 Hello and welcome to Redhead Enterprise Presents. This is episode number 25, Introduction to Satellite. Thank you all so much for joining us today. I'm really excited. We've got a lot of great things to talk about on the show today, so time-appropriate greetings to all of you. As usual, in the chat, this is the best way to talk with the host, talk with our guests, ask your questions and be part of the show. So if you are not on our Discord, there's a Discord server as well, and we'll share all those links throughout the show, and they'll be in the show notes afterwards. But before we get too deep into today's topic, I do have an announcement I'm really excited about. I would like to introduce our new recurring co-host, Brian Smith. How are you doing today, Brian? Good, thanks so much, Eric. Very excited to be here. Yeah, why don't you introduce yourself? Tell us what you do here at Red Hat and what made you decide to jump on to every other week live stream. Sounds good, yeah. So right now I'm a product manager in the REL business unit focused on automation and management. So what that means is I'm working with technologies like REL system roles and web consoles, stuff like that. I've moved into this position back in April, and before that I was with Red Hat as a TAM, a technical account manager for about three years. So that's my background. Before that I worked as a sysadmin for many, many years. So yeah, excited to be here. Awesome. Yeah, I'm glad to have you as a co-host. There's always a lot to keep track of between the chat, the stream, the conversation, the interview. So I, for one, am very thankful to have you. And as I recall, you are not new to this particular YouTube channel. As I recall a couple of years ago, your wonderful narration skills were put to good use for the REL 8.0 beta. There was a bunch of videos you did that's quick overviews of new feature in REL 8, and that's actually how I really got in touch with REL 8 and started learning all the things. Yeah, I have a bunch of blogs and videos out there, hopefully more videos to come soon. So... Yeah, and shameless plug for Brian. If you follow our blog, Brian has been a machine publishing probably what, close to eight, if not a dozen blogs around system roles right now. So if you're looking to automate your builds, if you're looking to standardize your environment, system roles are a great way to do that. And Brian, I think, has the monopoly on system role blog content right now. Yeah, we need to do a REL Presents just on system roles sometime, hopefully soon. Yeah, that's actually on the roadmap for early next year, but yeah, we definitely do. They are incredibly powerful. And in fact, kind of is a good segue into today's topic because system roles, Ansible, things like tools like this have come a very long way since my days as a systems administrator. And one of the other tools that we've actually not covered in 25 episodes on the, or I should say in 24 episodes, we have not, we've only mentioned this product in passing, but that is Red Hat Satellite. And I could think of no one better to come on the show and talk about Satellite than our own Matthew Yee. He is a technical marketing manager here at Red Hat. He works on my team. And he was with me a couple of weeks ago as we talked about REL 8.5. Looks like we're having some streaming issues. So give me just a second and I'll bring Matt on to introduce himself and we'll see. Hey, Matt, welcome back. So glad you decided to join me two weeks in a row. Thanks for having me back and thanks for the intro. Brian, welcome to the show and look forward to seeing you more on Red Hat Presents. Thanks, Matthew. So for those that missed last week's episode, why don't you give a quick introduction on who you are, what you do here at Red Hat and if you're doing anything exciting right now. I'm a technical marketing manager here at Red Hat. I've been at the company for about five months now. In the past, I've mostly worked in the storage industry and before that I was a sysadmin as well. So I've been using Red Hat probably since, well, I've been using it since undergrad. So what I'm gonna talk about today is Red Hat Satellite and I'm gonna give an introduction to Red Hat Satellite to everybody out there. And it's very timely because yesterday we've released version 6.10 of Red Hat Satellite and yeah, we're very excited about this release. It's almost as if we planned it that way. So Matthew, I'm guessing a lot of the viewers are not really familiar with satellite. What does it do? Why would I wanna have it? What problems is it gonna solve for me as a, you know, as a rel customer? So from the point of view of a systems administrator, a lot of us have had this problem but sometimes when you do a YAM or DNF update what happens if the firewall hasn't been opened or if there's no proxy configured? You can't update your system. There are lots of ways to work around it. The recommended way of doing it at Red Hat is Red Hat Satellite. So what Red Hat Satellite does is, well, and this is not all that it does but it basically provides content. And when I say content, I mean stuff like RPMs, Ansible Collections, even files, stuff like that and just make it available locally. So that from a security point of view there is only one opening in the firewall that has to be opened and you can pull all of the things that you need onto your Red Hat Satellite and then you can manage all of your hosts through Red Hat Satellite. So Red Hat Satellite's not just for enabling hosts to get their updates, you can also provision machines and you can also take advantage of some of our hosted services like insights at console.redhat.com. And just a little plug here for those that don't know, insights will do stuff like look for security vulnerabilities. What else will it do? It will let you know how to fix it. It will provide an Ansible Playbook so that you can do a push button remediation on those vulnerabilities that it finds. Okay, cool. So tell us a little bit about Satellite and the projects it's based on. Is Satellite itself open source or their upstream projects that are providing for Satellite? Absolutely, like all Red Hat products there is an upstream open source combination of these products. So first of all, the content management system is provided by the PULP project. This is all then managed through the Foreman project. We've got Candlepin that allows you to manage subscriptions. And there's a whole bunch of stuff out there. So where Red Hat offers value here is we combine all of these projects and we make sure that they all work together well. And yeah, just ensure that you have the tools that you need to manage your hosts. Sounds good. So Eric had mentioned Satellite 6.10 was just released. I'm actually in the process of upgrading my Satellite server right now. Tell us a little bit about what's new in Satellite 6.10 and what some of the cool new features are. Yeah, so before I get into that, Eric can you pop in the link to the 6.10 software? Yes, I can. And my apologies to our REL YouTubers. We went live in all the right places except on REL YouTube. So that's been corrected now. So welcome to the show. And you wanted the Satellite 6.10 link. Let me put that in. Forgive the host for being out of his mind. There we go. And I know this is an intro show but for all of the people who are already using Satellite and are looking to upgrade, I've had multiple questions on this so far. Go through the upgrade guide and especially I wanna draw attention to a form and maintain command where you have to fix the permissions. Make sure you run that. Otherwise you might find that you'll run into problems. But- I was gonna say that's been my experience as well and working with a lot of customers over the years is if you follow the documentation for upgrading Satellite, things will go pretty smoothly. If you try to just wing it and figure it out on your own, your results might vary. So I would, like Matthew said, I definitely recommend review the documentation. The upgraded procedure is a little bit different with 6.10 than it has been in the past. There's some extra steps like Matthew said so you definitely wanna look at all those steps and make sure you're following the documentation there. And am I sharing my screen? I don't think I am. Or was I and now I'm not. Yeah. Yeah. Welcome to a live show folks. Anything that can't go wrong will go wrong. Okay, so you guys can see that now? Yep. And now soak in our audience. Okay, cool. So like Brian was alluding to just now there are a bunch of additional steps from your regular upgrade. And I'll give you the reasons for that. So I don't wanna spend too long on the new features of 6.10 because this is meant to be an intro show but for those of you looking for a reason to upgrade because I know everybody loves upgrading. We are migrating the backend from pulp two to pulp three. And what that means is the content management system is being upgraded. There's a couple of reasons for that. This is to prepare all of our current customers for a future update to satellite seven dot zero. And so a lot of the, I would say if like in terms of doing an upgrade the most time consuming part of that upgrade we're asking you to do that right now with 6.10. We've included a bunch of migration slash upgrade tooling in six, sorry, let me step back a bit. So in order to upgrade, you're gonna need to make sure you're on the latest what we call Zedstream release of 6.9, so that would be 6.9.7. That includes a bunch of upgrade tooling and in the upgrade manual we'll tell you how to use that upgrade tooling to migrate your pulp two content into pulp three. Without going too deep into it, the upgrade process is now or at least the migration process from pulp two to pulp three is, I'm gonna use this term anyway but it's item potent. So you can run it as many times as you want. You can stop the operation and rerun the operation. It's designed to make the upgrade process as painless as possible. So because it's a very time consuming process we want you to be able to complete it on your own time whenever it's convenient. And once the migration is done the upgrade is very timely. We're estimating it'll take like 20 minutes for you to run after you've upgraded the pulp back in. You mentioned going to stop and restart this upgrade process. So is that something that when I leave the office at six o'clock I can kick this off as I'm walking out the door. And if it's not done say by the next morning when I get into the office around eight or nine a.m. I can stop it that way. My satellite server isn't hung up during the day when we're trying to work with our different environments or. Or even it's actually better than that. So let's say you ignored my advice just now to run the preparation script. Your migration will actually fail. So what you can then do is you can go back and run the preparation script like I asked you to. And then you can kick off the migration all over again and it should complete properly. That's what it's really used for. That's awesome. That's great to have that check and balance in place because I don't know about any of our listeners but I know as a former sysadmin reading the manual was not exactly high on my priority list. It was just go do the thing and move on to the next fire. So one of the reasons why we've made the upgrade process like this is because it takes a long time it's hard to predict how long it's gonna take. We have a command that will do an analysis on your PULP2 backend and give you an estimate but we don't know for sure how long it's gonna take. So let's say we estimated three hours but it really took one hour. And then in between that two hours there were some synchronization updates that were done. You're gonna wanna run that upgrade script one more time before you actually do the switchover to 6.10. That's another reason why you would do that. I think I've spent way too much time on this. Just real quick, we are collapsing like some of the benefits here. We are collapsing the structured data from two databases to one we are getting rid of MongoDB and moving all of that data into Postgres SQL. There is Ansible content support which allows for synchronization of Ansible collections so that you can then synchronize those with your Ansible automation hub. And we've got some disconnected air-gapped content enhancement. So we can permit versioning of the content database. That means you can now do incremental exports of the content to another disconnected satellite. And I think that's all I wanna say about 6.10 so far because this is an intro I wanted to really get into the demo and show you what this all looks like. So, any, do you guys have any questions? Haven't seen anything in chat. Brian, you got anything? No, no, that seemed like a great overview, yeah. Thanks, Matthew. Yeah, no problem. Where is my tab to log in, here it is. So, I'm gonna log in. Using a password manager, always good. Yes. I only make use of the best security practices. That's not true. I usually ignore them. Coming up, I started using a password manager because I was lazy and didn't wanna have to type out my password all the time. I've since adopted more advanced security practices like using 18 character randomly generated passwords. I don't know any of my passwords anymore. So, yeah. I know how to log into my password manager. After that, I got nothing. Exactly. Anyway, this is your friendly REL public service announcement for this episode. Use a password manager. And now back to satellite. So, here we go. This is what, well, this is what you have when you first log in. Gives you an overview of what's happening. What can I say about this? These are the hosts that I have included into my satellite. You guys may have noticed that I am running 6.10. I installed 6.10 yesterday and then I added these hosts and it looks like they work properly. For those people who don't know, satellite six, at least the six branch runs on Red Hat Enterprise Linux 7. We don't have support for REL 8 yet. That is coming with satellite 7.0, which is the next release. You guys may be wondering, well, why is that? They're flat out. The real reason is we don't have time. We need to check it. And there were higher priorities that we needed to work on to dump into satellite 6.10, which is why we currently don't have support for 8.0 of REL yet. So Matthew, what about if I have REL, like REL 8 clients? Oh, no problem with those. REL 8 clients will work. We're also gonna include REL 9 support with 7.0. In other words, REL 9 clients with satellite 7.0. A real quick rundown. One of the first things you're gonna do when you install satellite is you are going to export your subscriptions. In other words, you'll create something called a manifest within access.redhat.com. You'll export that manifest file, and then you'll add it to your satellite. So that way, you now have a remote copy of all of your entitlements. The next thing you're probably going to do is you're going to add a bunch of repositories that you wanna sync down into your satellite. So you can search for any number of repositories. Type it in here. Obviously, this is Red Hat. I shouldn't put that there, actually REL. Anyway, you see all the stuff that's supported for REL 8 right here. I've added the upstream repo and the base OS repo. Once you've done that, you're gonna wanna synchronize them. So the default synchronization mode for Red Hat satellite is to not download the yum packages that you'll associate with the repository. Yeah, this is the one I wanted to show. What the default synchronization mode is gonna pull down all of the metadata associated with those yum packages. And there's a reason for that. It takes a long time and a lot of bandwidth to suck these down. These packages will be pulled through when you add your clients and your clients do an update or they install new yum packages. So, sorry, go ahead. Yeah, so I remember when I used satellite way back in like the 5.4 days that you didn't really have an option. You just, you subscribed to a repository and you had to pull down, like in this case, all 21,000 packages. And like you said, that takes a lot of bandwidth, a lot of disk space. But it sounds like we've kind of gone to an as needed basis. Is that a good way to describe that? Well, that's the default behavior. And I like, I haven't been around here long enough, but if I had to guess the reason why we made that the default behavior is we didn't want to shock any new satellite users into suddenly filling up all their drives with packages. However, I will say, if you really want to, you can synchronize them down fully if you really wanted to. Yeah, and that helps especially with a disconnected environment. Maybe it's not something that's air-gapped, but if it's disconnected or it has, you only want to open up that firewall ports, say when you're refreshing your patching cycle or something, that's a great way to handle that. But as far as most businesses are concerned and my own satellite server here at home, I don't need 21,000 packages sitting on my satellite server. Chances are I'm not going to use 95% of them because I'm not going to get deep into kernel development or I'm not a developer, so I don't need all the different programming languages. So having an always-on connection, it really helps to pull down all the metadata. So it's got that map of dependencies and all that kind of thing. And then when I go to trigger an update from satellite or when I go and install a one-off package from one of my satellite registered clients, it's nice to know that then that client is talking to the satellite server. Satellite is talking to Red Hat CDN and it pulls down exactly the packages and exactly the dependencies that I need. And so you're talking about megabytes worth of space versus gigabytes for something that you're hardly even going to touch ever. And this makes- And just, sorry to interrupt. Go ahead, Brian. I was just going to say that the on-demand repositories makes setting up a new satellite server so much faster. Whereas before, if you had a bunch of repositories, I mean, you could be looking at hours, even days to pull all that content down depending on your connection speed. Whereas with on-demand, it's extremely quick and you can get up and running and start serving that content. And just for a frame of- We just keep walking all over again. Sorry, Eric. That's okay, man. Did either of you ever have a repo sync spreadsheet? When I was running Satellite, I literally had a spreadsheet that was color-coded based on, okay, between 2 a.m. and 3 a.m., we're going to sync Red Hat Satellite or Red Hat REL5 packages. And then between 3 and 4 in the morning, we're going to sync REL6 packages. I mean, we literally had a spreadsheet and it was so tough back in those days that we actually worked with the backup teams to make sure that we weren't going to step on when they were using the storage area network just to make sure that Satellite and backups and all these other things, and it was all spreadsheet-driven. It was miserable. I've only ever worked in environments where my method for gaining access to content was to yell at the network guy to give me access to the proxy or even better, just open up the outgoing connections. But the thing I wanted to draw attention to, I wish I kept interrupting you guys and I'm really sorry about that, just for perspective, the AppStream repository with those 21,000 packages is about 60 gigs. The base OS is probably, I want to say it's about five gigs. But if, yeah. Now, for viewers, you might be saying, well, that's not a big deal. Why wouldn't I want to sync all of these down? And that's an entirely reasonable statement. But for large organizations, when you start including all the extra stuff and by extra stuff, I mean like, I don't know, Ansible, Jboss, all that stuff, it starts to get big pretty quick. And that's not even including custom content that you want to add to satellite. We spent quite a bit of time talking about repos. Shall we get into? Are you about to tell me that satellite does more than just repository management? Well, I wanted to actually show you guys what was going on and how it worked. One of the, so what I'm going to do is jump into activation keys. So I'm going to show you here. I got one for RHEL 7. One of the first things you're going to do after you've pulled your content down is you're going to want to create an activation key. And what you end up doing is with this, this is your activation key right here. I feel comfortable showing this to everybody because if you ran it right now, it wouldn't do anything. Because you're not connected to my satellite. Anyway, this activation key is associated with a bunch of repositories and it's RHEL 7. And I gave it access to all of these repositories. So once you've added it to your host, you'll be able to do updates from those repos. So I'm going to jump into my RHEL host here. My remote RHEL host. Let's hope this works. Said everyone who's done a live demo ever. Yeah. Okay, everybody can see that now, right? Yeah, it's good. So I'm going to do very little typing here actually because it's a live demo. I am, as you can see, this is in EC2. One of the first things I need to do here and you will probably not to do that. You will probably not need to do this in your own environment. But I'm going to remove the Red Hat Update Infrastructure client or Rui as we refer to it. Because I don't want my host updating from Rui. I want it to actually update from satellite. So one more time, just to be clear, this step is probably not necessary in your environment unless you are in Amazon. Then I'm going to do a young clean all. And then I am going to do this, which is to enable subscription manager to manage the repos. Okay, so thus ends the optional stuff. Here's the mandatory stuff. So this is, so you'll see it's running real 8.4. I'm going to join it up to my satellite. This step is very important. And I'll explain what this does. So Catello CA consumer IP, this package. This is a custom package created by my satellite, which then configures subscription manager to point to my satellite. If you don't do this step and you run subscription manager, it's going to point to the Red Hat CDN and start doing stuff off of the CDN. Make sense? Yeah, that sounds good. And now I'm going to use the activation key I created previously. This might take a little bit of time. And once this is, oh, there it is. Once it's completed, we can do a subscription manager repos. You can see here that it is now pointing to the particular IP I have for my satellite within Amazon. So the next step, let's do a YUM update, shall we? It's always a good plan. And if it were me, mostly because I use this as a giant solar camera, any time I'm doing an update or any kind of YUM operation, I usually lead with a YUM clean all just out of sheer paranoia. It seems like when you're doing any kind of maintenance window that it seems like there's always some metadata that's expired or some dependency that hasn't been sorted out. So if you do a YUM clean all and then do a YUM update, it pulls all that stuff fresh. And I'd encourage that even more because you are switching repositories and not just repos, but you're completely changing where that content's coming from. So I haven't noticed in the past. Maybe not so much recently, but I have noticed when switching from Red Hat CDN to a local satellite server that I've run into issues with that before. So just a fun tip. It's kind of like rebooting a Windows machine. Usually a YUM clean all fixes all problems. Brian's laughing. So I know he's seen this before in the wild. Yeah, YUM clean all is a very useful command. Just so you guys know what I'm doing down here is I also have a newly provisioned rel seven box. I'm going to add that as well to my satellite. I am going to apply the rel seven. Oh, you know what I forgot? I did not download the Catello CA and install it. So I read the manual. Exactly. All of these sins, like bad security practices, not reading the manual, running everything as root. Do we even work for Red Hat? Like... Do as we say, not as we do. Yeah. My excuse is this is a live demo. Right, right. Fewer obstacles, the better. Yeah, exactly. Oh, it was unable to find. So this is a good one here. I'm going to draw everybody's attention to this. Don't worry about it, just ignore it. That's what I wanted to do. So I've got everything updating. So all those updates are running. I wanted to point out, if you are on the Twitters, you can follow us at Red Hat rel. That is a newer Twitter handle that we've started, we started up in the past week or so. So you can get news about this show, about Red Hat's Enterprise Linux, events that are upcoming, and anything that may pertain to rel. And I believe Red Hat Satellite has one as well, and I think that's at Red Hat Satellite. And if you want to engage with the show directly, you can tag us on social media, and we've been using hashtag rel presents. So just a little public service announcement. I usually hate when shows do this, but we're, as you can see with some of the new content, some of the new guests, and having a new host and a new co-host shows undergoing a lot of changes. We're growing it. So tell a friend, if you don't have any friends, go out on Twitter, all of your friends are there. So just a quick public service announcement. Of course, like and subscribe to the episode. So it looks like your rel 8 box is getting close to being updated. Yeah, it's thinking about it. Yeah, I love that. It always gets to the last action, and it's like, do I really want to be done? Am I sure? Let me think about this. Unless one Lopez has already hacked into my satellite. So Matthew, while this is running, how do content views affect deep like these kind of updates you're doing? How does that work? Right, so just to sum it up real quick. Let's say you have rel 7 repos, you have rel 8 repos, you have rel 6 and rel 5 repos. You don't want, and then one of the things you can do, which I don't recommend doing, is you can make them all available under one activation key. Do you really want all of those repos available to anyone in your network that has that activation key? I, there's, I mean, you certainly can. I don't know if it's bad, but at the same time, if you really wanted to, and let's say you are a very controlling SysAdmin, we give you the choice to create a subset of all of those repos. In other words, a subset of that content, so that you can associate that with an activation key. So just to reiterate, content views are for creating access subsets to your content. So that not all of it is given to everybody. Yeah, and another, another way I've talked about this before too is, it's freezing that content at a point in time, right? So like a situation you want to avoid, let's say you have like three environments, you know, dev test and prod in your environment, and you're gonna go ahead and patch, you know, you're gonna update dev today, okay? And then two weeks later, you know, now I wanna update test. Well, if you're not using satellite and not using content views, in those two weeks that have passed there might be additional updates you've got, you're getting now in your test environment from RHEL that we've released in those two weeks. Okay, and let's say two weeks later, now you go to update prod. And again, if you're not using satellite, you just do a YUM update, it's gonna pull the latest content. There could even been a minor release, it could have gone from 8.4 to 8.5 in those two weeks that have passed. And now you're installing RHEL 8.5 in prod, and you've never tested that out in your dev and test environment. So with a content view, you can, you take that, you make a content view, it's that point in time snapshot, and you update all three environments, dev test and prod from that same content view, and they get the exact same access to content. And so you're not having that situation where prod is getting later content than dev or test. That's exactly what I was gonna say, Brian, thank you. And then, and one other cool feature I'll throw with content views that I really like is you can exclude content too. So say, like the Emacs package, for example, you could exclude that from your content view. And so your users couldn't install that. So if there's certain packages you wanna exclude out of there. Just so you guys can see, I have finished updating my RHEL 8.8 host and I'm just rebooting it. I'll just log back in again. If you look at RHEL presents episode 24 from two weeks ago, you're gonna actually see Matthew, Don, Scott, and myself talking about RHEL 8.5 and all the cool new stuff. And Matthew even gave an impromptu demo of system roles. So definitely go check that out as the system's rebooted. I am going to switch over to the satellite interface, satellite UI, because I'll tell you guys what I'm gonna do next. Can you guys see that? We can't help. Cool, okay. So both hosts should be showing up now as they both are. So that's my RHEL 8.8 host and my RHEL 7.8 host. A note about this, you may recall earlier, I did a cat at the Red Hat release and it showed Red Hat 8.4 while now it's showing 8.5 because I've done a reboot and an update and a reboot. Why isn't it logged in yet? It's still booting and that's the new version. My RHEL 7.8 host is currently updating, but it's not complete. So it's going to take some time before it's ready. We've got 15 minutes left. I wanted to show one more cool feature and that's remote execution. What I'm gonna do with remote execution is install the insights client. And what that means is I'll be able to use or view the client at some point on console.redhat.com and use insights to take a look at what's wrong with it. Or I can even look through here through the insights interface, which is where is insights? Yeah, right there and go back to, yeah, right here, that's right. Oh, I haven't configured this yet. I'll do that later. So before we move on to the next leg, David in the YouTube chat actually had a good question. Do you have any comments on install and configuration of a disconnected satellite server? So I've never done this myself, but here's how I think I would do it. I would have my satellite server. I would have two satellite servers installed and through a connected network. So then I would disconnect the, shall we say the disconnected satellite server, move it into the air-gapped environment. And yeah, that would probably be it. Now, after you've done the initial installation, you can then use, it's a hammer CLI command to do the export of the content from the primary satellite, primary online satellite, and then walk it over to your disconnected satellite. Yeah, and we have documentation that talks a lot about that. It's called inter-satellite sync or ISS. I don't know if that's a play on the whole space and satellite thing, but anyways, yeah, inter-satellite sync, it's documented how to do, export the content imported in there on your disconnected satellite server. So just to show you what, okay, I'm gonna go back and start this over again because I don't think I'm doing a very good job explaining what's going on here. So I'm in the hosts view, all hosts. I'm gonna click on this host here. These two hosts, 29.5 and 29.6, both don't have the insights client installed yet. And then what I'm gonna do is edit this host and I'm going to, you know what, I don't think I have imported the rules yet. No, I haven't. Okay, so this is a really fresh version of satellite that I have running. What I'm about to do is one of the initial steps you're gonna run yourself after you've done an installation. So one of those is to import the Ansible rules. And for those of you that don't know, Red Hat Satellite comes with a few default rules or playbooks and it's also compatible with our other favorite product, Red Hat Enterprise Linux system rules, which I actually know I have installed on here. That's Brian's baby right now. Yeah, we did just publish a blog on how to use system rules with satellite. So if you wanna get more information on that, I'll try to post that here in the chat. So I'm gonna add the Red Hat Insights client to the server and now I'm gonna go back and run that rule against the server. So again, just in case you didn't see it, go to hosts, all hosts, select the host, click on edit, click on Ansible rules, and then add this or assign it to this host. And now I'm gonna run it. So run the Ansible rule and that's gonna install the client. You can see the progress by clicking on the host name there and this is expected, it's unreachable. That's because for those that don't know, Ansible requires SSH, well it uses SSH and I haven't imported the public key from the satellite server into my host yet. So I gotta do that and you do that by, I'm gonna swap screens again. Yeah, I got you. Okay, and I'm gonna swap over to my terminator. And as root, you do that. You can also use SSH copy dash ID to do it, which is probably a better way of doing it than what I just did. But there's instructions on this in Brian's blog actually. So I'm gonna go back to the satellite interface. That's keeping me on my toes today. Okay, I'm going to rerun this job. The reason why you see me going, hmm, is because I was actually looking for this button. Rerun, I'm gonna submit it and I'm gonna click on the host name. Here we go. That's looking good. So remote execution is really handy. You can basically do anything and apply it to any number of hosts. So let's say you had a hundred hosts, you could remote execute against all hundred of them, which means that you can also run commands like yum install or DNF install, some kind of package and install that on your host. I'm gonna, in the background here, I'm gonna log into my rel 7 host and I'll show you one more thing. And I think the power of satellite comes in from a lot of the different tools that the Red Hat has been expanding on between system roles, image builder, satellite. I mean, if you look at a green field infrastructure nowadays, it would be so easy to create all the stuff using infrastructure's code, golden images, and just lay all this stuff out, set up different roles and profiles in satellite, have your content views, which we didn't go too deep into on this episode, but having all those things, you could literally tear down your entire infrastructure and with the click of a button, rebuild it from basically nothing. Just use image builder to create a template, have that image builder image tie into your satellite system. So when it first boots your system registers with insights and with satellite, and then you can use remote execution, you can use scheduled jobs, you can use different profiles to, using profiles is a generic term to define that this is gonna be a database server. So my database users need to have access to it. It needs these additional repositories for this database and basically just sitting back as an operator, instead of as a systems administrator, I don't have to go in and do this on 500 servers anymore. Instead, it really is a step closer to that dream of having infrastructure as code and having an infrastructure that is the same across every platform, across every infrastructure base, whether that's virtual bare metal cloud, or some kind of hybrid of all the above. This just gets so powerful as a systems administrator. And Eric, another, just on that train of thought, we also know how the satellite ansible collection that's supported, and you can use that to write code to implement your satellite. So we know, automate the installation and configuration of your satellite resources, either repositories, all the steps that Matthew was showing earlier of enabling the repositories, you can enable that through a playbook using that satellite ansible collection. Yeah, that's a great point. And just before we finish this live stream, I'm going to install VIN on these two hosts that I just configured. And you do that by going back and, well, there's multiple ways of doing it. For the purposes of this demo, I'm just gonna show you how to do it by going to all hosts, clicking on the two hosts that you want, going to schedule remote job, and it's a command we want to run. It'll run it through SSH. The command we'll run is uninstall minus y VIN. And hopefully this works. Yeah, this is working. Cool, right? So I'm gonna hit back. I'm gonna go to the other host. Oh, it's all a lot of stuff here. And it's done. But to your point, imagine having to do that same process across 100 nodes. Instead, you just clicked it and ran it once and you came in and we shouldn't. But as technologists, we were actually surprised it worked on the first try. This is a live demo. That's why I'm surprised it all works. And that's all I wanted to show today. We've got a couple of minutes left and Rope9, or R-Hope9 probably put a good comment into chat about how all this works well using these different tools but that's what containers excel at. Brian or Matt, do you have a comment? I kind of posted in chat that it's just another way of getting to the same place. We all know that within technology, there's a hundred ways to do any one thing. But do you wanna talk to the container story specifically? I'll give, if you don't mind, I'll go real fast and I'll go first, Brian. You know, a common gripe I hear with customers is they all wanna do containers but they don't know what to use them for. So yeah, absolutely use containers. And if you work for a business that's been around, has lots of hosts, has a real critical need for advanced infrastructure, absolutely go for it. But not everybody's gonna be like you is what I'm gonna say. And not everybody is gonna understand how to use containers, how to build a CI CD pipeline. I mean, a lot of people out there, I don't know. How many businesses are using some form of Git or GitHub internally to manage their source code? I think it should be all, but I don't think that's always the case. Brian, what do you think? Before I hand it over to Brian, I wanted to add just one quick comment on that. One of the things that I kind of heard in between the lines of what you're saying was with something like Podman and containers, there seems to be a threshold somewhere. And it comes up a lot quicker than you think where just managing Podman containers by hand starts to get it out of hand. It starts to become untenable. And that's when you start thinking about something like an orchestrator, something like Red Hat OpenShift or just straight Kubernetes. So while running three or four containers may be great while even running a dozen containers on a single node or a couple of different nodes may work to begin with, it's one of those things that can quickly get out of hand, especially with something as small and as prolific as a container. So using something like satellite in an existing infrastructure would definitely help. I look at it as almost a spectrum of not everyone's going to use containers at all. Some people will have three or four and that's enough for them. Other people start out using a couple and then within a couple of quarters they realize that we have a thousand containers no way to schedule any of them. We need an orchestrator. So that's kind of what I heard as you were talking about. Go ahead Brian. But also, so I got one more wrench to throw in the works here. If you need persistent storage, how many people know how to manage that? Right, it is a different skill set required for sure. Yeah, so I mean someone's gonna say, hey, I'm gonna use an object storage system for persistent storage. How many organizations out there actually have some sort of object storage locally to manage all this stuff? Anyway, sorry, Brian, what do you think? Yeah, I think you guys covered it really well. I mean the key takeaway is if you wanna run just rel, we have that covered. If you wanna run some containers, we have Podman and if you wanna do a lot of containers we have OpenShift. So no matter where you're at, if you wanna use containers, don't wanna use containers, we have solutions to help you out with that. Well it's that, we are at the top of the hour and I wanted to first off, thank you Matt very much for coming on to two episodes in a row and talking about satellite. I know that this was long overdue, 25 episodes before we even mentioned, before we even demoed satellite. I know we've mentioned it in passing, but thank you so much for coming on back-to-back episodes and demoing different pieces of satellite. In fact, if you watch this episode, please post in the comments. We've been toying with the idea of doing a satellite like mini series and just kind of touching on some of the different major categories of satellite. So if you'd be interested in a satellite-focused mini series, put it in the comments, put it in our Discord server, and then I would be remiss if I didn't promote our next episode. And in two weeks, join Brian Smith and FatherLinux himself, that's his Twitter handle, Scott McCarty. He is another, he's one of the product managers here at Red Hat. We are going to talk about all things containers, so we're gonna talk about Podman. There is a question about, there's a question about logging with Podman. So come back in two weeks, same time, same channels, and we'll promote that. But I did want to add that there is a little bit of a twist to our look at Podman. With it being the beginning of December, and we're kind of winding down for the year, we're all kind of looking forward to that extended break at the end of December, we're gonna add a little bit of a fun twist to it, and we're going to deploy a gaming server on using Podman. So we haven't decided which one, whether that's Minecraft or something else, but definitely something I'm looking forward to. It'll be a great conversation, and Scott is a lot of fun. So tune back in in two weeks, and we'll have that episode. Brian, any closing thoughts before we get out of here? No, I just think so much, Matthew, this was awesome. No problem, I really enjoyed it. I hope to be back on again sometime. Well, I've already gotten a vote in chat that the Penguin Whisperer would like a satellite mini-series. So if the Penguin Whisperer says we should have a satellite mini-series, we probably should. But we'll look at doing that sometime next year. But until then, thank you all so much for joining us. Be sure to like and subscribe this video and our channel, join us every two weeks. And definitely follow us on Twitter at Red Hat Rel, and you can follow Satellite at Red Hat Satellite, both on Twitter. Brian, Matt, thank you guys so much, and we'll see you all in two weeks.