How to Install Katello on CentOS 7.x

Katello is an open source content management software. Katello is the alternate of Red Hat Satellite Server 6.1 and 6.2. Apart from the content management katello can also perform provisioning and configuration task using foreman. In other words we can say Katello is the open source version of Red Hat Satellite Server which can push updates to its register Linux Servers or clients.

Following are the different components in Satellite Server :

  • Katello – It manage all contents or repository and Software Development Life Management (SDLC )
  • Foreman – It performs provisioning of physical and virtual servers using methods like kickstart and PXE, It also allows us to automate our tasks using puppet modules.
  • Candlepin – It is a service within katello which is responsible for handling subscription management.
  • Pulp – It is a service within the katello which handles repositories and it’s content
  • Capsule Server –  It acts as proxy server for some of the katello services like repository storage, DNS, DHCP and Puppet server configurations

In this article we are going to install Katello 3.14 on CentOS 7.x Server. I am assuming minimal CentOS 7.x is already install on your system.

Beneath are the minimum recommendation for Katello Server :

  • Minimum of 8 GB RAM
  • Minimum 2 CPU Cores
  •  20 GB in / file system
  • Separate and maximum Size of /var/ because all the OS repositories will be synced under /var/lib/pulp, ideally allocate 30 GB space for each OS repositories. let’s assume i will sync repositories of three OS then size of /var would be 90 GB.

Installation Steps of Katello on CentOS 7

Step:1 Set Hostname and update the Server

Use the hostnamectl command to set the hostname

[root@localhost ~]# hostnamectl set-hostname ""

Update the /etc/hosts file in case you don’t have your own DNS Server

[root@katello ~]# echo "" >> /etc/hosts

Use the below yum command to  update the server and then reboot

[root@katello ~]# yum update -y ; reboot

Step:2 Set the firewall rules for katello

Run the below command to open the ports in OS firewall for katello setup.

[root@katello ~]# firewall-cmd --permanent --add-port="80/tcp" --add-port="443/tcp" --add-port="5646/tcp" --add-port="5647/tcp" --add-port="5671/tcp" --add-port="5672/tcp"  --add-port="8140/tcp" --add-port="9090/tcp" --add-port="53/udp" --add-port="53/tcp"  --add-port="67/udp" --add-port="68/udp" --add-port="69/udp"

Step:3 Set the required repositories for katello

Run the beneath commands one after the other to set the required repositories for katello setup.

[root@katello ~]# yum -y localinstall 
[root@katello ~]# yum -y localinstall
[root@katello ~]# yum -y localinstall
[root@katello ~]# yum -y localinstall 
[root@katello ~]# yum -y install foreman-release-scl

Now again update your system as we have added new repositories.

[root@katello ~]# yum -y update

Step:4 Install Katello Package and start the installation

Run the following yum command to install katello packages.

[root@katello ~]# yum -y install katello

Before starting the Installation , Sync Time of Your Server with NTP Server and set the time zone with respect to your location

[root@katello ~]# timedatectl list-timezones  | grep -i Asia/Kol
[root@katello ~]# timedatectl set-timezone "Asia/Kolkata"
[root@katello ~]#
[root@katello ~]# yum install chrony -y
[root@katello ~]# chronyd -q 'server iburst'

Note: In case Chronyd service is already running then first stop the service and run above command to sync the time

Read AlsoHow to Sync Time in Linux Server using Chrony

Start the Katello Installation now using below foreman-installer command

[root@katello ~]# foreman-installer --scenario katello --foreman-admin-username admin --foreman-admin-password <Specify_Password>

Once the Installation is completed , we will get output something like below :


Note : In case your server is running behind the proxy server then run the below command

[root@katello ~]# foreman-installer --scenario katello --katello-proxy-url http://<Proxy-Server_Name_or_IP> --katello-proxy-port <Proxy-port> --foreman-admin-username admin --foreman-admin-password <Specify_Password>

Step:5 Access the Katello Admin Dashboard

Open the Web Browser and type the url “” , Use the username as admin and password that we specify in the above step.



That’s all for this article. Please share your valuable feedback and Comments. Refer the below URL for downloading Yum Repositories and Register Clients for patching in Katello setup.

How to Download Yum Repositories and Register clients in Katello

19 thoughts on “How to Install Katello on CentOS 7.x”

  1. Getting dependencies error for following rpms:
    rubygem(rake) >= 0.8.3

    Any idea which repo can provide them

  2. Hey Can you please help me with this error, I dont need need to connect via a proxy though its asking for proxy url

    # foreman-installer –scenario katello –katello-proxy-url ‘http://localhost’
    Parameter capsule-reverse-proxy invalid: “capsule::params::reverse_proxy” is not a valid boolean
    Parameter capsule-qpid-router invalid: “capsule::params::qpid_router” is not a valid boolean
    Parameter certs-regenerate invalid: “certs::params::regenerate” is not a valid boolean
    Parameter certs-regenerate-ca invalid: “certs::params::regenerate_ca” is not a valid boolean
    Parameter katello-repo-export-dir invalid: “katello::params::repo_export_dir” is not an absolute path

  3. CentOS updated their version 7 to 7.4.1708 and packages like shim have been renamed making the new installer fail. Add the following repos to make the installer work again.


  4. I’ve tried installing this several times in several scenarios….AWS EC2 instance, local VM, AWS OpsWorks…and every time, I get as far as running foreman-installer and I always get the same error:

    /usr/bin/wget –no-proxy –timeout=30 –tries=40 –wait=20 –retry-connrefused -qO- ‘http://localhost:8080/candlepin/admin/init’ > /var/log/candlepin/cpinit.log 2>&1 && touch /var/lib/candlepin/cpinit_done returned 8 instead of one of [0]

    What am I missing here? I don’t see others having this error, so I’m confused. I’m following along with the steps, but still getting this error every time.

    Thanks for any help!

  5. Main problem with SSL on CentOS 7 is that candlepin is apparently old and with the default installation tomcat is not allowed to access postgresql server. This is fixed in newer version of candlepin but that is not what is installed so disabling selinux (setenforce 0) allows install to go through for me. Presumably can audit this to find correct command to use. I also tried to use my own certificates and had host of issues with the SSLCertificateChainFile that is added to apache configuration which makes other parts fail. This might not be part of demo install however so not documenting that other than this might help others pinpoint things to look at. I got through a single pass install by hand editing crt files while install was progressing before apache was restarted but after files were written.

  6. Hello

    I do have almost all servers as amazon Linux. Can we manage Amazon Linux using Katello. If yes how do we manage it.

    Santosh Garole

    • Yes, You can manage your Amazon Linux Servers via Katello, You have to Configure Katello on CentOS 7/ RHEL 7 server then register all your Linux servers via activation keys.

  7. Great article and I was able to install onto CentOS 7.7. Two updates though, step 3(Setup required repos)… I found that I had to install the foreman-release rpm before the katello rpm; katello rpm install failed if that commands ran first. Step 4(Starting Katello)… –foreman-admin commands are now –foreman-initial-admin so now it is…. foreman-initial-username –foreman-admin-password

  8. Hi all,
    i am trying install Katello on to RHEL 7 but i end with:
    foreman-installer –scenario katello
    Executing: foreman-maintain packages is-locked –assumeyes

    and still waiting for output. Any idea?

  9. Worked like a charm…mostly. The installer did not let me change the password on the fly. It did not recognize the user portion. I ran it without and then changed the password the old fashioned way (AKA manually). Onto the configuration!


Leave a Comment