A few days ago I started to re-surrect my Foreman(/katello) server and wanted to use it to pull content from remote repository for AlmaLinux. This involves updating Foreman with a new product and related AlmaLinux repository. I wrote a similar post on creating product & repository using hammer before for EPEL 8. However, it’s been a long while and things could change with the current version of Foreman server.
# rpm -qa | egrep -i '^foreman-[0-9]|^katello-[0-9]|^pulp-server-[0-9]'
katello-4.3.0-1.el8.noarch
foreman-3.1.1-1.el8.noarch
# hammer --version
hammer (3.1.0)
* hammer_cli_foreman (3.1.0)
* hammer_cli_foreman_remote_execution (unknown version)
* hammer_cli_foreman_tasks (unknown version)
* hammer_cli_katello (1.3.1)
There would be 3 steps:
- Create content-credentials
- Create a new product
- Create pepositories
The content-credentials stores the package signing key for the product or repository. It can be created by using the AlmaLinux 8 GPG signing key.
# curl -O http://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux
With the GPG signing key downloaded, we can proceed to create a new content-credentials. Tip: If you can’t remember what options to pass the command for creating content-credentials, pass --help to get help.
# hammer content-credentials create --help
Usage:
hammer content-credentials create [OPTIONS]
Options:
--content-type VALUE Type of content: “cert”, “gpg_key”
--name VALUE Name of the Content Credential
--organization[-id|-title|-label] VALUE/NUMBER Organization name/title/label/id
--path FILE Key file
-h, --help Print help
# hammer content-credentials create \
--content-type gpg_key \
--name RPM-GPG-KEY-AlmaLinux \
--organization MyOrganization \
--path ./RPM-GPG-KEY-AlmaLinux
Content Credential created.
Let’s verify that a new content-credentials (gpg) key has been created.
# hammer content-credentials list --organization MyOrganization
---|-----------------------|-------------
ID | NAME | CONTENT TYPE
---|-----------------------|-------------
1 | ... | gpg_key
3 | RPM-GPG-KEY-AlmaLinux | gpg_key
2 | ... | gpg_key
---|-----------------------|-------------
The second step is to create a new product. I’ll call it “AlmaLinux8”.
# hammer product create \
> --name AlmaLinux8 \
> --gpg-key-id 3 \
> --organization MyOrganization
Product created.
Again, a reminder to get help with the correction to pass to the hammer product create command is to append it with --help option. Also note that I’ve got the gpg-key-id from the content-credentials list above.
The final step is to create repositories and add them to the AlmaLinux8 product. AlmaLinux 8 provides 5 repositories: BaseOS, AppStream, Extras, PowerTools, and High Availability. However, I’m going to just create 2 repositories for now (BaseOS and AppStream).
# hammer repository create \
--name AlmaLinux8BaseOS \
--content-type 'yum' \
--download-policy 'on_demand' \
--product AlmaLinux8 \
--organization MyOrganization \
--mirror-on-sync 'yes'
--url 'https://almalinux.mirror.digitalpacific.com.au/8.5/BaseOS/x86_64/os/' \
--arch x86_64
Repository created.
Repeat the above step for AppStream repo, and don’t forget to update the --url to the correct one.
# hammer repository create \
--name AlmaLinux8AppStream \
--content-type 'yum' \
--download-policy 'on_demand' \
--product AlmaLinux8 \
--organization MyOrganization \
--mirror-on-sync 'yes'
--url 'https://almalinux.mirror.digitalpacific.com.au/8.5/AppStream/x86_64/os/' \
--arch x86_64
Repository created.
Let’s list all repositories in the AlmaLinux8 product.
# hammer repository list --organization MyOrganization --product AlmaLinux8
---|---------------------|------------|--------------|------------------------------------------------------------------------
ID | NAME | PRODUCT | CONTENT TYPE | URL
---|---------------------|------------|--------------|------------------------------------------------------------------------
13 | AlmaLinux8AppStream | AlmaLinux8 | yum | https://almalinux.mirror.digitalpacific.com.au/8.5/AppStream/x86_64/os/
12 | AlmaLinux8BaseOS | AlmaLinux8 | yum | https://almalinux.mirror.digitalpacific.com.au/8.5/BaseOS/x86_64/os/
---|---------------------|------------|--------------|------------------------------------------------------------------------
That’s all for the task to create product and some repositories for AlamaLinux 8. However, before a Foreman client can install a package from this repo, the repos to perform a synchronization first. This can be done as a one-off task or better yet, add a sync-plan to the product/repo.
In this post, I’m going to just run a one-ff sync for both repos. Note I passed --async option to run this sync asynchronously, i.e. there is no need to wait for the sync to complete.
# hammer repository synchronize --id 12 --async
Repository is being synchronized in task 5b8d8b5d-4979-455f-9445-4431ced96bb8.
# hammer repository synchronize --id 13 --async
Repository is being synchronized in task bdcfebc7-2e60-48b1-8577-3af14c41a34f.
To check the status of the above sync tasks, we can run the following command:
# hammer product list --name AlmaLinux8 --organization MyOrganization
---|------------|-------------|--------------|--------------|------------------
ID | NAME | DESCRIPTION | ORGANIZATION | REPOSITORIES | SYNC STATE
---|------------|-------------|--------------|--------------|------------------
3 | AlmaLinux8 | | MyOrganization | 2 | Syncing Complete.
---|------------|-------------|--------------|--------------|------------------
As we can see the repository synchronization is completed.