dev/null 2>/dev/null
112 | if [ $? != 0 ]; then
113 |   echo "add Host Group $hypervisor_group"
114 |   environment=$(hammer --output=csv environment list --search="$hypervisor_env" --puppet-class='stdlib' | tail -n+2 | head -n1 | cut -d',' -f2)
115 |   hammer hostgroup create --organization="$ORG" --organizations="$ORG" --locations="$LOC" \
116 |     --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
117 |     --domain="$DOMAIN" --realm="$REALM" --subnet="$SUBNET_NAME" \
118 |     --medium='LunetIX/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_3' \
119 |     --lifecycle-environment="$stage" --operatingsystem='RedHat 7.3' --partition-table='Kickstart default' \
120 |     --root-pass="$HOST_PASSWORD" --puppet-classes='ssh::server,ntp,hypervisor'  --content-view="$hypervisor_view" \
121 |     --environment="$environment" --name="$hypervisor_group"
122 |   hammer hostgroup set-parameter --hostgroup="$hypervisor_group" --name='kt_activation_keys' --value="$hypervisor_group"
123 | 
124 |   echo "change smart class parameter settings"
125 |   param_id=$(hammer --output=csv sc-param list --puppet-class='ssh::server' --search='options' | tail -n+2 | head -n1 | cut -d',' -f1)
126 |   hammer sc-param add-override-value --puppet-class='ssh::server' --smart-class-parameter-id=$param_id --match="hostgroup=$hypervisor_view" \
127 |     --value='{ "PermitRootLogin": true, "Protocol": 2, "UsePrivilegeSeparation": "sandbox", "SyslogFacility": "AUTHPRIV", "AuthorizedKeysFile": ".ssh/authorized_keys", "PasswordAuthentication": true, "GSSAPICleanupCredentials": false, "KerberosAuthentication": false, "PubkeyAuthentication": true, "GSSAPIAuthentication": true, "AuthorizedKeysCommand": "/usr/bin/sss_ssh_authorizedkeys", "AuthorizedKeysCommandUser": "nobody" }'
128 |   param_id=$(hammer --output=csv sc-param list --puppet-class='hypervisor' --search='cockpit_cert' | tail -n+2 | head -n1 | cut -d',' -f1)
129 |   hammer sc-param update --puppet-class='hypervisor' --override=1 --id=$param_id --default-value='undef'
130 |   param_id=$(hammer --output=csv sc-param list --puppet-class='hypervisor' --search='iscsi_initiator_name' | tail -n+2 | head -n1 | cut -d',' -f1)
131 |   hammer sc-param update --puppet-class='hypervisor' --override=1 --id=$param_id --default-value="undef"
132 |   param_id=$(hammer --output=csv sc-param list --puppet-class='hypervisor' --search='ssh_host_key_pub' | tail -n+2 | head -n1 | cut -d',' -f1)
133 |   hammer sc-param update --puppet-class='hypervisor' --override=1 --id=$param_id --default-value='undef'
134 |   param_id=$(hammer --output=csv sc-param list --puppet-class='hypervisor' --search='ssh_host_key_sec' | tail -n+2 | head -n1 | cut -d',' -f1)
135 |   hammer sc-param update --puppet-class='hypervisor' --override=1 --id=$param_id --default-value='undef'
136 | else
137 |   echo "Host Group $hypervisor_group already exists, change manually if required"
138 | fi
139 | 
140 | echo Done
141 | 


--------------------------------------------------------------------------------
/sat62-setup.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # vim: ft=sh:sw=2:et
  3 | cat <<EOF
  4 | 
  5 | 
  6 | Satellite-6.2 Demo/Test/PoC Setup Script
  7 | ========================================
  8 | 
  9 | This script is intended to automate a comprehensive Satellite-6.2 server installation for demo, test or PoC purposes.
 10 |  
 11 | The script helps to perform the initial steps to finish the prerequisites, it installs and configures the software,
 12 | it fills the Satellite with various types of content, it creates activation keys and content views,
 13 | it customizes some smart class parameter overrides and finally installs a couple of new hosts.
 14 | 
 15 | With this setup, the script is well suited as a Satellite-6 test.
 16 | In an PoC scenario, it allows to emphasize on the actual use cases and requirements from the very first moment.
 17 | 
 18 | This demo setup shows some of the features and benefits of Satellite-6.2:
 19 | - Satellite is configured to authenticate with an existing IPA server (IPA is prerequisite, out of scope for this demo).
 20 | - Satellite is configured to use the existing IPA CA (again, IPA is prerequisite, out of scope for this demo).
 21 | - Satellite is configured to register hosts automatically into the IPA REALM.
 22 | - The simple baseline host is hardened so that root login is disabled.
 23 |   Given the appropriate IPA setup (prerequisite, out of scope for this demo) users can log into the host and sudo if IPA authorization permits.
 24 | - A GIT server is created with a post-receive hook that automatically syncs new puppet classes from GIT to Satellite into a dedicated puppet only content view.
 25 |   This GIT setup demonstrates how to create a rapid puppet development workflow with Satellite-6.
 26 | - A dockerhost is created with appropriate partitioning and network configuration to demonstrate the value of a stable baseline (packages and configuration) to build and run docker containers.
 27 | - A comprehensive buildhost is created to demonstrate the value of the stable baseline (packages and configuration) for development and build environments.
 28 |   The buildhost puppet profile class demonstrates the adoption of a role-profile model with Satellite-6.
 29 |   The automation of the buildhost setup is taken so far that a complete jenkins build pipeline is set up and running to show a JBoss TicketMonster development workflow.
 30 | 
 31 | This demo is intended to run in a VM on a libvirt/KVM host. The Satellite VM requires least 8GB of RAM and 4 cores. 12GB RAM and 6 cores are recommended.
 32 | I recommend using a dedicated server from a hosting provider which is available for less than €50 per month.
 33 | The network setup must allow Satellite to run DHCP and TFTP on a dedicated interface.
 34 | With all features enabled, the demo setup will consume around 180GB of disk space for package content in /var/lib/pulp.
 35 | Using the immediate sync policy, the content sync alone takes more than 24 hours even with a high bandwidth internet connection.
 36 | In preparation for a Satellite-6 PoC this script can be used to perform this time consuming procedure ahead of the actual PoC engagement.
 37 | 
 38 | There is at least one manual intervention required directly after satellite-install has finished and a second halt is included right before the demo hosts are created at the end.
 39 | So be prepared to be around for at least an hour or so after starting the script to proceed after the first manual intervention.
 40 | After that, you may go home and proceed the next day...
 41 | 
 42 | You may want to run this script in a screen session.
 43 | 
 44 | 
 45 | The header section of this script declares a lot of variables that are used later on to customize the script.
 46 | Read through the values carefully and change where appropriate.
 47 | When finished, delete or comment the following exit command.
 48 | 
 49 | EOF
 50 | exit 0
 51 | 
 52 | set -x
 53 | set -e
 54 | longname=$(hostname | tr '.' '_')
 55 | 
 56 | # This is a Sat6 engineering manifest. Replace with your custom manifest.
 57 | export MANIFEST=Satellite_61_Generated_27_Jul_2016.zip
 58 | # scp Satellite_61_Generated_27_Jul_2016.zip root@satellite62.example.com:/tmp
 59 | # scp sat62-setup.sh root@satellite62.example.com:
 60 | 
 61 | # The script is built such that the preparation steps can be skipped if later stages need to be extended or repeated.
 62 | # The higher the STAGE Level is, the more preparation steps are skipped.
 63 | # STAGE Level:
 64 | # 1 = preqequisite preparation
 65 | # 2 = Satellite 6 installation
 66 | # 3 = content sync
 67 | # 4 = environment setup
 68 | # 5 = content views
 69 | # 6 = host groups, activation keys, sc_params
 70 | # 7 = hosts
 71 | export STAGE=1
 72 | 
 73 | # This demo setup is built with IPA integration as one important feature to show.
 74 | # While it is possible to use IPA and leave Satellite with the self signed internal CA cert,
 75 | # it is recommended to demonstrate/test this feature as well.
 76 | # The IPA_EXT_CERT switch is mainly offered for debugging purposes.
 77 | export IPA_EXT_CERT=true
 78 | 
 79 | 
 80 | # The following four switches allow to adjust the size of the content stack synced into Satellite.
 81 | # Depending on the use cases you want to show, RHEL6_CONTENT may well be excluded. This saves a lot of space and time.
 82 | #
 83 | # The OPT_CONTENT includes additional stuff like RHEL supplementary repos as well as JBoss EAP, Satellite and Capsule repos.
 84 | # It is recommended to include this options content because it is required in all of the more advanced use cases.
 85 | #
 86 | # The extended content set may be omitted.
 87 | # It servers mainly as template for even more advanced use cases to be implemented in an PoC.
 88 | #
 89 | # The custom content set finally is exactly that. It is intended to include your own or the customers internal stuff.
 90 | export RHEL6_CONTENT=false
 91 | export OPT_CONTENT=true
 92 | export EXT_CONTENT=false
 93 | export CUST_CONTENT=true
 94 | 
 95 | # The following block of parameters needs to reflect your environment.
 96 | # Most of the parameters are used with the satellite-installer
 97 | # The purpose should be pretty much self explanatory. In doubt, look at 'satellite-installer --help'
 98 | export SAT_IP=172.24.200.3
 99 | export ORG="LunetIX"
100 | export LOC="PuckWorld"
101 | export ADMIN=admin
102 | export ADMIN_PASSWORD='Geheim!!'
103 | export DOMAIN=lunetix.org
104 | export REALM=LUNETIX.ORG
105 | export DNS=172.24.200.2
106 | export DNS_REV=200.24.172.in-addr.arpa
107 | export DHCP_RANGE="172.24.200.20 172.24.200.50"
108 | export DHCP_GW=172.24.200.1
109 | export DHCP_DNS=172.24.200.2
110 | export SAT_INTERFACE=sat
111 | export SUBNET=172.24.200.0
112 | export SUBNET_MASK=255.255.255.0
113 | export SUBNET_NAME='pucknet'
114 | export SUBNET_IPAM_BEGIN=172.24.200.100
115 | export SUBNET_IPAM_END=172.24.200.150
116 | # The host prefix is used to distinguish the demo hosts created at the end of this script.
117 | export HOST_PREFIX='pu'
118 | # This is the default password used in hostgroup declarations.
119 | export HOST_PASSWORD='Geheim!!'
120 | 
121 | # This demo is intended to run on a simple libvirt/KVM hypervisor.
122 | # A dedicated server hosted by an internet service provider may be a cost effective choice for this ressource.
123 | export CONFIGURE_LIBVIRT_RESOURCE=true
124 | export LIBVIRT_RES_NAME="Puck"
125 | export LIBVIRT_RES_FQDN="puck1054.server4you.de"
126 | 
127 | # 
128 | export CONFIGURE_RHEV_RESOURCE=false
129 | export RHV_VERSION_4=true
130 | export RHV_RES_NAME="BX-RHV4"
131 | export RHV_RES_FQDN="rhev4.lunetix.org"
132 | export RHV_RES_USER="admin@internal"
133 | export RHV_RES_PASSWD="Geheim!!"
134 | export RHV_RES_UUID="Default"
135 | 
136 | # FIRST_SATELLITE matters only if you want to have more than one Sat work with the same IPA REALM infrastructure.
137 | # If this is the case, you need to make sure to set this to false for all subsequent Satellite instances.
138 | export FIRST_SATELLITE=false
139 | 
140 | 
141 | # This is the end of the header section.
142 | # Depending on the STAGE declared above, the script will start at some point and continue all the way to the end -- if everything goes well ;-)
143 | # As mentioned before, there is a halt for manual interfention right after satellite-install and a second halt at the end before creating the demo hosts.
144 | 
145 | 
146 | # Be prepared to wait a long time until the content sync has completed.
147 | 
148 | # BEGIN preqeq prep
149 | if [ $STAGE -le 1 ]; then
150 |     subscription-manager register
151 |     subscription-manager repos --disable "*"
152 |     subscription-manager repos --enable=rhel-7-server-rpms \
153 |         --enable=rhel-server-rhscl-7-rpms \
154 |         --enable=rhel-7-server-optional-rpms \
155 |         --enable=rhel-7-server-satellite-6.2-rpms
156 |     rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
157 |     yum-config-manager --disable epel
158 |     yum -y upgrade
159 |     yum install -y screen yum-utils vim
160 |     echo "${SAT_IP} $(hostname)" >>/etc/hosts
161 | 
162 |     yum install -y ipa-client ipa-admintools
163 |     ipa-client-install
164 |     kinit admin@${REALM}
165 |     ipa service-add HTTP/$(hostname)
166 |     if [ $IPA_EXT_CERT = 'true' ]; then
167 |         mkdir -p /root/certs
168 |         openssl genrsa -out /root/certs/key.pem 2048
169 |         openssl req -new -key /root/certs/key.pem -out /root/certs/${longname}.csr
170 |         serial=$(ipa cert-request --add --principal=host/$(hostname) /root/certs/${longname}.csr|grep number:|cut -d' ' -f5)
171 |         ipa cert-show --out /root/certs/${longname}.crt $serial
172 |     fi
173 | fi
174 | # END preqeq prep
175 | 
176 | # BEGIN installation
177 | if [ $STAGE -le 2 ]; then
178 |     yum -y install satellite foreman-proxy
179 | 
180 |     firewall-cmd --permanent --add-service='RH-Satellite-6' --add-service='dns' --add-service='dhcp' --add-service='tftp' --add-service='http' --add-service='https'
181 |     # goferd
182 |     firewall-cmd --permanent --add-port='5674/tcp'
183 |     # VNC
184 |     firewall-cmd --permanent --add-port='5901-5930/tcp'
185 |     # OMAPI
186 |     firewall-cmd --permanent --add-port='7911/tcp'
187 |     firewall-cmd --reload
188 | 
189 |     mkdir -p /usr/share/foreman/.ssh
190 |     ssh-keygen -f /usr/share/foreman/.ssh/id_rsa -t rsa -N ''
191 |     ssh-keyscan -t ecdsa $LIBVIRT_RES_FQDN >/usr/share/foreman/.ssh/known_hosts
192 |     chown -R foreman.foreman /usr/share/foreman/.ssh
193 | 
194 |     mkdir -p /root/.hammer
195 |     cat > /root/.hammer/cli_config.yml <<EOF
196 | :foreman:
197 |     :host: 'https://$(hostname)/'
198 |     :username: '$ADMIN'
199 |     :password: '$ADMIN_PASSWORD'
200 |     :request_timeout: -1
201 | EOF
202 | 
203 |     if [ $IPA_EXT_CERT = 'true' ]; then
204 |         katello-certs-check \
205 |           -b /etc/ipa/ca.crt \
206 |           -k /root/certs/key.pem \
207 |           -c /root/certs/${longname}.crt \
208 |           -r /root/certs/${longname}.csr
209 |         CERT_ARGS="--certs-server-ca-cert=/etc/ipa/ca.crt \
210 |                --certs-server-key=/root/certs/key.pem \
211 |                --certs-server-cert=/root/certs/${longname}.crt \
212 |                --certs-server-cert-req=/root/certs/${longname}.csr"
213 |     fi
214 | 
215 |     if [ $FIRST_SATELLITE = 'true' ]; then
216 |         foreman-prepare-realm admin realm-capsule
217 |     else
218 |         read -p "
219 | 
220 |         Manual action required!
221 | 
222 |             To proceed you need to manually copy the freeipa.keytab from your existing Satellite server.
223 | 	    The file is located in /etc/foreman-proxy/freeipa.keytab.
224 | 	    Make sure it is owned by foreman-proxy.foreman-proxy and has permission 0600.
225 | 	    Do not run foreman-prepare-realm again. This will invalidate all pre-existing freeipa.keytab files.
226 |             
227 |             Hit Enter after the freeipa.keytab has been copied." answer
228 | 
229 |     fi
230 |     cp /root/freeipa.keytab /etc/foreman-proxy
231 |     chown foreman-proxy:foreman-proxy /etc/foreman-proxy/freeipa.keytab
232 |     cp /etc/ipa/ca.crt /etc/pki/ca-trust/source/anchors/ipa.crt
233 |     update-ca-trust enable
234 |     update-ca-trust
235 | 
236 |     time satellite-installer --scenario satellite -v \
237 |       --foreman-admin-password=$ADMIN_PASSWORD \
238 |       --foreman-admin-username=$ADMIN \
239 |       --foreman-initial-organization=$ORG \
240 |       --foreman-initial-location=$LOC \
241 |       --foreman-proxy-dns=true \
242 |       --foreman-proxy-dns-interface=$SAT_INTERFACE \
243 |       --foreman-proxy-dns-zone=$DOMAIN  \
244 |       --foreman-proxy-dns-forwarders=$DNS \
245 |       --foreman-proxy-dns-reverse=$DNS_REV  \
246 |       --foreman-proxy-dhcp=true \
247 |       --foreman-proxy-dhcp-interface=$SAT_INTERFACE \
248 |       --foreman-proxy-dhcp-range="$DHCP_RANGE" \
249 |       --foreman-proxy-dhcp-gateway=$DHCP_GW \
250 |       --foreman-proxy-dhcp-nameservers=$DHCP_DNS \
251 |       --foreman-proxy-tftp=true \
252 |       --foreman-proxy-tftp-servername=$(hostname) \
253 |       --capsule-puppet=true \
254 |       --foreman-proxy-puppetca=true ${CERT_ARGS} \
255 |       --foreman-proxy-realm=true \
256 |       --foreman-proxy-realm-keytab=/etc/foreman-proxy/freeipa.keytab \
257 |       --foreman-proxy-realm-principal="realm-capsule@${REALM}" \
258 |       --foreman-proxy-realm-provider=freeipa \
259 |       --foreman-ipa-authentication=true \
260 |       --enable-foreman-plugin-openscap
261 | 
262 |     service foreman-proxy restart
263 |     hammer capsule refresh-features --id=1
264 |     hammer settings set --name default_download_policy --value on_demand
265 |     hammer subscription upload --organization "$ORG" --file /tmp/${MANIFEST}
266 |     hammer subscription refresh-manifest --organization "$ORG"
267 |     yum install -y puppet-foreman_scap_client
268 |     yum install -y foreman-discovery-image
269 |     foreman-rake foreman_openscap:bulk_upload:default
270 |     mkdir -p /etc/puppet/environments/production/modules
271 |     
272 |     
273 |     read -p "
274 | 
275 | Manual action required!
276 | 
277 |     To proceed you need to manually create a new REALM.
278 |     Log into your Satellite-6.2 as admin and go to Infrastructure->Realms.
279 |     Click \"New Realm\" and use ${REALM} as new realm name.
280 |     Leave Red hat Identity Management as realm type and select the appropriate Locations and Organizations.
281 | 
282 |     You also need to add /usr/share/foreman/.ssh/id_rsa.pub to root@${LIBVIRT_RES_FQDN}:.ssh/authorized_keys
283 | 
284 |     Hit Enter after the realm has been created." answer
285 | fi
286 | # END installation
287 | 
288 | 
289 | # BEGIN content sync
290 | # Sync of Red Hat RPM packages adds up to ~160GB of disk space in /var and takes ~ 24hours to finish
291 | if [ $STAGE -le 3 ]; then
292 |     date
293 |     # Essential RHEL7 Content
294 |     hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7.3' --name 'Red Hat Enterprise Linux 7 Server (Kickstart)' 
295 |     hammer repository update --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --name 'Red Hat Enterprise Linux 7 Server Kickstart x86_64 7.3' --download-policy immediate
296 |     time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 7 Server Kickstart x86_64 7.3' 2>/dev/null
297 |     # 4620P, 3.36G, 50 min
298 |     hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Enterprise Linux 7 Server (RPMs)'    
299 |     time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server' 2>/dev/null
300 |     # 11198P, 13.7G, 140 min
301 |     hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --name 'Red Hat Satellite Tools 6.2 (for RHEL 7 Server) (RPMs)'
302 |     time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
303 |     # 50P, 6.14MB, 50 sec
304 |     hammer repository-set enable --organization "$ORG" --product 'Red Hat Software Collections for RHEL Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server'
305 |     time hammer repository synchronize --organization "$ORG" --product 'Red Hat Software Collections for RHEL Server'  --name  'Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server' 2>/dev/null
306 |     # 6129P, 4.95G, 90 min
307 | 
308 |     hammer product create --name='Puppet Forge' --organization "$ORG"
309 |     hammer repository create  --organization "$ORG" --name='Modules' --product='Puppet Forge' --content-type='puppet' --publish-via-http=true --url=http://forge.puppetlabs.com/
310 |     time hammer repository synchronize --organization "$ORG" --product 'Puppet Forge'  --name  'Modules' 2>/dev/null
311 |     # 4327P, 426M, 110 min
312 |     du -sh /var/lib/pulp/content/units/puppet_module
313 |     find /var/lib/pulp/content/units/puppet_module -name \*tar.gz|wc -l
314 |     date
315 |     df -h
316 | 
317 |     # Essential RHEL6 Content
318 |     if [ $RHEL6_CONTENT = 'true' ]; then
319 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='6.8' --name 'Red Hat Enterprise Linux 6 Server (Kickstart)' 
320 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 6 Server Kickstart x86_64 6.8' 2>/dev/null
321 |         # 3852P 3.32G 45 min
322 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='6Server' --name 'Red Hat Enterprise Linux 6 Server (RPMs)'
323 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 6 Server RPMs x86_64 6Server' 2>/dev/null
324 |         # 18119P, 32.2G, 320 min
325 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --name 'Red Hat Satellite Tools 6.2 (for RHEL 6 Server) (RPMs)'
326 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Satellite Tools 6.2 for RHEL 6 Server RPMs x86_64'
327 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Software Collections for RHEL Server' --basearch='x86_64' --releasever='6Server' --name 'Red Hat Software Collections RPMs for Red Hat Enterprise Linux 6 Server'
328 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Software Collections for RHEL Server'  --name  'Red Hat Software Collections RPMs for Red Hat Enterprise Linux 6 Server x86_64 6Server' 2>/dev/null
329 |         # 5945P, 5.27G, 82 min
330 |         date
331 |         df -h
332 |     fi
333 | 
334 |     if [ $OPT_CONTENT = 'true' ]; then
335 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --name 'Red Hat Enterprise Linux 7 Server - Extras (RPMs)'    
336 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64' 2>/dev/null
337 |         # 282P, 630M, 7 min
338 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Enterprise Linux 7 Server - Optional (RPMs)'    
339 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 7 Server - Optional RPMs x86_64 7Server' 2>/dev/null
340 |         # 8763P, 11.5G, 120 min
341 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Enterprise Linux 7 Server - RH Common (RPMs)'    
342 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 7 Server - RH Common RPMs x86_64 7Server' 2>/dev/null
343 |         # 135P, 4.47G, 14 min
344 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Enterprise Linux 7 Server - Supplementary (RPMs)'    
345 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 7 Server - Supplementary RPMs x86_64 7Server' 2>/dev/null
346 |         # 129P, 3.18G, 10 min
347 |         hammer repository-set enable --organization "$ORG" --product 'JBoss Enterprise Application Platform' --basearch='x86_64' --releasever='7Server' --name 'JBoss Enterprise Application Platform 7 (RHEL 7 Server) (RPMs)'
348 |         time hammer repository synchronize --organization "$ORG" --product 'JBoss Enterprise Application Platform'  --name  'JBoss Enterprise Application Platform 7 RHEL 7 Server RPMs x86_64 7Server' 2>/dev/null
349 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Virtualization' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Enterprise Virtualization Management Agents for RHEL 7 (RPMs)'
350 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Virtualization'  --name  'Red Hat Enterprise Virtualization Management Agents for RHEL 7 RPMs x86_64 7Server' 2>/dev/null
351 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Satellite' --basearch='x86_64' --name 'Red Hat Satellite 6.2 (for RHEL 7 Server) (RPMs)'
352 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Satellite'  --name  'Red Hat Satellite 6.2 for RHEL 7 Server RPMs x86_64' 2>/dev/null
353 |         # 225P, 310M, 6 min
354 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Satellite Capsule' --basearch='x86_64' --name 'Red Hat Satellite Capsule 6.2 (for RHEL 7 Server) (RPMs)'
355 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Satellite Capsule'  --name  'Red Hat Satellite Capsule 6.2 for RHEL 7 Server RPMs x86_64' 2>/dev/null
356 |         #
357 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat OpenShift Container Platform' --basearch='x86_64' --name 'Red Hat OpenShift Enterprise 3.2 (RPMs)'
358 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat OpenShift Container Platform'  --name  'Red Hat OpenShift Enterprise 3.2 RPMs x86_64' 2>/dev/null
359 |         # 564P, 832M, 12 min
360 |         wget https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7Server
361 |         hammer gpg create --organization "$ORG" --name 'GPG-EPEL7' --key RPM-GPG-KEY-EPEL-7Server
362 |         hammer product create --name='EPEL' --organization "$ORG"
363 |         hammer repository create  --organization "$ORG" --name='EPEL 7 - x86_64' --product='EPEL' --gpg-key='GPG-EPEL7' --content-type='yum' --publish-via-http=true --url=http://mirror.de.leaseweb.net/epel/7/x86_64/ --download-policy on_demand
364 |         time hammer repository synchronize --organization "$ORG" --product 'EPEL'  --name  'EPEL 7 - x86_64' 2>/dev/null
365 |         # 10393P, 10.8G, 200 min
366 | 
367 | 
368 |         if [ $RHEL6_CONTENT = 'true' ]; then
369 |             hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --name 'Red Hat Enterprise Linux 6 Server - Extras (RPMs)'    
370 |             time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 6 Server - Extras RPMs x86_64' 2>/dev/null
371 |             hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='6Server' --name 'Red Hat Enterprise Linux 6 Server - Optional (RPMs)'    
372 |             time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 6 Server - Optional RPMs x86_64 6Server' 2>/dev/null
373 |             # 10135P, 19.3G, 180 min
374 |             hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='6Server' --name 'Red Hat Enterprise Linux 6 Server - Supplementary (RPMs)'    
375 |             time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 6 Server - Supplementary RPMs x86_64 6Server' 2>/dev/null
376 |             # 297P, 4.2G, 12 min
377 |             hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='6Server' --name 'Red Hat Enterprise Linux 6 Server - RH Common (RPMs)'    
378 |             time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Enterprise Linux 6 Server - RH Common RPMs x86_64 6Server' 2>/dev/null
379 |         fi
380 |         date
381 |         df -h
382 |     fi
383 |     if [ $EXT_CONTENT = 'true' ]; then
384 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Ceph Storage Tools 1.3 for Red Hat Enterprise Linux 7 Server (RPMs)'
385 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Ceph Storage Tools 1.3 for Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server' 2>/dev/null
386 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Storage Native Client for RHEL 7 (RPMs)'
387 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat Storage Native Client for RHEL 7 RPMs x86_64 7Server' 2>/dev/null
388 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Ceph Storage' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Ceph Storage Installer 1.3 for Red Hat Enterprise Linux 7 Server (RPMs)'
389 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Ceph Storage'  --name  'Red Hat Ceph Storage Installer 1.3 for Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server' 2>/dev/null
390 | 
391 | 
392 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat OpenStack' --basearch='x86_64' --releasever='7Server' --name 'Red Hat OpenStack Platform 8 Operational Tools for RHEL 7 (RPMs)'
393 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat OpenStack'  --name  'Red Hat OpenStack Platform 8 Operational Tools for RHEL 7 RPMs x86_64 7Server' 2>/dev/null
394 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat OpenStack' --basearch='x86_64' --releasever='7Server' --name 'Red Hat OpenStack Platform 8 director for RHEL 7 (RPMs)'
395 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat OpenStack'  --name  'Red Hat OpenStack Platform 8 director for RHEL 7 RPMs x86_64 7Server' 2>/dev/null
396 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat OpenStack' --basearch='x86_64' --releasever='7Server' --name 'Red Hat OpenStack Platform 8 for RHEL 7 (RPMs)'
397 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat OpenStack'  --name  'Red Hat OpenStack Platform 8 for RHEL 7 RPMs x86_64 7Server' 2>/dev/null
398 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat OpenStack Tools 7.0 for Red Hat Enterprise Linux 7 Server (RPMs)'
399 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Server'  --name  'Red Hat OpenStack Tools 7.0 for Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server' 2>/dev/null
400 | 
401 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Virtualization' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Enterprise Virtualization Hypervisor 7 (RPMs)'
402 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Virtualization'  --name  'Red Hat Enterprise Virtualization Hypervisor 7 RPMs x86_64 7Server' 2>/dev/null
403 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Virtualization' --basearch='x86_64' --name 'Red Hat Enterprise Virtualization Manager 3.6 (RPMs)'
404 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Virtualization'  --name  'Red Hat Enterprise Virtualization Manager 3.6 RPMs x86_64' 2>/dev/null
405 | 
406 |         hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Linux Atomic Host' --basearch='x86_64' --name 'Red Hat Enterprise Linux Atomic Host (RPMs)'
407 |         time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Linux Atomic Host'  --name  'Red Hat Enterprise Linux Atomic Host RPMs x86_64' 2>/dev/null
408 | 
409 |         # hammer repository-set enable --organization "$ORG" --product 'Red Hat Virtualization Host' --basearch='x86_64' --name 'Red Hat Virtualization Host 7 (RPMs)'
410 |         # time hammer repository synchronize --organization "$ORG" --product 'Red Hat Virtualization Host'  --name  'Red Hat Virtualization Host 7 RPMs x86_64' 2>/dev/null
411 |         # hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Virtualization' --basearch='x86_64' --name 'Red Hat Virtualization Manager 4.0 (RHEL 7 Server) (RPMs)'
412 |         # time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Virtualization'  --name  'Red Hat Virtualization Manager 4.0 RHEL 7 Server RPMs x86_64' 2>/dev/null
413 |         # hammer repository-set enable --organization "$ORG" --product 'Red Hat Enterprise Virtualization' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Virtualization 4 Management Agents for RHEL 7 (RPMs)'
414 |         # time hammer repository synchronize --organization "$ORG" --product 'Red Hat Enterprise Virtualization'  --name  'Red Hat Virtualization 4 Management Agents for RHEL 7 RPMs x86_64 7Server' 2>/dev/null
415 |         # hammer repository-set enable --organization "$ORG" --product '' --basearch='x86_64' --releasever='7Server' --name ''
416 |         # time hammer repository synchronize --organization "$ORG" --product ''  --name  '' 2>/dev/null
417 | 
418 |         if [ $RHEL6_CONTENT = 'true' ]; then
419 |             hammer repository-set enable --organization "$ORG" --product 'JBoss Enterprise Application Platform' --basearch='x86_64' --releasever='7Server' --name 'JBoss Enterprise Application Platform 6 (RHEL 7 Server) (RPMs)'
420 |             time hammer repository synchronize --organization "$ORG" --product 'JBoss Enterprise Application Platform'  --name  'JBoss Enterprise Application Platform 6 RHEL 7 Server RPMs x86_64 7Server' 2>/dev/null
421 |         fi
422 |         date
423 |         df -h
424 |     fi
425 |     if [ $CUST_CONTENT = 'true' ]; then
426 |         hammer product create --name="$ORG" --organization "$ORG"
427 |         hammer repository create  --organization "$ORG" --name='Puppet Modules' --product="$ORG" --content-type='puppet' --publish-via-http=true --url=http://sol.lunetix.org/repos/puppet-modules/
428 |         time hammer repository synchronize --organization "$ORG" --product="$ORG"  --name='Puppet Modules' 2>/dev/null
429 |         hammer repository create  --organization "$ORG" --name='Packages' --product="$ORG" --content-type='yum' --publish-via-http=true --url=http://sol.lunetix.org/repos/LunetIX-packages/ --download-policy immediate
430 |         time hammer repository synchronize --organization "$ORG" --product="$ORG"  --name='Packages' 2>/dev/null
431 |         wget http://pkg.jenkins.io/redhat/jenkins.io.key
432 |         hammer gpg create --organization "$ORG" --name GPG-JENKINS --key jenkins.io.key
433 |         hammer repository create  --organization "$ORG" --name='Jenkins' --product="$ORG" --gpg-key='GPG-JENKINS' --content-type='yum' --publish-via-http=true --url=http://sol.lunetix.org/repos/Jenkins-packages/ --download-policy immediate
434 |         time hammer repository synchronize --organization "$ORG" --product="$ORG"  --name='Jenkins' 2>/dev/null
435 |         hammer product create --name='Maven' --organization "$ORG"
436 |         hammer repository create  --organization "$ORG" --name='Maven 7Server' --product='Maven' --content-type='yum' --publish-via-http=true --url=https://repos.fedorapeople.org/repos/dchen/apache-maven/epel-7Server/x86_64/ --download-policy immediate
437 |         time hammer repository synchronize --organization "$ORG" --product='Maven'  --name='Maven 7Server' 2>/dev/null
438 |         wget http://packages.icinga.org/icinga.key
439 |         hammer gpg create --organization "$ORG" --name GPG-ICINGA --key icinga.key
440 |         hammer product create --name='Icinga' --organization "$ORG"
441 |         hammer repository create  --organization "$ORG" --name='Icinga 7Server' --product='Icinga' --content-type='yum' --gpg-key='GPG-ICINGA' --publish-via-http=true --url=http://packages.icinga.org/epel/7Server/release --download-policy immediate
442 |         time hammer repository synchronize --organization "$ORG" --product='Icinga'  --name='Icinga 7Server' 2>/dev/null
443 |         date
444 |         df -h
445 |     fi
446 | fi
447 | # END content sync
448 | 
449 | # BEGIN environment setup
450 | if [ $STAGE -le 4 ]; then
451 |     hammer lifecycle-environment create --organization "$ORG" --description 'Development' --name 'Development' --label development --prior Library
452 |     hammer lifecycle-environment create --organization "$ORG" --description 'Test' --name 'Test' --label test --prior 'Development'
453 |     hammer lifecycle-environment create --organization "$ORG" --description 'Production' --name 'Production' --label production --prior 'Test'
454 | 
455 | 
456 |     if [ $CONFIGURE_LIBVIRT_RESOURCE = 'true' ]; then
457 |         hammer compute-resource create --organizations "$ORG" --name "$LIBVIRT_RES_NAME" --locations "$LOC" --provider Libvirt --url qemu+ssh://root@${LIBVIRT_RES_FQDN}/system --set-console-password false
458 |     fi
459 | 
460 |     if [ $CONFIGURE_RHEV_RESOURCE = 'true' ]; then
461 |         hammer compute-resource create --name "${RHV_RES_NAME}" --provider "Ovirt" --description "RHV4 Managment Server" --url "https://${RHV_RES_FQDN}/ovirt-engine/api/v3" --user "${RHV_RES_USER}" --password "${RHV_RES_PASSWD}" --locations "$LOC" --organizations "$ORG" --uuid "${RHV_RES_UUID}"
462 |         if [ $RHV_VERSION_4 = 'true' ]; then
463 |             read -p "
464 | 
465 | Manual action required!
466 | 
467 |     To proceed, you need to manually add the ca.crt for the RHV compute resource.
468 |     
469 |     Download the RHV rhvm.crt with
470 |     curl -o rhvm.crt http://${RHV_RES_FQDN}/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA
471 |     
472 |     Log into your Satellite-6.2 as admin and go to Infrastructure->Compute Resources.
473 |     Paste the content of the downloaded rhvm.crt into the X509 Certification Authorities field.
474 | 
475 | 
476 |     Hit Enter after the certificate is stored." answer
477 |         fi
478 |     fi
479 | 
480 |     hammer domain update --id 1 --organizations "$ORG" --locations "$LOC"
481 | 
482 |     hammer subnet create --name $SUBNET_NAME \
483 |       --network $SUBNET \
484 |       --mask $SUBNET_MASK \
485 |       --gateway $DHCP_GW \
486 |       --dns-primary $DHCP_DNS \
487 |       --from $SUBNET_IPAM_BEGIN \
488 |       --to $SUBNET_IPAM_END \
489 |       --tftp-id 1 \
490 |       --dhcp-id 1 \
491 |       --dns-id 1 \
492 |       --domain-ids 1 \
493 |       --organizations "$ORG" \
494 |       --locations "$LOC"
495 | 
496 | 
497 |     cat >kickstart-docker <<EOF
498 | <%#
499 | kind: ptable
500 | name: Kickstart Docker
501 | oses:
502 | - CentOS 5
503 | - CentOS 6
504 | - CentOS 7
505 | - Fedora 16
506 | - Fedora 17
507 | - Fedora 18
508 | - Fedora 19
509 | - Fedora 20
510 | - RedHat 5
511 | - RedHat 6
512 | - RedHat 7
513 | %>
514 | zerombr
515 | clearpart --all --initlabel
516 | 
517 | part  /boot     --asprimary  --size=1024
518 | part  swap                             --size=1024
519 | part  pv.01     --asprimary  --size=12000 --grow
520 | 
521 | volgroup dockerhost pv.01
522 | logvol / --vgname=dockerhost --size=9000 --name=rootvol
523 | EOF
524 |     hammer partition-table create  --file=kickstart-docker --name='Kickstart Docker' --os-family='Redhat' --organizations="$ORG" --locations="$LOC"
525 |     hammer os update --title 'RedHat 7.3' --partition-tables='Kickstart default','Kickstart Docker'
526 |     hammer os update --title 'Red Hat Enterprise Linux Atomic Host 7.3' --partition-tables='Kickstart default','Kickstart Docker'
527 | fi
528 | # END environment setup
529 | 
530 | # BEGIN content view setup
531 | if [ $STAGE -le 5 ]; then
532 |     date
533 |     hammer content-view create --organization "$ORG" --name 'RHEL7_Base' --label rhel7_base --description 'Core Build for RHEL 7'
534 |     hammer content-view add-repository --organization "$ORG" --name 'RHEL7_Base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
535 |     hammer content-view add-repository --organization "$ORG" --name 'RHEL7_Base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
536 |     hammer content-view puppet-module add --organization "$ORG" --content-view RHEL7_Base --author puppetlabs --name stdlib
537 |     hammer content-view puppet-module add --organization "$ORG" --content-view RHEL7_Base --author puppetlabs --name concat
538 |     hammer content-view puppet-module add --organization "$ORG" --content-view RHEL7_Base --author puppetlabs --name ntp
539 |     hammer content-view puppet-module add --organization "$ORG" --content-view RHEL7_Base --author saz --name ssh
540 |     time hammer content-view publish --organization "$ORG" --name RHEL7_Base --description 'Initial Publishing' 2>/dev/null
541 |     time hammer content-view version promote --organization "$ORG" --content-view RHEL7_Base --to-lifecycle-environment Development  2>/dev/null
542 | 
543 |     hammer content-view create --organization "$ORG" --name 'inf-ipa-rhel7' --label inf-ipa-rhel7 --description ''
544 |     hammer content-view add-repository --organization "$ORG" --name 'inf-ipa-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
545 |     hammer content-view add-repository --organization "$ORG" --name 'inf-ipa-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
546 |     hammer content-view add-repository --organization "$ORG" --name 'inf-ipa-rhel7' --product 'Red Hat Software Collections for RHEL Server' --repository 'Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server'
547 |     hammer content-view add-repository --organization "$ORG" --name 'inf-ipa-rhel7' --product 'EPEL' --repository 'EPEL 7 - x86_64'
548 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-ipa-rhel7 --author puppetlabs --name stdlib
549 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-ipa-rhel7 --author puppetlabs --name concat
550 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-ipa-rhel7 --author puppetlabs --name ntp
551 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-ipa-rhel7 --author saz --name ssh
552 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-ipa-rhel7 --author example42 --name puppi
553 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-ipa-rhel7 --author example42 --name monitor
554 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-ipa-rhel7 --author netmanagers --name fail2ban
555 |     time hammer content-view publish --organization "$ORG" --name inf-ipa-rhel7 --description 'Initial Publishing' 2>/dev/null
556 |     time hammer content-view version promote --organization "$ORG" --content-view inf-ipa-rhel7 --to-lifecycle-environment Development  2>/dev/null
557 | 
558 |     hammer content-view create --organization "$ORG" --name 'inf-hypervisor-rhel7' --label inf-hypervisor-rhel7 --description ''
559 |     hammer content-view add-repository --organization "$ORG" --name 'inf-hypervisor-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
560 |     hammer content-view add-repository --organization "$ORG" --name 'inf-hypervisor-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
561 |     hammer content-view add-repository --organization "$ORG" --name 'inf-hypervisor-rhel7' --product 'Red Hat Enterprise Virtualization' --repository 'Red Hat Enterprise Virtualization Management Agents for RHEL 7 RPMs x86_64 7Server'
562 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-hypervisor-rhel7 --author puppetlabs --name stdlib
563 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-hypervisor-rhel7 --author puppetlabs --name concat
564 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-hypervisor-rhel7 --author puppetlabs --name ntp
565 |     time hammer content-view publish --organization "$ORG" --name inf-hypervisor-rhel7 --description 'Initial Publishing' 2>/dev/null
566 |     time hammer content-view version promote --organization "$ORG" --content-view inf-hypervisor-rhel7 --to-lifecycle-environment Development  2>/dev/null
567 | 
568 |     hammer content-view create --organization "$ORG" --name 'inf-builder-rhel7' --label inf-builder-rhel7 --description ''
569 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
570 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
571 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'Red Hat Software Collections for RHEL Server' --repository 'Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server'
572 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server - Supplementary RPMs x86_64 7Server'
573 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server - RH Common RPMs x86_64 7Server'
574 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server - Optional RPMs x86_64 7Server'
575 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64'
576 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'JBoss Enterprise Application Platform' --repository 'JBoss Enterprise Application Platform 7 RHEL 7 Server RPMs x86_64 7Server'
577 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'Maven' --repository 'Maven 7Server'
578 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product 'EPEL' --repository 'EPEL 7 - x86_64'
579 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product "$ORG" --repository "Packages"
580 |     hammer content-view add-repository --organization "$ORG" --name 'inf-builder-rhel7' --product "$ORG" --repository "Jenkins"
581 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author puppetlabs --name stdlib
582 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author puppetlabs --name concat
583 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author puppetlabs --name ntp
584 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author saz --name ssh
585 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author puppetlabs --name postgresql
586 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author puppetlabs --name java
587 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author rtyler --name jenkins
588 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author LunetIX --name git
589 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author LunetIX --name buildhost
590 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-builder-rhel7 --author camptocamp --name archive
591 |     time hammer content-view publish --organization "$ORG" --name inf-builder-rhel7 --description 'Initial Publishing'
592 |     time hammer content-view version promote --organization "$ORG" --content-view inf-builder-rhel7 --to-lifecycle-environment Development
593 | 
594 |     hammer content-view create --organization "$ORG" --name 'inf-oscp-rhel7' --label inf-oscp-rhel7 --description ''
595 |     hammer content-view add-repository --organization "$ORG" --name 'inf-oscp-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
596 |     hammer content-view add-repository --organization "$ORG" --name 'inf-oscp-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
597 |     hammer content-view add-repository --organization "$ORG" --name 'inf-oscp-rhel7' --product 'Red Hat Software Collections for RHEL Server' --repository 'Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server'
598 |     hammer content-view add-repository --organization "$ORG" --name 'inf-oscp-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server - Optional RPMs x86_64 7Server'
599 |     hammer content-view add-repository --organization "$ORG" --name 'inf-oscp-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64'
600 |     hammer content-view add-repository --organization "$ORG" --name 'inf-oscp-rhel7' --product 'Red Hat OpenShift Container Platform' --repository 'Red Hat OpenShift Enterprise 3.2 RPMs x86_64'
601 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-oscp-rhel7 --author puppetlabs --name stdlib
602 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-oscp-rhel7 --author puppetlabs --name concat
603 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-oscp-rhel7 --author puppetlabs --name ntp
604 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-oscp-rhel7 --author saz --name ssh
605 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-oscp-rhel7 --author cristifalcas --name kubernetes
606 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-oscp-rhel7 --author cristifalcas --name etcd
607 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-oscp-rhel7 --author LunetIX --name docker
608 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-oscp-rhel7 --author crayfishx --name firewalld
609 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-oscp-rhel7 --author LunetIX --name oscp
610 |     time hammer content-view publish --organization "$ORG" --name inf-oscp-rhel7 --description 'Initial Publishing'
611 |     time hammer content-view version promote --organization "$ORG" --content-view inf-oscp-rhel7 --to-lifecycle-environment Development
612 | 
613 |     hammer content-view create --organization "$ORG" --name 'inf-docker-rhel7' --label inf-docker-rhel7 --description ''
614 |     hammer content-view add-repository --organization "$ORG" --name 'inf-docker-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
615 |     hammer content-view add-repository --organization "$ORG" --name 'inf-docker-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
616 |     hammer content-view add-repository --organization "$ORG" --name 'inf-docker-rhel7' --product 'Red Hat Software Collections for RHEL Server' --repository 'Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server'
617 |     hammer content-view add-repository --organization "$ORG" --name 'inf-docker-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server - Optional RPMs x86_64 7Server'
618 |     hammer content-view add-repository --organization "$ORG" --name 'inf-docker-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64'
619 |     hammer content-view add-repository --organization "$ORG" --name 'inf-docker-rhel7' --product 'Red Hat OpenShift Container Platform' --repository 'Red Hat OpenShift Enterprise 3.2 RPMs x86_64'
620 |     hammer content-view add-repository --organization "$ORG" --name 'inf-docker-rhel7' --product 'JBoss Enterprise Application Platform' --repository 'JBoss Enterprise Application Platform 7 RHEL 7 Server RPMs x86_64 7Server'
621 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-docker-rhel7 --author puppetlabs --name stdlib
622 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-docker-rhel7 --author puppetlabs --name concat
623 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-docker-rhel7 --author puppetlabs --name ntp
624 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-docker-rhel7 --author saz --name ssh
625 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-docker-rhel7 --author cristifalcas --name kubernetes
626 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-docker-rhel7 --author cristifalcas --name etcd
627 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-docker-rhel7 --author cristifalcas --name docker
628 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-docker-rhel7 --author crayfishx --name firewalld
629 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-docker-rhel7 --author LunetIX --name dockerhost
630 |     time hammer content-view publish --organization "$ORG" --name inf-docker-rhel7 --description 'Initial Publishing'
631 |     time hammer content-view version promote --organization "$ORG" --content-view inf-docker-rhel7 --to-lifecycle-environment Development
632 | 
633 |     hammer content-view create --organization "$ORG" --name 'puppet-fasttrack' --label puppet-fasttrack --description 'Puppet only CV for fast module development workflow'
634 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author puppetlabs --name stdlib
635 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author puppetlabs --name concat
636 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author puppetlabs --name ntp
637 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author saz --name ssh
638 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author puppetlabs --name postgresql
639 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author puppetlabs --name java
640 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author rtyler --name jenkins
641 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author LunetIX --name git
642 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author LunetIX --name buildhost
643 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author camptocamp --name archive
644 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author cristifalcas --name kubernetes
645 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author cristifalcas --name etcd
646 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author LunetIX --name docker
647 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author LunetIX --name oscp
648 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author crayfishx --name firewalld
649 |     hammer content-view puppet-module add --organization "$ORG" --content-view puppet-fasttrack --author LunetIX --name dockerhost
650 |     time hammer content-view publish --organization "$ORG" --name puppet-fasttrack --description 'Initial Publishing'
651 |     time hammer content-view version promote --organization "$ORG" --content-view puppet-fasttrack --to-lifecycle-environment Development
652 | 
653 |     hammer content-view create --organization "$ORG" --name 'inf-git-rhel7' --label inf-git-rhel7 --description ''
654 |     hammer content-view add-repository --organization "$ORG" --name 'inf-git-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
655 |     hammer content-view add-repository --organization "$ORG" --name 'inf-git-rhel7' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
656 |     hammer content-view add-repository --organization "$ORG" --name 'inf-git-rhel7' --product 'Red Hat Software Collections for RHEL Server' --repository 'Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server'
657 |     hammer content-view add-repository --organization "$ORG" --name 'inf-git-rhel7' --product 'EPEL' --repository 'EPEL 7 - x86_64'
658 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-git-rhel7 --author puppetlabs --name stdlib
659 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-git-rhel7 --author puppetlabs --name concat
660 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-git-rhel7 --author puppetlabs --name ntp
661 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-git-rhel7 --author saz --name ssh
662 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-git-rhel7 --author LunetIX --name git
663 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-git-rhel7 --author example42 --name puppi
664 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-git-rhel7 --author example42 --name monitor
665 |     hammer content-view puppet-module add --organization "$ORG" --content-view inf-git-rhel7 --author netmanagers --name fail2ban
666 |     time hammer content-view publish --organization "$ORG" --name inf-git-rhel7 --description 'Initial Publishing'
667 |     time hammer content-view version promote --organization "$ORG" --content-view inf-git-rhel7 --to-lifecycle-environment Development
668 | 
669 |     if [ $RHEL6_CONTENT = 'true' ]; then
670 |         hammer content-view create --organization "$ORG" --name 'RHEL6_Base' --label rhel6_base --description 'Core Build for RHEL 6'
671 |         hammer content-view add-repository --organization "$ORG" --name 'RHEL6_Base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 6 Server RPMs x86_64 6Server'
672 |         hammer content-view add-repository --organization "$ORG" --name 'RHEL6_Base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 6 Server RPMs x86_64'
673 |         hammer content-view puppet-module add --organization "$ORG" --content-view RHEL6_Base --author puppetlabs --name stdlib
674 |         hammer content-view puppet-module add --organization "$ORG" --content-view RHEL6_Base --author puppetlabs --name concat
675 |         hammer content-view puppet-module add --organization "$ORG" --content-view RHEL6_Base --author puppetlabs --name ntp
676 |         hammer content-view puppet-module add --organization "$ORG" --content-view RHEL6_Base --author saz --name ssh
677 |         time hammer content-view publish --organization "$ORG" --name RHEL6_Base --description 'Initial Publishing' 2>/dev/null
678 |         time hammer content-view version promote --organization "$ORG" --content-view RHEL6_Base --to-lifecycle-environment Development  2>/dev/null
679 |     fi
680 | 
681 | 
682 |     # hammer content-view create --organization "$ORG" --name 'CV' --label CV --description ''
683 |     # hammer content-view add-repository --organization "$ORG" --name 'CV' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
684 |     # hammer content-view add-repository --organization "$ORG" --name 'CV' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
685 |     # hammer content-view puppet-module add --organization "$ORG" --content-view CV --author puppetlabs --name stdlib
686 |     # hammer content-view puppet-module add --organization "$ORG" --content-view CV --author puppetlabs --name concat
687 |     # hammer content-view puppet-module add --organization "$ORG" --content-view CV --author puppetlabs --name ntp
688 |     # hammer content-view puppet-module add --organization "$ORG" --content-view CV --author saz --name ssh
689 |     # time hammer content-view publish --organization "$ORG" --name CV --description 'Initial Publishing' 2>/dev/null
690 |     # time hammer content-view version promote --organization "$ORG" --content-view CV --to-lifecycle-environment Development  2>/dev/null
691 |     
692 | # it appears that Satellite-6 requires a reindex to get all custom products visible: BZ #1362194
693 | katello-service restart
694 | foreman-rake katello:reindex
695 | fi
696 | # END content view setup
697 | 
698 | # BEGIN activation key and hostgroup setup
699 | if [ $STAGE -le 6 ]; then
700 |     PuppetForge_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Puppet Forge' | tail -n+2 | head -n1 | cut -d',' -f1)
701 |     EPEL_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='EPEL' | tail -n+2 | head -n1 | cut -d',' -f1)
702 |     ORG_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search="$ORG" | tail -n+2 | head -n1 | cut -d',' -f1)
703 |     Maven_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Maven' | tail -n+2 | head -n1 | cut -d',' -f1)
704 |     JBoss_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Red Hat JBoss Enterprise Application Platform, 16-Core Premium' | tail -n+2 | head -n1 | cut -d',' -f1)
705 |     RHEV_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Red Hat Enterprise Virtualization (2-sockets), Standard' | tail -n+2 | head -n1 | cut -d',' -f1)
706 |     OSCP_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='OpenShift Enterprise, Premium (1-2 Sockets)' | tail -n+2 | head -n1 | cut -d',' -f1)
707 |     RHEL_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Red Hat Enterprise Linux Server with Smart Management, Standard (Physical or Virtual Nodes)' | grep -v 'ATOM\|Resilient\|Hyperscale' | tail -n+2 | head -n1 | cut -d',' -f1)
708 | 
709 |     hammer activation-key create --organization="$ORG" --name='RHEL7_Base' --unlimited-hosts --lifecycle-environment='Development' --content-view='RHEL7_Base'
710 |     hammer activation-key add-subscription --organization="$ORG" --name='RHEL7_Base' --subscription-id="$PuppetForge_Sub_ID" 
711 |     hammer activation-key add-subscription --organization="$ORG" --name='RHEL7_Base' --subscription-id="$RHEL_Sub_ID" 
712 |     hammer activation-key content-override --organization="$ORG" --name='RHEL7_Base' --content-label='rhel-7-server-satellite-tools-6.2-rpms' --value=1
713 |     hammer activation-key update --organization="$ORG" --name='RHEL7_Base' --release-version='7Server' --service-level='Standard' --auto-attach=0
714 |     hammer hostgroup create --organization="$ORG" --organizations="$ORG" --locations="$LOC" \
715 |       --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
716 |       --domain="$DOMAIN" --realm="$REALM" --subnet="$SUBNET_NAME" \
717 |       --medium='LunetIX/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_3' \
718 |       --lifecycle-environment='Development' --operatingsystem='RedHat 7.3' --partition-table='Kickstart default' \
719 |       --root-pass="$HOST_PASSWORD" --puppet-classes='ssh::server,ntp'  --content-view='RHEL7_Base' \
720 |       --environment='KT_LunetIX_development_rhel7_base_2' --name='RHEL7_Base'
721 |     hammer hostgroup set-parameter --hostgroup='RHEL7_Base' --name='kt_activation_keys' --value='RHEL7_Base'
722 | 
723 |     hammer activation-key create --organization="$ORG" --name='inf-builder-rhel7' --unlimited-hosts --lifecycle-environment='Development' --content-view='inf-builder-rhel7'
724 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-builder-rhel7' --subscription-id="$PuppetForge_Sub_ID" 
725 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-builder-rhel7' --subscription-id="$RHEL_Sub_ID" 
726 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-builder-rhel7' --subscription-id="$ORG_Sub_ID" 
727 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-builder-rhel7' --subscription-id="$EPEL_Sub_ID" 
728 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-builder-rhel7' --subscription-id="$Maven_Sub_ID" 
729 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-builder-rhel7' --subscription-id="$JBoss_Sub_ID" 
730 |     hammer activation-key content-override --organization="$ORG" --name='inf-builder-rhel7' --content-label='rhel-7-server-satellite-tools-6.2-rpms' --value=1
731 |     hammer activation-key content-override --organization="$ORG" --name='inf-builder-rhel7' --content-label='rhel-server-rhscl-7-rpms' --value=1
732 |     hammer activation-key content-override --organization="$ORG" --name='inf-builder-rhel7' --content-label='rhel-7-server-optional-rpms' --value=1
733 |     hammer activation-key content-override --organization="$ORG" --name='inf-builder-rhel7' --content-label='rhel-7-server-supplementary-rpms' --value=1
734 |     hammer activation-key content-override --organization="$ORG" --name='inf-builder-rhel7' --content-label='rhel-7-server-rh-common-rpms' --value=1
735 |     hammer activation-key content-override --organization="$ORG" --name='inf-builder-rhel7' --content-label='jb-eap-7-for-rhel-7-server-rpms' --value=1
736 |     hammer activation-key update --organization="$ORG" --name='inf-builder-rhel7' --release-version='7Server' --service-level='Standard' --auto-attach=0
737 |     environment=$(hammer --output=csv environment list --search='development_inf_builder_rhel7' --puppet-class='stdlib' | tail -n+2 | head -n1 | cut -d',' -f2)
738 |     hammer hostgroup create --organization="$ORG" --organizations="$ORG" --locations="$LOC" \
739 |       --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
740 |       --domain="$DOMAIN" --realm="$REALM" --subnet="$SUBNET_NAME" \
741 |       --medium='LunetIX/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_3' \
742 |       --lifecycle-environment='Development' --operatingsystem='RedHat 7.3' --partition-table='Kickstart default' \
743 |       --root-pass="$HOST_PASSWORD" --puppet-classes='ssh::server,ntp,buildhost'  --content-view='inf-builder-rhel7' \
744 |       --environment="$environment" --name='inf-builder-rhel7'
745 |     hammer hostgroup set-parameter --hostgroup='inf-builder-rhel7' --name='kt_activation_keys' --value='inf-builder-rhel7'
746 | 
747 |     hammer activation-key create --organization="$ORG" --name='inf-hypervisor-rhel7' --unlimited-hosts --lifecycle-environment='Development' --content-view='inf-hypervisor-rhel7'
748 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-hypervisor-rhel7' --subscription-id="$PuppetForge_Sub_ID" 
749 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-hypervisor-rhel7' --subscription-id="$RHEV_Sub_ID" 
750 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-hypervisor-rhel7' --subscription-id="$RHEL_Sub_ID" 
751 |     hammer activation-key content-override --organization="$ORG" --name='inf-hypervisor-rhel7' --content-label='rhel-7-server-satellite-tools-6.2-rpms' --value=1
752 |     hammer activation-key content-override --organization="$ORG" --name='inf-hypervisor-rhel7' --content-label='rhel-server-rhscl-7-rpms' --value=1
753 |     hammer activation-key content-override --organization="$ORG" --name='inf-hypervisor-rhel7' --content-label='rhel-7-server-rhev-mgmt-agent-rpms' --value=1
754 |     hammer activation-key update --organization="$ORG" --name='inf-hypervisor-rhel7' --release-version='7Server' --service-level='Standard' --auto-attach=0
755 |     environment=$(hammer --output=csv environment list --search='development_inf_hypervisor_rhel7' --puppet-class='stdlib' | tail -n+2 | head -n1 | cut -d',' -f2)
756 |     hammer hostgroup create --organization="$ORG" --organizations="$ORG" --locations="$LOC" \
757 |       --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
758 |       --domain="$DOMAIN" --realm="$REALM" --subnet="$SUBNET_NAME" \
759 |       --medium='LunetIX/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_3' \
760 |       --lifecycle-environment='Development' --operatingsystem='RedHat 7.3' --partition-table='Kickstart default' \
761 |       --root-pass="$HOST_PASSWORD" --puppet-classes='ssh::server,ntp'  --content-view='inf-hypervisor-rhel7' \
762 |       --environment="$environment" --name='inf-hypervisor-rhel7'
763 |     hammer hostgroup set-parameter --hostgroup='inf-hypervisor-rhel7' --name='kt_activation_keys' --value='inf-hypervisor-rhel7'
764 | 
765 |     hammer activation-key create --organization="$ORG" --name='inf-git-rhel7' --unlimited-hosts --lifecycle-environment='Development' --content-view='inf-git-rhel7'
766 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-git-rhel7' --subscription-id="$PuppetForge_Sub_ID" 
767 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-git-rhel7' --subscription-id="$RHEL_Sub_ID" 
768 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-git-rhel7' --subscription-id="$ORG_Sub_ID" 
769 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-git-rhel7' --subscription-id="$EPEL_Sub_ID" 
770 |     hammer activation-key content-override --organization="$ORG" --name='inf-git-rhel7' --content-label='rhel-7-server-satellite-tools-6.2-rpms' --value=1
771 |     hammer activation-key content-override --organization="$ORG" --name='inf-git-rhel7' --content-label='rhel-server-rhscl-7-rpms' --value=1
772 |     hammer activation-key update --organization="$ORG" --name='inf-git-rhel7' --release-version='7Server' --service-level='Standard' --auto-attach=0
773 |     environment=$(hammer --output=csv environment list --search='development_inf_git_rhel7' --puppet-class='stdlib' | tail -n+2 | head -n1 | cut -d',' -f2)
774 |     hammer hostgroup create --organization="$ORG" --organizations="$ORG" --locations="$LOC" \
775 |       --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
776 |       --domain="$DOMAIN" --realm="$REALM" --subnet="$SUBNET_NAME" \
777 |       --medium='LunetIX/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_3' \
778 |       --lifecycle-environment='Development' --operatingsystem='RedHat 7.3' --partition-table='Kickstart default' \
779 |       --root-pass="$HOST_PASSWORD" --puppet-classes='ssh::server,ntp,git::server'  --content-view='inf-git-rhel7' \
780 |       --environment="$environment" --name='inf-git-rhel7'
781 |     hammer hostgroup set-parameter --hostgroup='inf-git-rhel7' --name='kt_activation_keys' --value='inf-git-rhel7'
782 | 
783 |     hammer activation-key create --organization="$ORG" --name='inf-docker-rhel7' --unlimited-hosts --lifecycle-environment='Development' --content-view='inf-docker-rhel7'
784 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-docker-rhel7' --subscription-id="$PuppetForge_Sub_ID" 
785 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-docker-rhel7' --subscription-id="$RHEL_Sub_ID" 
786 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-docker-rhel7' --subscription-id="$ORG_Sub_ID" 
787 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-docker-rhel7' --subscription-id="$EPEL_Sub_ID" 
788 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-docker-rhel7' --subscription-id="$JBoss_Sub_ID" 
789 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-docker-rhel7' --subscription-id="$OSCP_Sub_ID" 
790 |     hammer activation-key content-override --organization="$ORG" --name='inf-docker-rhel7' --content-label='rhel-7-server-satellite-tools-6.2-rpms' --value=1
791 |     hammer activation-key content-override --organization="$ORG" --name='inf-docker-rhel7' --content-label='rhel-server-rhscl-7-rpms' --value=1
792 |     hammer activation-key content-override --organization="$ORG" --name='inf-docker-rhel7' --content-label='rhel-7-server-optional-rpms' --value=1
793 |     hammer activation-key content-override --organization="$ORG" --name='inf-docker-rhel7' --content-label='rhel-7-server-extras-rpms' --value=1
794 |     hammer activation-key content-override --organization="$ORG" --name='inf-docker-rhel7' --content-label='rhel-7-server-supplementary-rpms' --value=1
795 |     hammer activation-key content-override --organization="$ORG" --name='inf-docker-rhel7' --content-label='rhel-7-server-rh-common-rpms' --value=1
796 |     hammer activation-key content-override --organization="$ORG" --name='inf-docker-rhel7' --content-label='jb-eap-7-for-rhel-7-server-rpms' --value=1
797 |     hammer activation-key content-override --organization="$ORG" --name='inf-docker-rhel7' --content-label='rhel-7-server-ose-3.2-rpms' --value=1
798 |     hammer activation-key update --organization="$ORG" --name='inf-docker-rhel7' --release-version='7Server' --service-level='Standard' --auto-attach=0
799 |     environment=$(hammer --output=csv environment list --search='development_inf_docker_rhel7' --puppet-class='stdlib' | tail -n+2 | head -n1 | cut -d',' -f2)
800 |     hammer hostgroup create --organization="$ORG" --organizations="$ORG" --locations="$LOC" \
801 |       --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
802 |       --domain="$DOMAIN" --realm="$REALM" --subnet="$SUBNET_NAME" \
803 |       --medium='LunetIX/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_3' \
804 |       --lifecycle-environment='Development' --operatingsystem='RedHat 7.3' --partition-table='Kickstart default' \
805 |       --root-pass="$HOST_PASSWORD" --puppet-classes='ssh::server,ntp,dockerhost'  --content-view='inf-docker-rhel7' \
806 |       --environment="$environment" --name='inf-docker-rhel7'
807 |     hammer hostgroup set-parameter --hostgroup='inf-docker-rhel7' --name='kt_activation_keys' --value='inf-docker-rhel7'
808 | 
809 |     hammer activation-key create --organization="$ORG" --name='inf-oscp-rhel7' --unlimited-hosts --lifecycle-environment='Development' --content-view='inf-oscp-rhel7'
810 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-oscp-rhel7' --subscription-id="$PuppetForge_Sub_ID" 
811 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-oscp-rhel7' --subscription-id="$RHEL_Sub_ID" 
812 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-oscp-rhel7' --subscription-id="$ORG_Sub_ID" 
813 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-oscp-rhel7' --subscription-id="$EPEL_Sub_ID" 
814 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-oscp-rhel7' --subscription-id="$JBoss_Sub_ID" 
815 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-oscp-rhel7' --subscription-id="$OSCP_Sub_ID" 
816 |     hammer activation-key content-override --organization="$ORG" --name='inf-oscp-rhel7' --content-label='rhel-7-server-satellite-tools-6.2-rpms' --value=1
817 |     hammer activation-key content-override --organization="$ORG" --name='inf-oscp-rhel7' --content-label='rhel-server-rhscl-7-rpms' --value=1
818 |     hammer activation-key content-override --organization="$ORG" --name='inf-oscp-rhel7' --content-label='rhel-7-server-optional-rpms' --value=1
819 |     hammer activation-key content-override --organization="$ORG" --name='inf-oscp-rhel7' --content-label='rhel-7-server-extras-rpms' --value=1
820 |     hammer activation-key content-override --organization="$ORG" --name='inf-oscp-rhel7' --content-label='rhel-7-server-supplementary-rpms' --value=1
821 |     hammer activation-key content-override --organization="$ORG" --name='inf-oscp-rhel7' --content-label='rhel-7-server-rh-common-rpms' --value=1
822 |     hammer activation-key content-override --organization="$ORG" --name='inf-oscp-rhel7' --content-label='jb-eap-7-for-rhel-7-server-rpms' --value=1
823 |     hammer activation-key content-override --organization="$ORG" --name='inf-oscp-rhel7' --content-label='rhel-7-server-ose-3.2-rpms' --value=1
824 |     hammer activation-key update --organization="$ORG" --name='inf-oscp-rhel7' --release-version='7Server' --service-level='Standard' --auto-attach=0
825 |     environment=$(hammer --output=csv environment list --search='development_inf_oscp' --puppet-class='stdlib' | tail -n+2 | head -n1 | cut -d',' -f2)
826 |     hammer hostgroup create --organization="$ORG" --organizations="$ORG" --locations="$LOC" \
827 |       --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
828 |       --domain="$DOMAIN" --realm="$REALM" --subnet="$SUBNET_NAME" \
829 |       --medium='LunetIX/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_3' \
830 |       --lifecycle-environment='Development' --operatingsystem='RedHat 7.3' --partition-table='Kickstart default' \
831 |       --root-pass="$HOST_PASSWORD" --puppet-classes='ssh::server,ntp,oscp'  --content-view='inf-oscp-rhel7' \
832 |       --environment="$environment" --name='inf-oscp-rhel7'
833 |     hammer hostgroup set-parameter --hostgroup='inf-oscp-rhel7' --name='kt_activation_keys' --value='inf-oscp-rhel7'
834 | 
835 |     hammer activation-key create --organization="$ORG" --name='inf-ipa-rhel7' --unlimited-hosts --lifecycle-environment='Development' --content-view='inf-ipa-rhel7'
836 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-ipa-rhel7' --subscription-id="$PuppetForge_Sub_ID" 
837 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-ipa-rhel7' --subscription-id="$RHEL_Sub_ID" 
838 |     hammer activation-key add-subscription --organization="$ORG" --name='inf-ipa-rhel7' --subscription-id="$EPEL_Sub_ID" 
839 |     hammer activation-key content-override --organization="$ORG" --name='inf-ipa-rhel7' --content-label='rhel-7-server-satellite-tools-6.2-rpms' --value=1
840 |     hammer activation-key content-override --organization="$ORG" --name='inf-ipa-rhel7' --content-label='rhel-server-rhscl-7-rpms' --value=1
841 |     hammer activation-key update --organization="$ORG" --name='inf-ipa-rhel7' --release-version='7Server' --service-level='Standard' --auto-attach=0
842 |     environment=$(hammer --output=csv environment list --search='development_inf_ipa_rhel7' --puppet-class='stdlib' | tail -n+2 | head -n1 | cut -d',' -f2)
843 |     hammer hostgroup create --organization="$ORG" --organizations="$ORG" --locations="$LOC" \
844 |       --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
845 |       --domain="$DOMAIN" --realm="$REALM" --subnet="$SUBNET_NAME" \
846 |       --medium='LunetIX/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_3' \
847 |       --lifecycle-environment='Development' --operatingsystem='RedHat 7.3' --partition-table='Kickstart default' \
848 |       --root-pass="$HOST_PASSWORD" --puppet-classes='ssh::server,ntp'  --content-view='inf-ipa-rhel7' \
849 |       --partition-table='Kickstart Docker' --environment="$environment" --name='inf-ipa-rhel7'
850 |     hammer hostgroup set-parameter --hostgroup='inf-ipa-rhel7' --name='kt_activation_keys' --value='inf-ipa-rhel7'
851 | 
852 |     if [ $RHEL6_CONTENT = 'true' ]; then
853 |         hammer activation-key create --organization="$ORG" --name='RHEL6_Base' --unlimited-hosts --lifecycle-environment='Development' --content-view='RHEL6_Base'
854 |         hammer activation-key add-subscription --organization="$ORG" --name='RHEL6_Base' --subscription-id="$PuppetForge_Sub_ID" 
855 |         hammer activation-key add-subscription --organization="$ORG" --name='RHEL6_Base' --subscription-id="$RHEL_Sub_ID" 
856 |         hammer activation-key content-override --organization="$ORG" --name='RHEL6_Base' --content-label='rhel-6-server-satellite-tools-6.2-rpms' --value=1
857 |         hammer activation-key update --organization="$ORG" --name='RHEL6_Base' --release-version='6Server' --service-level='Standard' --auto-attach=0
858 |         environment=$(hammer --output=csv environment list --search='development_rhel6_base' --puppet-class='stdlib' | tail -n+2 | head -n1 | cut -d',' -f2)
859 |         hammer hostgroup create --organization="$ORG" --organizations="$ORG" --locations="$LOC" \
860 |           --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
861 |           --domain="$DOMAIN" --realm="$REALM" --subnet="$SUBNET_NAME" \
862 |           --medium='LunetIX/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_6_Server_Kickstart_x86_64_6_8' \
863 |           --lifecycle-environment='Development' --operatingsystem='RedHat 6.8' --partition-table='Kickstart default' \
864 |           --root-pass="$HOST_PASSWORD" --puppet-classes='ssh::server,ntp'  --content-view='RHEL6_Base' \
865 |           --environment="$environment" --name='RHEL6_Base'
866 |         hammer hostgroup set-parameter --hostgroup='RHEL6_Base' --name='kt_activation_keys' --value='RHEL6_Base'
867 |     fi
868 | 
869 | 
870 |     param_id=$(hammer --output=csv sc-param list --puppet-class='ssh::server' --search='options' | tail -n+2 | head -n1 | cut -d',' -f1)
871 |     hammer sc-param update --puppet-class='ssh::server' --override=1 --id=$param_id \
872 |         --default-value='{ "PermitRootLogin": false, "Protocol": 2, "UsePrivilegeSeparation": "sandbox", "SyslogFacility": "AUTHPRIV", "AuthorizedKeysFile": ".ssh/authorized_keys", "PasswordAuthentication": true, "GSSAPICleanupCredentials": false, "KerberosAuthentication": false, "PubkeyAuthentication": true, "GSSAPIAuthentication": true, "AuthorizedKeysCommand": "/usr/bin/sss_ssh_authorizedkeys", "AuthorizedKeysCommandUser": "nobody" }' \
873 |         --override-value-order='operatingsystemmajrelease^Mfqdn^Mhostgroup^Mos^Mdomain'
874 |     hammer sc-param add-override-value --puppet-class='ssh::server' --smart-class-parameter-id=$param_id --match='operatingsystemmajrelease=6' \
875 |         --value='{ "PermitRootLogin": false, "Protocol": 2, "SyslogFacility": "AUTHPRIV", "AuthorizedKeysFile": ".ssh/authorized_keys", "PasswordAuthentication": true, "GSSAPICleanupCredentials": false, "KerberosAuthentication": false, "PubkeyAuthentication": true, "GSSAPIAuthentication": true, "AuthorizedKeysCommand": "/usr/bin/sss_ssh_authorizedkeys" }'
876 | 
877 |     param_id=$(hammer --output=csv sc-param list --puppet-class='buildhost' --search='deploy_demo' | tail -n+2 | head -n1 | cut -d',' -f1)
878 |     hammer sc-param update --puppet-class='buildhost' --override=1 --id=$param_id \
879 |         --default-value='false'
880 |     param_id=$(hammer --output=csv sc-param list --puppet-class='buildhost' --search='ci_git_host' | tail -n+2 | head -n1 | cut -d',' -f1)
881 |     hammer sc-param update --puppet-class='buildhost' --override=1 --id=$param_id \
882 |         --default-value="${HOST_PREFIX}-git.${DOMAIN}"
883 |     param_id=$(hammer --output=csv sc-param list --puppet-class='buildhost' --search='ci_target_env' | tail -n+2 | head -n1 | cut -d',' -f1)
884 |     hammer sc-param update --puppet-class='buildhost' --override=1 --id=$param_id \
885 |         --default-value=2
886 | # fi
887 | # END activation key and hostgroup setup
888 | 
889 |     read -p "
890 | 
891 | Manual action required!
892 | 
893 |     To proceed you need to manually adjust Compute Profiles.
894 |     Log into your Satellite-6.2 as admin and go to Infrastructure->Compute Profiles.
895 |     Go through all profile sizes and make sure the network interfaces are correctly selected for the Satellite subnet.
896 | 
897 |     Hit Enter after all Compute Profiles are set up correctly." answer
898 | 
899 | # Check your kickstart-network-setup snippet and check if you need to adjust for your
900 | # network setup. The following lines may serve as an example:
901 | # sed -ri 's/^PEERDNS=yes/PEERDNS=no/' /etc/sysconfig/network-scripts/ifcfg-eth1
902 | # sed -ri 's/^ONBOOT=no/ONBOOT=yes/' /etc/sysconfig/network-scripts/ifcfg-eth1
903 | # echo "DEFROUTE=no" >>/etc/sysconfig/network-scripts/ifcfg-eth0
904 | # systemctl restart network
905 | 
906 | hammer host create --organization="$ORG" --location="$LOC" --compute-resource="$RHV_RES_NAME" --compute-profile='1-Small' --hostgroup='RHEL7_Base' --name="${HOST_PREFIX}-rhel7std01"
907 | hammer host start --name="${HOST_PREFIX}-rhel7std01.${DOMAIN}"
908 | hammer host create --organization="$ORG" --location="$LOC" --compute-resource="$RHV_RES_NAME" --compute-profile='2-Medium' --hostgroup='inf-git-rhel7' --name="${HOST_PREFIX}-git"
909 | hammer host start --name="${HOST_PREFIX}-git.${DOMAIN}"
910 | fi
911 | hammer host create --organization="$ORG" --location="$LOC" --compute-resource="$RHV_RES_NAME" --compute-profile='2-Medium' --hostgroup='inf-docker-rhel7' --name="${HOST_PREFIX}-docker01"
912 | hammer host start --name="${HOST_PREFIX}-docker01.${DOMAIN}"
913 | hammer host create --organization="$ORG" --location="$LOC" --compute-resource="$RHV_RES_NAME" --compute-profile='3-Large' --hostgroup='inf-builder-rhel7' --name="${HOST_PREFIX}-build01"
914 | hammer host start --name="${HOST_PREFIX}-build01.${DOMAIN}"
915 | 
916 | 


--------------------------------------------------------------------------------
/sat63-ks.cfg:
--------------------------------------------------------------------------------
 1 | # version=DEVEL
 2 | # System authorization information
 3 | auth --enableshadow --passalgo=sha512
 4 | # Use CDROM installation media
 5 | cdrom
 6 | # Use text install
 7 | text
 8 | # Firewall configuration
 9 | firewall --enabled
10 | # Keyboard layouts
11 | keyboard --vckeymap=de --xlayouts='de'
12 | # System language
13 | lang en_US.UTF-8
14 | 
15 | # Network information
16 | network --bootproto=static --device=eth0 --ip=188.138.111.111 --netmask=255.255.255.255 --gateway=85.25.208.173 --nameserver=85.25.159.110 --noipv6 --activate --interfacename=wan
17 | network --bootproto=static --device=eth1 --ip=172.24.200.3 --netmask=255.255.255.0 --nodefroute --noipv6 --onboot=yes --interfacename=sat
18 | network --bootproto=dhcp --device=eth2 --nodefroute --noipv6 --onboot=yes --interfacename=lan
19 | network  --hostname=pu-sat.lunetix.org
20 | 
21 | # Root password
22 | # python -c 'import crypt; print(crypt.crypt("My Password", "$6$_My_PieceOfGrain"))'
23 | rootpw --iscrypted $6$_My_PieceOfGrain$t.LcYtKxv3GrqNyiUOoE8d.SovHvq75z58Q23DRsZJ9qneueKzHSiI05yh3xo.vRlQolA9B27/GDiwABgftug1
24 | # SELinux configuration
25 | selinux --enforcing
26 | # System services
27 | services --enabled="chronyd"
28 | # Do not configure the X Window System
29 | skipx
30 | # System timezone
31 | timezone Europe/Berlin --isUtc --ntpservers=0.rhel.pool.ntp.org,1.rhel.pool.ntp.org,2.rhel.pool.ntp.org
32 | 
33 | # Disk Partitioning
34 | # Ignore all Disks except sda
35 | ignoredisk --only-use=sda
36 | # Partition clearing information
37 | clearpart --none --initlabel
38 | # Clear the Master Boot Record
39 | zerombr
40 | # System bootloader configuration
41 | bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
42 | # Partition clearing information
43 | clearpart --all --initlabel --drives=sda
44 | # Partitioning
45 | part /boot --fstype="xfs" --ondisk=sda --size=1024
46 | part pv.01 --fstype="lvmpv" --ondisk=sda --size=102400
47 | part pv.02 --fstype="lvmpv" --ondisk=sda --size=409600
48 | volgroup vg_sys pv.01
49 | logvol /  --fstype="xfs" --percent=100 --name=root --vgname=vg_sys
50 | volgroup vg_openshift pv.02
51 | 
52 | # Preinstallation Scripts
53 | %pre --logfile /root/ks-pre.log
54 | %end
55 | 
56 | # Postinstallation Scripts
57 | %post --logfile /root/ks-post.log
58 | set -x
59 | subscription-manager register --org=1234567 --activationkey=sat63-31132c12-100d-4f4e-9a0a-24f41b107449
60 | subscription-manager repos --disable="*"
61 | subscription-manager repos \
62 |     --enable=rhel-7-server-rpms \
63 |     --enable=rhel-server-rhscl-7-rpms \
64 |     --enable=rhel-7-server-optional-rpms \
65 |     --enable=rhel-7-server-satellite-6.3-rpms \
66 |     --enable=rhel-7-server-satellite-6.3-puppet4-rpms
67 | yum -y install vim wget git net-tools bind-utils bridge-utils bash-completion kexec-tools sos psacct
68 | yum -y update
69 | mkdir -m0700 /root/.ssh/
70 | cat <<EOF >/root/.ssh/authorized_keys
71 | ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyQ+Ro5u/qzoh2/aPW496ndiM2I3iQGqmwBtqd4Ik9nGIkX7MmQAhzPnkgWYGfx8WJ6GaGBGsY9yDbbDpKYLSqw5MqEqM/8NPlkKA3ejVUpVgmoSOMqevMN/SdFZ3aZ8QMiMtCeyrxOyfHNlY4Idnl/aYogTbP49A5OD1Wa1OAzYZlNXkTtkcTC7tMECyYl2OVOnkVU43ayPP+KfuRmTYxCdd0oLuQebjb04+0cIit8wnDhSprILfkpCfwudYfKymXrKEkMVCI15HFv9JEgP4FZ0hjl2NmokdMvs7ADPTxvzK3VN7KCBaS3JxvJSl4AQhZ1w7zu4NFKvCVcv+AqpS5Q== admin@example.com
72 | EOF
73 | chmod 0600 /root/.ssh/authorized_keys
74 | restorecon -R /root/.ssh/
75 | 
76 | yum -y install rng-tools
77 | systemctl enable --now rngd
78 | 
79 | firewall-cmd --permanent --add-service='RH-Satellite-6' --add-service='dns' --add-service='dhcp' --add-service='tftp' --add-service='http' --add-service='https'
80 | %end
81 | 
82 | # Packages
83 | %packages
84 | @^minimal
85 | @core
86 | chrony
87 | kexec-tools
88 | %end
89 | 


--------------------------------------------------------------------------------
/sat65-bootstrap.sh:
--------------------------------------------------------------------------------
  1 | cat >sat65-ks.cfg <<EOD
  2 | # version=DEVEL
  3 | # System authorization information
  4 | auth --enableshadow --passalgo=sha512
  5 | # Use CDROM installation media
  6 | cdrom
  7 | # Use text install
  8 | text
  9 | # Firewall configuration
 10 | firewall --enabled
 11 | # Keyboard layouts
 12 | keyboard --vckeymap=de --xlayouts='de'
 13 | # System language
 14 | lang en_US.UTF-8
 15 | 
 16 | # Network information
 17 | network --bootproto=static --device=eth0 --ip=10.11.12.13 --netmask=255.255.255.255 --gateway=10.11.12.1 --nameserver=10.11.12.2 --noipv6 --activate --interfacename=wan
 18 | network --bootproto=static --device=eth1 --ip=172.24.100.3 --netmask=255.255.255.0 --nodefroute --noipv6 --onboot=yes --interfacename=sat
 19 | network --bootproto=dhcp --device=eth2 --nodefroute --noipv6 --onboot=yes --interfacename=lan
 20 | network  --hostname=or-sat65.example.com
 21 | 
 22 | # Root password
 23 | # python -c 'import crypt; print(crypt.crypt("My Password", "$6$_My_PieceOfGrain"))'
 24 | rootpw --iscrypted $6$_My_PieceOfGrain$t.LcYtKxv3GrqNyiUOoE8d.SovHvq75z58Q23DRsZJ9qneueKzHSiI05yh3xo.vRlQolA9B27/GDiwABgftug1
 25 | # SELinux configuration
 26 | selinux --enforcing
 27 | # System services
 28 | services --enabled="chronyd"
 29 | # Do not configure the X Window System
 30 | skipx
 31 | # System timezone
 32 | timezone Europe/Berlin --isUtc --ntpservers=0.rhel.pool.ntp.org,1.rhel.pool.ntp.org,2.rhel.pool.ntp.org
 33 | 
 34 | # Disk Partitioning
 35 | # Ignore all Disks except vda
 36 | ignoredisk --only-use=vda
 37 | # Partition clearing information
 38 | clearpart --none --initlabel
 39 | # Clear the Master Boot Record
 40 | zerombr
 41 | # System bootloader configuration
 42 | bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=vda
 43 | # Partition clearing information
 44 | clearpart --all --initlabel --drives=vda
 45 | # Partitioning
 46 | part /boot --fstype="xfs" --ondisk=vda --size=1024
 47 | part pv.01 --fstype="lvmpv" --ondisk=vda --size=20480
 48 | part pv.02 --fstype="lvmpv" --ondisk=vda --size=102400 --grow
 49 | volgroup vg_sys pv.01
 50 | volgroup vg_satellite pv.02
 51 | logvol /  --fstype="xfs" --percent=80 --name=root --vgname=vg_sys
 52 | logvol /var  --fstype="xfs" --percent=80 --name=var --vgname=vg_satellite
 53 | 
 54 | # Preinstallation Scripts
 55 | %pre --logfile /root/ks-pre.log
 56 | %end
 57 | 
 58 | # Postinstallation Scripts
 59 | %post --logfile /root/ks-post.log
 60 | set -x
 61 | subscription-manager register --org=6502464 --activationkey=sat65-531e5b45-d7a1-4846-84a2-1f71952486df
 62 | subscription-manager repos --disable="*"
 63 | subscription-manager repos \
 64 |     --enable=rhel-7-server-rpms \
 65 |     --enable=rhel-server-rhscl-7-rpms \
 66 |     --enable=rhel-7-server-satellite-6.5-rpms \
 67 |     --enable=rhel-7-server-satellite-maintenance-6-rpms \
 68 |     --enable=rhel-7-server-optional-rpms \
 69 |     --enable=rhel-7-server-ansible-2.6-rpms
 70 | subscription-manager release --unset
 71 | yum -y install vim wget git net-tools bind-utils bridge-utils bash-completion kexec-tools sos psacct
 72 | yum -y update
 73 | mkdir -m0700 /root/.ssh/
 74 | cat <<EOF >/root/.ssh/authorized_keys
 75 | ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyQ+Ro5u/qzoh2/aPW496ndiM2TtkcTC7tMECyYl2OVOnkVU43ayPP+KfuRmTYxCdd0oLuQebjb04+0cIit8wnDhSprILfkpCfwudYfKymXrKEkMVCI15HFv9JEgP4FZ0hjl2NmokdMvs7ADPTxvzK3VN7KCBaS3JxvJSl4AQhZ1w7zu4NFKvCVcv+AqpS5Q== admin@example.com
 76 | EOF
 77 | chmod 0600 /root/.ssh/authorized_keys
 78 | restorecon -R /root/.ssh/
 79 | 
 80 | yum -y install rng-tools
 81 | systemctl enable --now rngd
 82 | 
 83 | firewall-cmd --permanent --add-service='RH-Satellite-6' --add-service='dns' --add-service='dhcp' --add-service='tftp' --add-service='http' --add-service='https'
 84 | %end
 85 | 
 86 | # Packages
 87 | %packages
 88 | @^minimal
 89 | @core
 90 | chrony
 91 | kexec-tools
 92 | %end
 93 | EOD
 94 | 
 95 | echo virt-install \
 96 | --name sat65 \
 97 | --description "Satellite 6.5 Instance" \
 98 | --os-type=Linux \
 99 | --os-variant=rhel7 \
100 | --ram=16384 \
101 | --vcpus=4 \
102 | --disk path=/var/lib/libvirt/images/Satellite-6.5.qcow2,bus=virtio,size=300 \
103 | --network bridge=br0,mac=52:54:00:b0:12:7c,model=virtio \
104 | --network network=satnet \
105 | --network network=default \
106 | --initrd-inject ./sat65-ks.cfg \
107 | --location /srv/Images/ISO/rhel-server-7.6-x86_64-dvd.iso \
108 | --extra-args="ks=file:/sat65-ks.cfg"
109 | # --graphics none \
110 | 


--------------------------------------------------------------------------------
/sat65-minimal.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # vim: ft=sh:sw=2:et
  3 | cat <<EOF
  4 | 
  5 | 
  6 | Satellite-6.5 Demo/Test/PoC Setup Script
  7 | ========================================
  8 | 
  9 | This script is intended to automate a comprehensive Satellite-6.5 server installation for demo, test or PoC purposes.
 10 |  
 11 | The script helps to perform the initial steps to finish the prerequisites, it installs and configures the software,
 12 | it fills the Satellite with various types of content, it creates activation keys and content views,
 13 | it customizes some smart class parameter overrides and finally installs a couple of new hosts.
 14 | 
 15 | With this setup, the script is well suited as a Satellite-6 test.
 16 | In an PoC scenario, it allows to emphasize on the actual use cases and requirements from the very first moment.
 17 | 
 18 | This demo setup shows some of the features and benefits of Satellite-6.5:
 19 | - Satellite is configured to authenticate with an existing IPA server (IPA is prerequisite, out of scope for this demo).
 20 | - Satellite is configured to use the existing IPA CA (again, IPA is prerequisite, out of scope for this demo).
 21 | - Satellite is configured to register hosts automatically into the IPA REALM.
 22 | - The simple baseline host is hardened so that root login is disabled.
 23 |   Given the appropriate IPA setup (prerequisite, out of scope for this demo) users can log into the host and sudo if IPA authorization permits.
 24 | - A GIT server is created with a post-receive hook that automatically syncs new puppet classes from GIT to Satellite into a dedicated puppet only content view.
 25 |   This GIT setup demonstrates how to create a rapid puppet development workflow with Satellite-6.
 26 | - A dockerhost is created with appropriate partitioning and network configuration to demonstrate the value of a stable baseline (packages and configuration) to build and run docker containers.
 27 | - A comprehensive buildhost is created to demonstrate the value of the stable baseline (packages and configuration) for development and build environments.
 28 |   The buildhost puppet profile class demonstrates the adoption of a role-profile model with Satellite-6.
 29 |   The automation of the buildhost setup is taken so far that a complete jenkins build pipeline is set up and running to show a JBoss TicketMonster development workflow.
 30 | 
 31 | This demo is intended to run in a VM on a libvirt/KVM host. The Satellite VM requires least 8GB of RAM and 4 cores. 12GB RAM and 6 cores are recommended.
 32 | I recommend using a dedicated server from a hosting provider which is available for less than €50 per month.
 33 | The network setup must allow Satellite to run DHCP and TFTP on a dedicated interface.
 34 | With all features enabled, the demo setup will consume around 180GB of disk space for package content in /var/lib/pulp.
 35 | Using the immediate sync policy, the content sync alone takes more than 24 hours even with a high bandwidth internet connection.
 36 | In preparation for a Satellite-6 PoC this script can be used to perform this time consuming procedure ahead of the actual PoC engagement.
 37 | 
 38 | There is at least one manual intervention required directly after satellite-install has finished and a second halt is included right before the demo hosts are created at the end.
 39 | So be prepared to be around for at least an hour or so after starting the script to proceed after the first manual intervention.
 40 | After that, you may go home and proceed the next day...
 41 | 
 42 | You may want to run this script in a screen session.
 43 | 
 44 | 
 45 | The header section of this script declares a lot of variables that are used later on to customize the script.
 46 | Read through the values carefully and change where appropriate.
 47 | When finished, delete or comment the following exit command.
 48 | 
 49 | EOF
 50 | exit 0
 51 | 
 52 | set -x
 53 | set -e
 54 | longname=$(hostname | tr '.' '_')
 55 | 
 56 | # scp Satellite_65_Generated_July_16_2019.zip root@satellite65.example.com:/tmp
 57 | # scp sat65-setup.sh root@satellite65.example.com:
 58 | 
 59 | # The script is built such that the preparation steps can be skipped if later stages need to be extended or repeated.
 60 | # The higher the STAGE Level is, the more preparation steps are skipped.
 61 | # STAGE Level:
 62 | # 1 = preqequisite preparation
 63 | # 2 = Satellite 6 installation
 64 | # 3 = environment setup
 65 | # 4 = basic content view creation
 66 | # 5 = content sync
 67 | # 6 = content view customizing and promotion
 68 | # 7 = activation key, hostgroup setup, sc_params
 69 | # 8 = creation of example hosts
 70 | export STAGE=1
 71 | 
 72 | # This demo setup is built with IPA integration as one important feature to show.
 73 | # While it is possible to use IPA and leave Satellite with the self signed internal CA cert,
 74 | # it is recommended to demonstrate/test this feature as well.
 75 | # The IPA_EXT_CERT switch is mainly offered for debugging purposes.
 76 | export IPA_EXT_CERT=false
 77 | 
 78 | # You may also use another exteral CA to provide Satellite with a signed certificate
 79 | export CUST_EXT_CERT=true
 80 | 
 81 | 
 82 | 
 83 | # Product / Repo List and Mapping
 84 | # CSV Fields:
 85 | # Index ; Priority ; CV-Mapping ; Repo-Name ; Prod-Name ; Prod-Family ; Architecture ; Release-Version
 86 | 
 87 | # Priority selects products based on a decimal encoded bit matrix. Essential
 88 | # content has assigned priority bit 1. All additional product selections are
 89 | # triggered by the appropriate bits in the priority value.
 90 | 
 91 | 
 92 | ESSENTIAL_CONTENT=1
 93 | RHEL8_CONTENT=2
 94 | RHEL7_CONTENT=4
 95 | RHEL6_CONTENT=8
 96 | MISC_CONTENT=16
 97 | DEV_CONTENT=32
 98 | JBOSS_CONTENT=64
 99 | EXT_CONTENT=128
100 | OSCP_CONTENT=256
101 | OSE_CONTENT=512
102 | RHV_CONTENT=1024
103 | 
104 | 
105 | export CONTENT_MASK=$((ESSENTIAL_CONTENT + RHEL6_CONTENT + RHEL7_CONTENT + RHEL8_CONTENT))
106 | 
107 | # CV-Mapping assigns products to Content Views based on a decimal encoded bit matrix.
108 | 
109 | # CV_RHEL7_Base=1
110 | # CV_inf_capsule=2
111 | # CV_inf_ipa_rhel7=4
112 | # CV_inf_hypervisor_rhel7=8
113 | # CV_inf_builder_rhel7=16
114 | # CV_inf_oscp_rhel7=32
115 | # CV_inf_eap_rhel7=64
116 | # CV_inf_docker_rhel7=128
117 | # CV_inf_git_rhel7=256
118 | # CV_RHEL6_Base=512
119 | # CV_RHEL8_Base=1024
120 | # CV_RHEL8_Ext=2048
121 | # CV_puppet_fasttrack=4096
122 | 
123 | CV_array=(RHEL7-Base RHEL6-Base RHEL8-Base RHEL8-Ext)
124 | 
125 | 
126 | # The following block of parameters needs to reflect your environment.
127 | # Most of the parameters are used with the satellite-installer
128 | # The purpose should be pretty much self explanatory. In doubt, look at 'satellite-installer --help'
129 | export ORG="BSS_SM"
130 | export LOC="WDF"
131 | export ADMIN=admin
132 | export ADMIN_PASSWORD=$(pwmake 64)
133 | export CUST_CA_CERT=/root/certs/bundle.crt
134 | export CUST_CERT_KEY=/root/certs/$(hostname -s)_key.pem
135 | export CUST_CERT_CSR=/root/certs/$(hostname -s)_csr.pem
136 | export CUST_CERT=/root/certs/$(hostname -s).crt
137 | 
138 | # This is a Sat6 manifest. Replace with your custom manifest.
139 | export MANIFEST=/tmp/Satellite_65_Generated_July_16_2019.zip
140 | 
141 | # Be prepared to wait a long time until the content sync has completed.
142 | 
143 | # BEGIN preqeq prep
144 | if [ $STAGE -le 1 ]; then
145 |     subscription-manager register || true
146 |     subscription-manager repos --disable "*"
147 |     subscription-manager repos --enable=rhel-7-server-rpms \
148 |         --enable=rhel-server-rhscl-7-rpms \
149 |         --enable=rhel-7-server-optional-rpms \
150 |         --enable=rhel-7-server-satellite-6.5-rpms \
151 |         --enable=rhel-7-server-satellite-maintenance-6-rpms \
152 |         --enable=rhel-7-server-ansible-2.6-rpms
153 | 
154 |     subscription-manager release --unset
155 |     yum install -y screen yum-utils vim
156 | 
157 |     rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm || true
158 |     yum-config-manager --disable epel
159 | 
160 |     yum -y upgrade
161 | 
162 | fi
163 | # END preqeq prep
164 | 
165 | # BEGIN installation
166 | if [ $STAGE -le 2 ]; then
167 |     # yum -y install satellite foreman-proxy
168 |     yum -y install satellite
169 | 
170 |     firewall-cmd --permanent --add-service='RH-Satellite-6' --add-service='dns' --add-service='dhcp' --add-service='tftp' --add-service='http' --add-service='https'
171 |     # goferd
172 |     firewall-cmd --permanent --add-port='5674/tcp'
173 |     # VNC
174 |     firewall-cmd --permanent --add-port='5901-5930/tcp'
175 |     # OMAPI
176 |     firewall-cmd --permanent --add-port='7911/tcp'
177 |     # Capsule
178 |     firewall-cmd --permanent --add-port="5000/tcp" --add-port="5646/tcp"
179 |     firewall-cmd --reload
180 | 
181 |     # mkdir -p /usr/share/foreman/.ssh
182 |     # ssh-keygen -f /usr/share/foreman/.ssh/id_rsa -t rsa -N ''
183 |     # chown -R foreman.foreman /usr/share/foreman/.ssh
184 | 
185 |     mkdir -p /root/.hammer
186 |     cat > /root/.hammer/cli_config.yml <<EOF
187 | :foreman:
188 |     :host: 'https://$(hostname)/'
189 |     :username: '$ADMIN'
190 |     :password: '$ADMIN_PASSWORD'
191 |     :request_timeout: -1
192 | EOF
193 | 
194 |     if [ $CUST_EXT_CERT = 'true' ]; then
195 |         katello-certs-check \
196 |           -b ${CUST_CA_CERT} \
197 |           -k ${CUST_CERT_KEY} \
198 |           -c ${CUST_CERT}
199 |         CERT_ARGS="--certs-server-ca-cert=${CUST_CA_CERT} \
200 |                --certs-server-key=${CUST_CERT_KEY} \
201 |                --certs-server-cert=${CUST_CERT} \
202 |                --certs-server-cert-req=${CUST_CERT_CSR}"
203 |         cp ${CUST_CA_CERT} /etc/pki/ca-trust/source/anchors/
204 |     fi
205 |     if [ $IPA_EXT_CERT = 'true' ]; then
206 |         katello-certs-check \
207 |           -b /etc/ipa/ca.crt \
208 |           -k /root/certs/key.pem \
209 |           -c /root/certs/${longname}.crt
210 |         CERT_ARGS="--certs-server-ca-cert=/etc/ipa/ca.crt \
211 |                --certs-server-key=/root/certs/key.pem \
212 |                --certs-server-cert=/root/certs/${longname}.crt \
213 |                --certs-server-cert-req=/root/certs/${longname}.csr"
214 |     fi
215 | 
216 |     update-ca-trust enable
217 |     update-ca-trust
218 | 
219 |     time satellite-installer --scenario satellite -v \
220 |       --foreman-admin-password=$ADMIN_PASSWORD \
221 |       --foreman-admin-username=$ADMIN \
222 |       --foreman-initial-organization=$ORG \
223 |       --foreman-initial-location=$LOC \
224 |       --enable-foreman-plugin-openscap \
225 |       ${CERT_ARGS}
226 | 
227 |     hammer settings set --name default_download_policy --value on_demand
228 |     hammer subscription upload --organization "$ORG" --file ${MANIFEST}
229 |     hammer subscription refresh-manifest --organization "$ORG"
230 | fi
231 | # END installation
232 | 
233 | # BEGIN environment setup
234 | if [ $STAGE -le 3 ]; then
235 |     hammer lifecycle-environment create --organization "$ORG" --description 'Development' --name 'Development' --label development --prior Library
236 |     hammer lifecycle-environment create --organization "$ORG" --description 'Test' --name 'Test' --label test --prior 'Development'
237 |     hammer lifecycle-environment create --organization "$ORG" --description 'Production' --name 'Production' --label production --prior 'Test'
238 |     hammer lifecycle-environment create --organization "$ORG" --description 'Latest packages without staging' --name 'UnStaged' --label unstaged --prior Library
239 | 
240 |     hammer domain update --id 1 --organizations "$ORG" --locations "$LOC"
241 | 
242 | fi
243 | # END environment setup
244 | 
245 | # BEGIN basic content view creation
246 | if [ $STAGE -le 4 ]; then
247 |     for index in ${!CV_array[*]}
248 |     do
249 |         LABEL=$(echo ${CV_array[$index]} | tr '[:upper:]' '[:lower:]')
250 |         hammer content-view create --organization "$ORG" --name "${CV_array[$index]}" --label "$LABEL" --description "Installer Provided Content View $LABEL" 
251 |     done
252 | fi
253 | # END content view setup
254 | 
255 | BIFS=$IFS
256 | IFS=';'
257 | function init_repo {
258 | 	index=$1
259 | 	prio_map=$2
260 | 	cv_map=$3
261 | 	repo_name=$4
262 | 	prod_name=$5
263 | 	product=$6
264 | 	arch=$7
265 | 	releasever=$8
266 | 	policy=$9
267 | 	priority=${10}
268 | 
269 | 	if [[ $index == \#* ]]; then return 0; fi
270 | 
271 | 	include='true'
272 | 	for bit in 1 2 4 8 16 32 64 128 256 512 1024 2048 4096
273 | 	do
274 | 		map_mask=$(( prio_map & bit ))
275 | 		prio_mask=$(( priority & bit ))
276 | 		if [ $map_mask -gt 0 -a $prio_mask -eq 0 ]
277 | 		then
278 | 		        include='false'
279 | 		fi
280 | 		
281 | 	done
282 | 	if [ $include = 'true' ]
283 | 	then
284 | 		if [ ${releasever} != '000' ]
285 | 		then
286 | 		    release_opt="--releasever=${releasever}"
287 | 		else
288 | 		    release_opt=""
289 | 		fi
290 |     		hammer repository-set enable --organization "$ORG" --product "${product}" --basearch="${arch}" ${release_opt} --name "${prod_name}"
291 |     		hammer repository update --organization "$ORG" --product "${product}" --name "${repo_name}" --download-policy "${policy}"
292 |     		time hammer repository synchronize --organization "$ORG" --product "${product}"  --name  "${repo_name}"
293 | 		for idx in ${!CV_array[*]}
294 | 		do
295 | 		    bit=$((2**idx))
296 | 		    if [ $(( cv_map & bit )) -gt 0 ]
297 | 			then
298 |         		    hammer content-view add-repository --organization "$ORG" --name "${CV_array[$idx]}" --product "${product}" --repository "${repo_name}"
299 | 		    fi
300 | 		done
301 | 	else
302 | 	    echo Excluded in prio $priority: $prio_map [$index] $repo_name
303 | 	fi
304 | 
305 | 
306 | }
307 | 
308 | 
309 | # BEGIN content sync
310 | # Sync of Red Hat RPM packages adds up to ~160GB of disk space in /var and takes ~ 24hours to finish
311 | if [ $STAGE -le 5 ]; then
312 |     date
313 | 
314 | while read -r line
315 | do
316 | 	IFS=';' init_repo $line $CONTENT_MASK 
317 | done <<EOF
318 | 1;68;0;JBoss Enterprise Application Platform 6 RHEL 7 Server RPMs x86_64 7Server;JBoss Enterprise Application Platform 6 (RHEL 7 Server) (RPMs);JBoss Enterprise Application Platform;x86_64;7Server;on_demand
319 | 2;68;64;JBoss Enterprise Application Platform 7 RHEL 7 Server RPMs x86_64 7Server;JBoss Enterprise Application Platform 7 (RHEL 7 Server) (RPMs);JBoss Enterprise Application Platform;x86_64;7Server;on_demand
320 | 3;36;0;Red Hat Ceph Storage Installer 1.3 for Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server;Red Hat Ceph Storage Installer 1.3 for Red Hat Enterprise Linux 7 Server (RPMs);Red Hat Ceph Storage;x86_64;7Server;on_demand
321 | 4;36;0;Red Hat Ceph Storage Tools 1.3 for Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server;Red Hat Ceph Storage Tools 1.3 for Red Hat Enterprise Linux 7 Server (RPMs);Red Hat Enterprise Linux Server;x86_64;7Server;on_demand
322 | 5;136;0;Red Hat Enterprise Linux 6 Server - Extras RPMs x86_64;Red Hat Enterprise Linux 6 Server - Extras (RPMs);Red Hat Enterprise Linux Server;x86_64;000;immediate
323 | 6;9;512;Red Hat Enterprise Linux 6 Server Kickstart x86_64 6.9;Red Hat Enterprise Linux 6 Server (Kickstart);Red Hat Enterprise Linux Server;x86_64;6.9;immediate
324 | 7;40;0;Red Hat Enterprise Linux 6 Server - Optional RPMs x86_64 6Server;Red Hat Enterprise Linux 6 Server - Optional (RPMs);Red Hat Enterprise Linux Server;x86_64;6Server;immediate
325 | 8;136;0;Red Hat Enterprise Linux 6 Server - RH Common RPMs x86_64 6Server;Red Hat Enterprise Linux 6 Server - RH Common (RPMs);Red Hat Enterprise Linux Server;x86_64;6Server;on_demand
326 | 9;9;512;Red Hat Enterprise Linux 6 Server RPMs x86_64 6Server;Red Hat Enterprise Linux 6 Server (RPMs);Red Hat Enterprise Linux Server;x86_64;6Server;immediate
327 | 10;40;0;Red Hat Enterprise Linux 6 Server - Supplementary RPMs x86_64 6Server;Red Hat Enterprise Linux 6 Server - Supplementary (RPMs);Red Hat Enterprise Linux Server;x86_64;6Server;on_demand
328 | 11;132;0;Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64;Red Hat Enterprise Linux 7 Server - Extras (RPMs);Red Hat Enterprise Linux Server;x86_64;000;on_demand
329 | 12;5;511;Red Hat Enterprise Linux 7 Server Kickstart x86_64 7.7;Red Hat Enterprise Linux 7 Server (Kickstart);Red Hat Enterprise Linux Server;x86_64;7.7;immediate
330 | 13;292;178;Red Hat Enterprise Linux 7 Server - Optional RPMs x86_64 7Server;Red Hat Enterprise Linux 7 Server - Optional (RPMs);Red Hat Enterprise Linux Server;x86_64;7Server;on_demand
331 | 14;36;16;Red Hat Enterprise Linux 7 Server - RH Common RPMs x86_64 7Server;Red Hat Enterprise Linux 7 Server - RH Common (RPMs);Red Hat Enterprise Linux Server;x86_64;7Server;on_demand
332 | 15;5;511;Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server;Red Hat Enterprise Linux 7 Server (RPMs);Red Hat Enterprise Linux Server;x86_64;7Server;immediate
333 | 16;36;16;Red Hat Enterprise Linux 7 Server - Supplementary RPMs x86_64 7Server;Red Hat Enterprise Linux 7 Server - Supplementary (RPMs);Red Hat Enterprise Linux Server;x86_64;7Server;on_demand
334 | 17;260;32;Red Hat Enterprise Linux Atomic Host RPMs x86_64;Red Hat Enterprise Linux Atomic Host (RPMs);Red Hat Enterprise Linux Atomic Host;x86_64;000;on_demand
335 | 18;260;32;Red Hat OpenShift Container Platform 3.9 RPMs x86_64;Red Hat OpenShift Container Platform 3.9 (RPMs);Red Hat OpenShift Container Platform;x86_64;000;on_demand
336 | 19;516;0;Red Hat OpenStack Platform 8 director for RHEL 7 RPMs x86_64 7Server;Red Hat OpenStack Platform 8 director for RHEL 7 (RPMs);Red Hat OpenStack;x86_64;7Server;on_demand
337 | 20;516;0;Red Hat OpenStack Platform 8 for RHEL 7 RPMs x86_64 7Server;Red Hat OpenStack Platform 8 for RHEL 7 (RPMs);Red Hat OpenStack;x86_64;7Server;on_demand
338 | 21;516;0;Red Hat OpenStack Platform 8 Operational Tools for RHEL 7 RPMs x86_64 7Server;Red Hat OpenStack Platform 8 Operational Tools for RHEL 7 (RPMs);Red Hat OpenStack;x86_64;7Server;on_demand
339 | 22;516;0;Red Hat OpenStack Tools 7.0 for Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server;Red Hat OpenStack Tools 7.0 for Red Hat Enterprise Linux 7 Server (RPMs);Red Hat Enterprise Linux Server;x86_64;7Server;on_demand
340 | 23;5;2;Red Hat Satellite 6.5 for RHEL 7 Server RPMs x86_64;Red Hat Satellite 6.5 (for RHEL 7 Server) (RPMs);Red Hat Satellite;x86_64;000;immediate
341 | 24;5;2;Red Hat Satellite Capsule 6.5 for RHEL 7 Server RPMs x86_64;Red Hat Satellite Capsule 6.5 (for RHEL 7 Server) (RPMs);Red Hat Satellite Capsule;x86_64;000;immediate
342 | 25;5;2;Red Hat Satellite Maintenance 6 for RHEL 7 Server RPMs x86_64;Red Hat Satellite Maintenance 6 (for RHEL 7 Server) (RPMs);Red Hat Enterprise Linux Server;x86_64;000;immediate
343 | 26;9;512;Red Hat Satellite Tools 6.5 for RHEL 6 Server RPMs x86_64;Red Hat Satellite Tools 6.5 (for RHEL 6 Server) (RPMs);Red Hat Enterprise Linux Server;x86_64;000;immediate
344 | 27;5;511;Red Hat Satellite Tools 6.5 for RHEL 7 Server RPMs x86_64;Red Hat Satellite Tools 6.5 (for RHEL 7 Server) (RPMs);Red Hat Enterprise Linux Server;x86_64;000;immediate
345 | 28;9;512;Red Hat Ansible Engine 2.6 RPMs for Red Hat Enterprise Linux 7 Server x86_64;Red Hat Ansible Engine 2.6 RPMs for Red Hat Enterprise Linux 7 Server;Red Hat Ansible Engine;x86_64;000;immediate
346 | 29;5;511;Red Hat Satellite Tools 6.3 - Puppet 4 for RHEL 7 Server RPMs x86_64;Red Hat Satellite Tools 6.3 - Puppet 4 (for RHEL 7 Server) (RPMs);Red Hat Enterprise Linux Server;x86_64;000;immediate
347 | 30;9;0;Red Hat Software Collections RPMs for Red Hat Enterprise Linux 6 Server x86_64 6Server;Red Hat Software Collections RPMs for Red Hat Enterprise Linux 6 Server;Red Hat Software Collections for RHEL Server;x86_64;6Server;on_demand
348 | 31;5;438;Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server;Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server;Red Hat Software Collections for RHEL Server;x86_64;7Server;on_demand
349 | 32;132;0;Red Hat Storage Native Client for RHEL 7 RPMs x86_64 7Server;Red Hat Storage Native Client for RHEL 7 (RPMs);Red Hat Enterprise Linux Server;x86_64;7Server;on_demand
350 | 33;132;0;Red Hat Virtualization 4 Management Agents for RHEL 7 RPMs x86_64 7Server;Red Hat Virtualization 4 Management Agents for RHEL 7 (RPMs);Red Hat Virtualization;x86_64;7Server;on_demand
351 | 34;1028;0;Red Hat Virtualization Host 7 RPMs x86_64;Red Hat Virtualization Host 7 (RPMs);Red Hat Virtualization Host;x86_64;000;on_demand
352 | 35;1028;0;Red Hat Virtualization Manager 4.0 RHEL 7 Server RPMs x86_64;Red Hat Virtualization Manager 4.0 (RHEL 7 Server) (RPMs);Red Hat Virtualization;x86_64;000;on_demand
353 | 36;3;3072;Red Hat Enterprise Linux 8 for x86_64 - BaseOS RPMs x86_64 8;Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs);Red Hat Enterprise Linux for x86_64;x86_64;8;immediate
354 | 37;3;3072;Red Hat Enterprise Linux 8 for x86_64 - BaseOS Kickstart x86_64 8;Red Hat Enterprise Linux 8 for x86_64 - BaseOS (Kickstart);Red Hat Enterprise Linux for x86_64;x86_64;8;immediate
355 | 38;3;3072;Red Hat Enterprise Linux 8 for x86_64 - AppStream RPMs x86_64 8;Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs);Red Hat Enterprise Linux for x86_64;x86_64;8;immediate
356 | 39;3;3072;Red Hat Enterprise Linux 8 for x86_64 - AppStream Kickstart x86_64 8;Red Hat Enterprise Linux 8 for x86_64 - AppStream (Kickstart);Red Hat Enterprise Linux for x86_64;x86_64;8;immediate
357 | 40;3;3072;Red Hat Satellite Tools 6.5 for RHEL 8 x86_64 RPMs x86_64;Red Hat Satellite Tools 6.5 for RHEL 8 x86_64 (RPMs);Red Hat Enterprise Linux for x86_64;x86_64;000;immediate
358 | 41;34;2048;Red Hat Enterprise Linux 8 for x86_64 - Supplementary RPMs x86_64 8;Red Hat Enterprise Linux 8 for x86_64 - Supplementary (RPMs);Red Hat Enterprise Linux for x86_64;x86_64;8;immediate
359 | EOF
360 | 
361 | IFS=$BIFS
362 | 
363 |     hammer sync-plan create --name "nightly sync" --enabled=true --interval daily --organization $ORG --sync-date "2018-05-01 01:00:00"
364 |     for i in $(hammer --csv product list --organization $ORG --per-page 999 | grep -vi '^ID' | grep -vi not_synced | awk -F, {'{ if ($5!=0) print $1}'})
365 |     do
366 |       hammer product set-sync-plan --sync-plan "nightly sync" --organization $ORG --id $i
367 |     done
368 | 
369 |     export CVMANAGER_PASS=$(pwmake 64)
370 |     hammer user create --login='cvmanager' --firstname='ContentView' --lastname='Manager' --default-location=$LOC --default-organization=$ORG --locale='de' --organizations=$ORG --locations=$LOC --timezone='Berlin' --password="$CVMANAGER_PASS" --roles='Manager' --mail="cvmanager@${DOMAIN}" --auth-source-id=1
371 |     yum -y install ruby-devel gcc gcc-c++
372 |     git clone https://github.com/RedHatSatellite/katello-cvmanager.git
373 |     gem install apipie-bindings || true
374 |     cat > /root/katello-cvmanager/UnStaged.yaml <<EOF
375 | ---
376 | :settings:
377 |   :user: cvmanager
378 |   :pass: $CVMANAGER_PASS
379 |   :uri: https://$(hostname)
380 |   :timeout: 300
381 |   :org: 1
382 |   :lifecycle: 5
383 |   :keep: 3
384 |   :promote_cvs: true
385 |   :checkrepos: true
386 | :cv:
387 |   RHEL7-Base: latest
388 |   inf-builder-rhel7: latest
389 |   inf-docker-rhel7: latest
390 |   inf-git-rhel7: latest
391 |   inf-hypervisor-rhel7: latest
392 |   inf-ipa-rhel7: latest
393 |   inf-oscp-rhel7: latest
394 | :promote:
395 |  - RHEL7-Base
396 |  - inf-builder-rhel7
397 |  - inf-docker-rhel7
398 |  - inf-git-rhel7
399 |  - inf-hypervisor-rhel7
400 |  - inf-ipa-rhel7
401 |  - inf-oscp-rhel7
402 | :publish:
403 |  - RHEL7-Base
404 |  - inf-builder-rhel7
405 |  - inf-docker-rhel7
406 |  - inf-git-rhel7
407 |  - inf-hypervisor-rhel7
408 |  - inf-ipa-rhel7
409 |  - inf-oscp-rhel7
410 | EOF
411 | 
412 |     cat > /root/katello-cvmanager/daily_updates.sh <<EOF
413 | #! /bin/bash
414 | set -e
415 | ./cvmanager --config=UnStaged.yaml --wait publish
416 | ./cvmanager --config=UnStaged.yaml --wait update
417 | ./cvmanager --config=UnStaged.yaml --wait promote
418 | ./cvmanager --config=UnStaged.yaml --wait clean
419 | EOF
420 |     chmod +x /root/katello-cvmanager/daily_updates.sh
421 | 
422 |     crontab -l | { cat; echo "30 04 * * * cd /root/katello-cvmanager/ && /root/katello-cvmanager/daily_updates.sh | mail -E -s 'Satellite daily report: Content view updates' cvmanager@${DOMAIN}"; } | crontab -
423 | 
424 | fi
425 | # END content sync
426 | 
427 | # BEGIN content view customizing and promotion
428 | if [ $STAGE -le 6 ]; then
429 |     date
430 | 
431 |     time hammer content-view publish --organization "$ORG" --name RHEL8-Base --description 'Initial Publishing' 2>/dev/null
432 |     time hammer content-view version promote --organization "$ORG" --content-view RHEL8-Base --to-lifecycle-environment UnStaged  2>/dev/null
433 | 
434 |     time hammer content-view publish --organization "$ORG" --name RHEL8-Ext --description 'Initial Publishing' 2>/dev/null
435 |     time hammer content-view version promote --organization "$ORG" --content-view RHEL8-Ext --to-lifecycle-environment UnStaged  2>/dev/null
436 | 
437 |     time hammer content-view publish --organization "$ORG" --name RHEL7-Base --description 'Initial Publishing' 2>/dev/null
438 |     time hammer content-view version promote --organization "$ORG" --content-view RHEL7-Base --to-lifecycle-environment UnStaged  2>/dev/null
439 | 
440 |     if [ $RHEL6_CONTENT = 'true' ]; then
441 |         time hammer content-view publish --organization "$ORG" --name RHEL6-Base --description 'Initial Publishing' 2>/dev/null
442 |         time hammer content-view version promote --organization "$ORG" --content-view RHEL6-Base --to-lifecycle-environment UnStaged  2>/dev/null
443 |     fi
444 | 
445 | fi
446 | # END content view setup
447 | 
448 | 
449 | # BEGIN activation key and hostgroup setup
450 | if [ $STAGE -le 7 ]; then
451 |     # JBoss_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Red Hat JBoss Enterprise Application Platform, 16-Core Premium' | tail -n+2 | head -n1 | cut -d',' -f1)
452 |     # RHEV_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Red Hat Virtualization (2-sockets), Standard' | tail -n+2 | head -n1 | cut -d',' -f1)
453 |     # OSCP_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='OpenShift Container Platform, Premium 2-Core' | tail -n+2 | head -n1 | cut -d',' -f1)
454 |     RHEL_Sub_ID=$(hammer --output='csv' subscription list --organization=$ORG --search='Red Hat Enterprise Linux Server with Smart Management, Standard (Physical or Virtual Nodes)' | grep -v 'ATOM\|Resilient\|Hyperscale' | tail -n+2 | head -n1 | cut -d',' -f1)
455 | 
456 |     uuid=$(uuidgen)
457 |     hammer activation-key create --organization="$ORG" --name="el7base-${uuid}" --unlimited-hosts --lifecycle-environment='UnStaged' --content-view='RHEL7-Base'
458 |     hammer activation-key add-subscription --organization="$ORG" --name="el7base-${uuid}" --subscription-id="$RHEL_Sub_ID" 
459 |     hammer activation-key content-override --organization="$ORG" --name="el7base-${uuid}" --content-label='rhel-7-server-satellite-tools-6.5-rpms' --value=1
460 |     hammer activation-key content-override --organization="$ORG" --name="el7base-${uuid}" --content-label='rhel-7-server-satellite-tools-6.5-puppet4-rpms' --value=1
461 |     hammer activation-key update --organization="$ORG" --name="el7base-${uuid}" --release-version='7Server' --service-level='Standard' --auto-attach=0
462 |     environment=$(hammer --output=csv environment list --search='unstaged_rhel7_base' | tail -n+2 | head -n1 | cut -d',' -f2)
463 |     hammer hostgroup create --query-organization="$ORG" --organizations="$ORG" --locations="$LOC" \
464 |       --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
465 |       --lifecycle-environment='UnStaged' --operatingsystem='RedHat 7.7' --partition-table='Kickstart default' \
466 |       --content-view='RHEL7-Base' \
467 |       --environment="${environment}" --name='RHEL7-Base'
468 |     hammer hostgroup set-parameter --hostgroup='RHEL7-Base' --name='kt_activation_keys' --value="el7base-${uuid}"
469 | 
470 |     uuid=$(uuidgen)
471 |     hammer activation-key create --organization="$ORG" --name="el8base-${uuid}" --unlimited-hosts --lifecycle-environment='UnStaged' --content-view='RHEL8-Base'
472 |     hammer activation-key content-override --organization="$ORG" --name="el8base-${uuid}" --content-label='satellite-tools-6.5-for-rhel-8-x86_64-rpms' --value=1
473 |     hammer activation-key update --organization="$ORG" --name="el8base-${uuid}" --release-version='8' --service-level='Standard' --auto-attach=0
474 |     environment=$(hammer --output=csv environment list --search='unstaged_rhel8_base' | tail -n+2 | head -n1 | cut -d',' -f2)
475 |     hammer hostgroup create --query-organization="$ORG" --organizations="$ORG" --locations="$LOC" \
476 |       --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
477 |       --lifecycle-environment='UnStaged' --operatingsystem='RedHat 8.0' --partition-table='Kickstart default' \
478 |       --content-view='RHEL8-Base' \
479 |       --environment="${environment}" --name='RHEL8-Base'
480 |     hammer hostgroup set-parameter --hostgroup='RHEL8-Base' --name='kt_activation_keys' --value="el8base-${uuid}"
481 |     hammer hostgroup set-parameter --hostgroup='RHEL8-Base' --name='enable-puppet4' --value='true'
482 | 
483 |     if [ $RHEL6_CONTENT = 'true' ]; then
484 |         hammer activation-key create --organization="$ORG" --name='RHEL6_Base' --unlimited-hosts --lifecycle-environment='UnStaged' --content-view='RHEL6_Base'
485 |         hammer activation-key add-subscription --organization="$ORG" --name='RHEL6_Base' --subscription-id="$RHEL_Sub_ID" 
486 |         hammer activation-key content-override --organization="$ORG" --name='RHEL6_Base' --content-label='rhel-6-server-satellite-tools-6.5-rpms' --value=1
487 |         hammer activation-key update --organization="$ORG" --name='RHEL6_Base' --release-version='6Server' --service-level='Standard' --auto-attach=0
488 |         environment=$(hammer --output=csv environment list --search='unstaged_rhel6_base' --puppet-class='stdlib' | tail -n+2 | head -n1 | cut -d',' -f2)
489 |         hammer hostgroup create --query-organization="$ORG" --organizations="$ORG" --locations="$LOC" \
490 |           --architecture='x86_64' --content-source-id=1 --puppet-ca-proxy-id=1 --puppet-proxy-id=1 \
491 |           --lifecycle-environment='UnStaged' --operatingsystem='RedHat 6.9' --partition-table='Kickstart default' \
492 |           --content-view='RHEL6_Base' \
493 |           --environment="$environment" --name='RHEL6_Base'
494 |         hammer hostgroup set-parameter --hostgroup='RHEL6_Base' --name='kt_activation_keys' --value='RHEL6_Base'
495 |         hammer hostgroup set-parameter --hostgroup='RHEL6_Base' --name='enable-puppet4' --value='true'
496 |     fi
497 | 
498 | fi
499 | # END activation key and hostgroup setup
500 | 
501 | 


--------------------------------------------------------------------------------