From: David Galloway <dgallowa@redhat.com>
Date: Fri, 7 Oct 2016 20:26:22 +0000 (-0400)
Subject: common: Add support for registering with Red Hat Satellite
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=f984d9cfeb31ffe2fb9507a5473ceeb986e090fb;p=ceph-cm-ansible.git

common: Add support for registering with Red Hat Satellite

Signed-off-by: David Galloway <dgallowa@redhat.com>
---

diff --git a/roles/common/README.rst b/roles/common/README.rst
index 1c561e8..01b6a0e 100644
--- a/roles/common/README.rst
+++ b/roles/common/README.rst
@@ -31,6 +31,14 @@ secrets repo.
 ``rhsm_repos`` is a list of Red Hat repos that a system should subscribe to.  We
 have them defined in ``roles/common/vars/redhat_{6,7}.yml``.
 
+``use_satellite`` is a boolean that sets whether a local Red Hat Satellite server is available and should be used instead of Red Hat's CDN.  If ``use_satellite`` is set to true, you must also define ``subscription_manager_activationkey``, ``subscription_manager_org``, and ``satellite_cert_rpm`` in your secrets repo.  See example::
+
+    # Red Hat Satellite vars
+    use_satellite: true
+    satellite_cert_rpm: "http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm"
+    subscription_manager_org: "Your Org"
+    subscription_manager_activationkey: "abc123"
+
 ``epel_mirror_baseurl`` is self explanatory and defined in
 ``roles/common/defaults/main.yml``.  Can be overwritten in secrets if you run
 your own local epel mirror.
diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml
index 3622977..d86f2e0 100644
--- a/roles/common/defaults/main.yml
+++ b/roles/common/defaults/main.yml
@@ -8,6 +8,9 @@ subscription_manager_org: ""
 # Repos to enable in Red Hat Subscription Manager
 rhsm_repos: []
 
+# Defines whether to use a Red Hat Satellite server
+use_satellite: false
+
 kerberos_realm: EXAMPLE.COM
 
 epel_mirror_baseurl: "http://dl.fedoraproject.org/pub/epel"
diff --git a/roles/common/tasks/rhel-entitlements.yml b/roles/common/tasks/rhel-entitlements.yml
index 99f9b2a..2892e03 100644
--- a/roles/common/tasks/rhel-entitlements.yml
+++ b/roles/common/tasks/rhel-entitlements.yml
@@ -18,6 +18,13 @@
   set_fact:
     have_entitlements: "{{ subscription_manager_org != '' and subscription_manager_activationkey != ''}}"
 
+- name: Install CA Cert from Satellite Server
+  yum:
+    name: "{{ satellite_cert_rpm }}"
+    state: present
+    validate_certs: no
+  when: use_satellite == true
+
 - name: Determine if node is registered with subscription-manager.
   command: subscription-manager identity
   register: subscription