Plugins » Katello

h1. Katello on Existing Foreman

h2. Summary

Goals:

# I am a user and I want to install Katello on my existing production Foreman.

h2. Targeted Release

TBD

h2. Targeted Persona

[[Personas-SystemEngineer| Samuel - System Engineer]] - production Foreman

[[Personas-Developer| Daniel - Developer]] - development environment

h2. Design Requirements

Based on https://groups.google.com/forum/#!searchin/foreman-dev/katello$20on/foreman-dev/rMc1rWJMmBg/gTjEDJuD_a0J

h3. Installer

katello-installer is a separate independent installer.  As part of this effort, it will need to move to be a plugin of foreman-installer itself, that can be installed at a later point in time.  katello-installer will provide scenarios for katello and a katello proxy (capsule).  Scenarios will be able to both change the default settings of foreman's answers (taxonomies on, certificates, etc), but also provide its own additional top-level modules.

Scenario Tracker http://projects.theforeman.org/issues/10161

> !plugins2.png!

In order to do this, puppet-foreman_proxy needs to be moved to the top level of the installer, puppet-capsule largely stripped and renamed to indicate its new content-specific purpose (if not able to integrate into puppet-foreman_proxy itself).

h3. Certificates

Katello requires a number of certificates in order to deploy all of the services that are involved. For a summary of all the certs that are used and deployed see https://github.com/Katello/puppet-certs#certificates-overview. In order for us to install the Katello plugin alongside an existing Foreman installation, we will need to support deploying certs for new services, create new CA's (i.e. candlepin), while not breaking the existing Foreman infrastructure.

In order to accomplish this, we will abandon the current katello-certs-tool and puppet-certs, in favor of a puppet-openssl module.  Optionally, the katello and candlepin CA's can be issued by an existing CA (such as the Puppet CA), keeping the foreman infrastructure intact and functioning.

h3. Backends

Katello has three main backends that store data: Pulp, Candlepin and Elasticsearch. Some Katello objects have corresponding objects in one or all backends. 

# Foremans will need to have Organizations and Locations enabled and an initial one created (done with the scenario)

# Existing Organizations need to be created in Candlepin

# Users will need to be created in Pulp, and the anonymous_admin and anonymous_api_admin will need to have the correct remote_id to correspond to the Pulp admin user.

h3. Databases

Katello currently only tests and supports Postgres. 

Requirements:

# Support MySQL

  _It looks like it should be possible, we'd also need to add MySQL to our testing in Jenkins, and support in the installer.  Currently the migration fails with errors like this, so we will need modifications:_

  <pre>

Mysql2::Error: Error on rename of './katello/#sql-a3a_13' to './katello/katello_content_view_filters_repositories' (errno: 150): ALTER TABLE `katello_content_view_filters_repositories` CHANGE `filter_id` `content_view_filter_id` int(11) DEFAULT NULL/home/stbenjam/.rvm/gems/ruby-1.9.3-p448/gems/activerecord-3.2.21/lib/active_record/connection_adapters/abstract_mysql_adapter.rb:245:in `query'

  </pre>

# What about Candlepin?

  _Theoretically supports MySQL_

h3. Capsules

Katello deploys Capsules which includes deploying the following:

* Smart Proxy

* Pulp Node or Pulp Master

* Certs

* Qpid

* Puppet Master

Capsules upstream should just become Foreman Smart Proxies.  This means moving Foreman Proxy module to the top level, and either integrating existing Katello functions into plugins for the puppet-foreman_proxy module, or providing it externally through our own content-specific module (stripped down version of the existing capsule module).

h2. Documentation

h3. Bugs/RFE

* Tracker http://projects.theforeman.org/issues/7605