Managing deb content in Foreman | Opensource.com

Managing deb content in Foreman

Use Foreman to serve software packages and errata for certain Linux systems.

Package wrapped with brown paper and red bow
Image credits : 

Photo by Jess Bailey on Unsplash

x

Subscribe now

Get the highlights in your inbox every week.

Foreman is a data center automation tool to deploy, configure, and patch hosts. It relies on Katello for content management, which in turn relies on Pulp to manage repositories. See Manage content using Pulp Debian for more information.

Pulp offers many plugins for different content types, including RPM packages, Ansible roles and collections, PyPI packages, and deb content. The latter is called the pulp_deb plugin.

Content management in Foreman

The basic idea for providing content to hosts is to mirror repositories and provide content to hosts via either the Foreman server or attached Smart Proxies.

This tutorial is a step-by-step guide to adding deb content to Foreman and serving hosts running Debian 10. "Deb content" refers to software packages and errata for Debian-based Linux systems (e.g., Debian and Ubuntu). This article focuses on Debian 10 Buster but the instructions also work for Ubuntu 20.04 Focal Fossa, unless noted otherwise.

1. Create the operating system

1.1. Create an architecture

Navigate to Hosts > Architectures and create a new architecture (if the architecture where you want to deploy Debian 10 hosts is missing). This tutorial assumes your hosts run on the x86_64 architecture, as Foreman does.

1.2. Create an installation media

Navigate to Hosts > Installation Media and create new Debian 10 installation media. Use the upstream repository URL http://ftp.debian.org/debian/.

Select the Debian operating system family for either Debian or Ubuntu.

Alternatively, you can also use a Debian mirror. However, content synced via Pulp does not work for two reasons: first, the linux and initrd.gz files are not in the expected locations; second, the Release file is not signed.

1.3. Create an operating system

Navigate to Hosts > Operating Systems and create a new operating system called Debian 10. Use 10 as the major version and leave the minor version field blank. For Ubuntu, use 20.04 as the major version and leave the minor version field blank.

Select the Debian operating system family for Debian or Ubuntu, and specify the release name (e.g., Buster for Debian 10 or Stretch for Debian 9). Select the default partition tables and provisioning templates, i.e., Preseed default *.

1.4. Adapt default Preseed templates (optional)

Navigate to Hosts > Partition Tables and Hosts > Provisioning Templates and adapt the default Preseed templates if necessary. Note that you need to clone locked templates before editing them. Cloned templates will not receive updates with newer Foreman versions. All Debian-based systems use Preseed templates, which are included with Foreman by default.

1.5. Associate the templates

Navigate to Hosts > Provisioning Templates and search for Preseed. Associate all desired provisioning templates to the operating system. Then, navigate to Hosts > Operating Systems and select Debian 10 as the operating system. Select the Templates tab and associate any provisioning templates that you want.

2. Synchronize content

2.1. Create content credentials for Debian upstream repositories and Debian client

Navigate to Content > Content Credentials and add the required GPG public keys as content credentials for Foreman to verify the deb packages' authenticity. To obtain the necessary GPG public keys, verify the Release file and export the corresponding GPG public key as follows:

  • Debian 10 main:
    wget http://ftp.debian.org/debian/dists/buster/Release && wget http://ftp.debian.org/debian/dists/buster/Release.gpg
    gpg --verify Release.gpg Release
    gpg --keyserver keys.gnupg.net --recv-key 16E90B3FDF65EDE3AA7F323C04EE7237B7D453EC
    gpg --keyserver keys.gnupg.net --recv-key 0146DC6D4A0B2914BDED34DB648ACFD622F3D138
    gpg --keyserver keys.gnupg.net --recv-key 6D33866EDD8FFA41C0143AEDDCC9EFBF77E11517
    gpg --armor --export E0B11894F66AEC98 DC30D7C23CBBABEE DCC9EFBF77E11517 > debian_10_main.txt
  • Debian 10 security:
    wget http://security.debian.org/debian-security/dists/buster/updates/Release && wget http://security.debian.org/debian-security/dists/buster/updates/Release.gpg
    gpg --verify Release.gpg Release
    gpg --keyserver keys.gnupg.net --recv-key 379483D8B60160B155B372DDAA8E81B4331F7F50
    gpg --keyserver keys.gnupg.net --recv-key 5237CEEEF212F3D51C74ABE0112695A0E562B32A
    gpg --armor --export EDA0D2388AE22BA9 4DFAB270CAA96DFA > debian_10_security.txt
  • Debian 10 updates:
    wget http://ftp.debian.org/debian/dists/buster-updates/Release && wget http://ftp.debian.org/debian/dists/buster-updates/Release.gpg
    gpg --verify Release.gpg Release
    gpg --keyserver keys.gnupg.net --recv-key 16E90B3FDF65EDE3AA7F323C04EE7237B7D453EC
    gpg --keyserver keys.gnupg.net --recv-key 0146DC6D4A0B2914BDED34DB648ACFD622F3D138
    gpg --armor --export E0B11894F66AEC98 DC30D7C23CBBABEE > debian_10_updates.txt
  • Debian 10 client:
    wget --output-document=debian_10_client.txt https://apt.atix.de/atix_gpg.pub

You can select the respective ASCII-armored TXT files to upload to your Foreman instance.

2.2. Create products called Debian 10 and Debian 10 client

Navigate to Content > Hosts and create two new products.

2.3. Create the necessary Debian 10 repositories

Navigate to Content > Products and select the Debian 10 product. Create three deb repositories:

  • Debian 10 main:
    • URL: http://ftp.debian.org/debian/
    • Releases: buster
    • Component: main
    • Architecture: amd64
  • Debian 10 security:
    • URL: http://deb.debian.org/debian-security/
    • Releases: buster/updates
    • Component: main
    • Architecture: amd64

If you want, you can add a self-hosted errata service: https://github.com/ATIX-AG/errata_server and https://github.com/ATIX-AG/errata_parser

  • Debian 10 updates:
    • URL: http://ftp.debian.org/debian/
    • Releases: buster-updates
    • Component: main
    • Architecture: amd64

Select the content credentials that you created in step 2.1. Adjust the components and architecture as needed. Navigate to Content > Products and select the Debian 10 client product. Create a deb repository as follows:

  • Debian 10 subscription-manager
    • URL: https://apt.atix.de/Debian10/
    • Releases: stable
    • Component: main
    • Architecture: amd64

Select the content credentials you created in step 2.1. The Debian 10 client contains the subscription-manager package, which runs on each content host to receive content from the Foreman Server or an attached Smart Proxy. Navigate to apt.atix.de for further instructions.

2.4. Synchronize the repositories

If you want, you can create a sync plan to sync the Debian 10 and Debian 10 client products periodically. To sync the product once, click the Select Action > Sync Now button on the Products page.

2.5. Create content views

Navigate to Content > Content Views and create a content view called Debian 10 comprising the Debian upstream repositories created in the Debian 10 product and publish a new version. Do the same for the Debian 10 client repository of the Debian 10 client product.

2.6. Create a composite content view

Create a new composite content view called Composite Debian 10 comprising the previously published Debian 10 and Debian 10 client content views and publish a new version. You may optionally add other content views of your choice (e.g., Puppet).

2.7. Create an activation key

Navigate to Content > Activation Keys and create a new activation key called debian-10:

  • Select the Library lifecycle environment and add the Composite Debian 10 content view.
  • On the Details tab, assign the correct lifecycle environment and composite content view.
  • On the Subscriptions tab, assign the necessary subscriptions, i.e., the Debian 10 and Debian 10 client products.

3. Deploy a host

3.1. Enable provisioning via Port 8000

Connect to your Foreman instance via SSH and edit the following file:

/etc/foreman-proxy/settings.yml

Search for :http_port: 8000 and make sure it is not commented out (i.e., the line does not start with a #).

3.2. Create a host group

Navigate to Configure > Host Groups and create a new host group called Debian 10. Check out the Foreman documentation on creating host groups, and make sure to select the correct entries on the Operating System and Activation Keys tabs.

3.3. Create a new host

Navigate to Hosts > Create Host and either select the host group as described above or manually enter the identical information.

Tip: Deploying hosts running Ubuntu 20.04 is even easier, as you can use its official installation media ISO image and do offline installations. Check out orcharhino's Managing Ubuntu Systems Guide for more information.

ATIX has developed several Foreman plugins, and is an integral part of the Foreman open source ecosystem. The community's feedback on our contributions is passed back to our customers, as we continuously strive to improve our downstream product, orcharhino.

Gift box opens with colors coming out

Mirror, sync, upload, and publish Debian software packages with the pulp_deb plugin.
Jars with food inside on a shelf

This May I started my internship at Red Hat with the Pulp team . Since it was my first ever...

Topics

About the author

Maximilian Kolb - technical content creator by day | hacker by night | minimalist by choice