Sebastian Baszcyj - 24.04.202020200424

How to Add Ansible Roles to Satellite 6.4 and 6.5

Satellite 6 has been initially released with the Open Source version of the Puppet to provide the config management in the managed Red Hat fleet. In the meantime, Red Hat acquired Ansible. Users of the Satellite had to wait until Satellite 6.4 to finally see full integration with the Ansible. But what can Satellite do with the Ansible? A short answer is: pretty much everything that is possible with the Puppet and more.

This blog presents how the Ansible Roles can be added to the Satellite 6.4 and how they can be used for the config management and more (and by more, I mean Insights).

With the release of the Satellite 6.4, Ansible is finally installed on the Satellite server itself. Wait … actually, there is a new repository:


But let’s get to it.

The recommendation is to install a few system roles, which Red Hat conveniently packaged for us.

You can do it executing the following command on the Satellite server:

yum install rhel-system-roles

Once you installed the system roles, you can find some Red Hat prepared Ansible roles under:


Remember this location as this is the directory where your own roles will be copied to.

To add them to Satellite, navigate to the Satellite and log in as … preferably admin or other user with enough system privileges.

1. Navigate to Configure –> Ansible –> Roles

2. In the right upper corner, select ‘From satellite or capsule name’:

3. You will see the list of the Ansible roles available under /usr/share/ansible/roles. Select the roles you are interested in and click ‘Update’

4. The following list (except roles starting with ^seb.*) are the roles provided by Red Hat:

5. I recommend using RedHatInsights.insights-client role as it installs and configures Insights on the servers if you are entitled to Insights (Smart Management Sub).

6. Once the roles are imported, you have several options. If you want to use them on one server only, navigate to Hosts –> All Hosts. Click ‘Edit’ next to the selected host:

7. Click on the Ansible Roles tab and select roles you would like to be executed against your host. Click Submit … The role(s) have been added to your host.

8. After clicking Submit button, you will be taken to Server Details. Click Run Ansible roles button to execute the start the Ansible roles against the given host:

9. You will be taken to another view, where you can monitor the Ansible role run. Alternatively, you can navigate to Monitor –> Tasks and select ‘Remote action: Run ansible roles on your_host’:

10. The Task view provides you with the output from all the Ansible Tasks. Note that the roles are executed in the order you added them to the list:

11. What about variables? Variables are set for host, hostgroups etc.

Additional notes:

1. Satellite is using the foreman-proxy ssh key to authenticate to the remote systems by default.

2. Satellite will run the Ansible roles periodically against the server(s), so it is mandatory to either remove the roles from the host after the successful run, or making sure your role is idempotent.

3. The role does not require inventory file.

4. The role requires hosts: all to be set and the role name. For example:

– hosts: all
– { role: seb-system-roles.rh-config }

5. Other Ansible variables etc are honoured.

6. Keep in mind that you should define default values for all your variables under defaults to ensure your Ansible role is executed correctly even if one of the variables is not defined in Parameters.

Given you now mastered the Ansible roles in Satellite – happy administration 🙂

Should you have any questions – please let me know.

Join the Insentra Community with the Insentragram Newsletter

Hungry for more?