Chapter 3. Requirements

Contents

3.1. External Database Requirementsdebranded, RFC
3.2. Additional Requirementsdebranded
3.3. Additional Documentationrevised

For requirements and prerequisites to be met before installation, refer to Section “System Requirements” (, ↑Quick Start) and Section “Prerequisites” (, ↑Quick Start). If you want to use SUSE Manager with an external database, refer to Section 3.1, “External Database Requirements”.

3.1. External Database Requirements

This section applies only to SUSE Manager if used in conjunction with a stand-alone database as the requirements for the embedded database are included in Section “System Requirements” (, ↑Quick Start). The stand-alone Database must not run on the same server as the SUSE Manager.

A single 6 GB tablespace is recommended as more than sufficient for most installations. It is possible for many customers to function with a smaller tablespace. An experienced Oracle database administrator (DBA) will be necessary to assess sizing issues. However, keep in mind that the exact size of the database depends on many factors, like number of systems managed, numbers of packages installed on the average system, and numbers of packages imported. If you have 1000 packages this needs approximately 100 MB in the database. Due to these factors, database storage may grow rapidly.

Although you should be generous in your database sizing estimates, you must consider that size affects the time to conduct backups and adds load to other system resources. If the database is shared, its hardware and spacing are entirely dependent on what else is using it.

Additionally, block sizes must be a minimum of 8 KB for SUSE Manager to install properly.

The Oracle database should have a user assigned to SUSE Manager with full DDL and DML access to that user's default tablespace. The user needs standard connection information for the database at the time of installation.

The precise access levels required by the Oracle user are as follows:

  • ALTER SESSION

  • CREATE SEQUENCE

  • CREATE SYNONYM

  • CREATE TABLE

  • CREATE VIEW

  • CREATE PROCEDURE

  • CREATE TRIGGER

  • CREATE TYPE

  • CREATE SESSION

Additional database requirements include:

  • Security Identifier (SID)

  • Listener Port

  • Username

  • UTF-8 character set

Two additional suggested recommendation for user's default tablespace include:

  • Uniform Extent Size

  • Auto Segment Space Management

[Note]

Ensure that the NLS/charset setting is set to "UTF8"' when using an external database, not 'AL32UTF8' or other charsets. Using other charsets may lead to problems later.

The disk layout on the database machine is independent of SUSE Manager and entirely up to the customer.

3.2. Additional Requirements

The following additional requirements must be met before the SUSE Manager installation:

[Important]Network Setup

For correct installation and setup of SUSE Manager, make sure the following requirements are fulfilled:

Fully Qualified Domain Name (FQDN)

The system on which to install SUSE Manager must resolve its own FQDN properly. If this is not the case, cookies will not work properly on the Web interface.

Hostname and IP Address

To guarantee that SUSE Manager's domain name can be resolved by its clients, the server and the client machines must be linked to a working Domain Name Server (DNS) server in the customer environment.

The hostname of the SUSE Manager server must not contain uppercase letters as this might cause jabberd to fail.

  • Full Access

    Client systems need full network access to the SUSE Manager solution's services and ports.

  • Firewall Rules

    We strongly recommend firewalling the SUSE Manager solution from the Internet.

  • Synchronized System Times

    The connection to the Web server via Secure Sockets Layer (SSL) requires correct timing of both server and clients. For this reason, SUSE Manager server and all client systems must use NTP. If SUSE Manager is used in conjunction with a stand-alone database, the machine of the separate database must be set to the same time zone as SUSE Manager.

  • An Novell Customer Center Account

    For using SUSE Manager, you need an account at the Novell Customer Center (NCC) where your purchased products and product subscriptions are defined.

  • Backups of login information in multiple secure places

    Record all relevant usernames, passwords and other login information. For SUSE Manager, this includes usernames and passwords for the Organization Administrator account , the primary administrator account on SUSE Manager itself, SSL certificate generation, and database connection (which also requires a SID, or net service name). We strongly recommend this information be copied onto two separate electronic media, printed out on paper, and stored in a fireproof safe.

In addition to these requirements, it is recommended to configure SUSE Manager in the following manner:

  • The entire SUSE Manager solution should be protected by a firewall if the SUSE Manager server accesses or is accessed via the Internet. An Internet connection is not required for SUSE Manager servers running in completely disconnected environments.

  • All unnecessary ports should be firewalled off. Client systems connect to SUSE Manager over ports 80, 443, and 4545 (if monitoring is enabled). In addition, if you plan to enable the pushing of actions from SUSE Manager to client systems, as described in Section 6.11, “Enabling Push to Clients”, you must allow inbound connections on port 5222. Finally, if SUSE Manager will also push to a SUSE Manager proxy, you must also allow inbound connections on port 5269.

  • No system components should be directly, publicly available. No user other than the system administrators should have shell access to these machines.

  • All unnecessary services should be disabled using chkconfig.

  • The httpd service should be enabled.

  • If SUSE Manager serves monitoring-entitled systems and you wish to acknowledge via email the alert notifications you receive, you must have installed and configured a mail transfer agent such as sendmail or postfix to properly handle incoming mail. This can be done with YaST.

3.3. Additional Documentation

Apart from this Installation Guide, more documentation is available (as a reference or tailored to specific administration tasks). For an overview, refer to About This Guide.