Contents
In order to utilize most enterprise-class features of SUSE Manager, configuration of the latest client applications is required. Obtaining these applications before the client has registered with SUSE Manager can be difficult. This paradox is especially problematic for customers migrating large numbers of older systems to SUSE Manager. This chapter identifies techniques to resolve this dilemma.
![]() | |
We strongly recommend that clients connected to a SUSE Manager Proxy Server or SUSE Manager Server be running the latest update to ensure proper connectivity. Additionally, if client firewalls are configured, ports 80 and 443 should be open for proper functionality with SUSE Manager. |
The Package Updater, yum
and optionally Network Registration Client
(rhn_register
) on Red Hat Enterprise Linux
(up2date
on earlier RHEL versions) are prerequisites
for using much of SUSE Manager enterprise functionality. It is crucial to
install it on client systems before attempting to use SUSE Manager Proxy
Server or SUSE Manager Server in your environment.
There are several sensible approaches to accomplish this update of the
SUSE Manager client software. One of which involves storing the RPMs in a
location that is accessible by all client systems and deploying the
packages with the simplest command possible. In nearly all cases, a
manual deployment of yum, pup
, and rhn_register
(up2date
for earlier version of Red Hat Enterprise Linux) do not need
to be performed. Those client tools should have no issues connecting to
your SUSE Manager or Proxy environment. These discussion below assumes that
the "out of box" yum, pup
, and rhn_register
(or up2date
) are not the latest and do not work for your environment.
Remember, only systems running Red Hat Enterprise Linux 5 systems must have registered with SUSE Manager in firstboot after installation or use the rhn_register . Systems running Red Hat Enterprise Linux 4 can use the registration functionality built into the Red Hat Update Agent.
This document presumes that the customer has installed at least one
SUSE Manager Server and/or SUSE Manager Proxy Server on their network. The
example below demonstrates a simple approach of deploying
yum
, pup
, and rhn_register
(or up2date
) for the first time by an administrator assuming the machines
do not already have a working Novell Customer Center setup. The administrator has
populated the /srv/www/htdocs/pub/
directory with a
copy of the yum, pup
, and rhn_register
(or up2date
) RPMs that the client systems need, and then has simply
deployed those RPMs onto the client systems with a simple rpm
-Uvh command. Run from a client, this command installs the RPMs
to that client, assuming the domain name, paths, and RPM versions are
correct (note that this command has been split into
multiple lines for print and PDF purposes but should be typed as one line
at a shell prompt):
rpm -Uvh http://your_proxy_or_sat.your_domain.com/pub/rhn-setup-0.4.17-8.el5.i386.rpm http://your_proxy_or_sat.your_domain.com/pub/yum-3.2.8-9.el5.i386.rpm http://your_proxy_or_sat.your_domain.com/pub/pirut-1.3.28-13.3l5.noarch.rpm
Keep in mind that the architecture (in this case,
i386
) may need to be altered depending on the
systems to be served.
Not every customer must connect securely to a SUSE Manager Server or
SUSE Manager Proxy Server within their organization. Not every customer
needs to build and deploy a GPG key for custom packages. (Both of these
topics are explained in detail later.) Every customer who uses SUSE Manager
Server or SUSE Manager Proxy Server must reconfigure the Red
Hat Update Agent (up2date
) and possibly the Red Hat Network Registration
Client (rhn_register
) to redirect it from Novell Customer Center to their SUSE Manager Server or
SUSE Manager Proxy Server.
![]() | |
Although this is not configurable, note that the port used by the
up2date
is 80 for HTTP and 443 for secure HTTP (HTTPS). By
default, |
By default, the rhn_register and up2date refer to the main SUSE Manager Servers. Users must reconfigure client systems to refer to their SUSE Manager Server or SUSE Manager Proxy Server.
Note that the latest versions of the Red Hat Update Agent can be configured to accommodate several SUSE Manager Servers, thereby providing failover protection in case the primary server is inaccessible. Refer to Section 2.2.4, “Implementing Server Failover” for instructions on enabling this feature.
The next sections describe three methods of configuring the client systems to access your SUSE Manager Server or SUSE Manager Proxy Server: using an Activation Key, up2date --configure, and manually updating the configuration files.( To see how virtually all reconfiguration can be scripted, see Chapter 6, Manually Scripting the Configuration.)
Novell recommends using activation keys for registering and configuring client systems that access SUSE Manager Proxy Server or SUSE Manager Server. Activation keys can be used to register, entitle, and subscribe systems in a batch. Refer to the section "Activation Keys" in the SUSE Manager Server Reference Guide for more information on activation keys.
Registering with an activation key has four basic steps:
Generate an Activation Key.
Import custom GPG keys.
Download and install the SSL Certificate RPM from the
/pub/
directory of the SUSE Manager Proxy Server or
SUSE Manager Server. The command for this step could look something like
this:
rpm -Uvh http://your-suse_manager-FQDN/pub/rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm
Register the system with your SUSE Manager Proxy Server or SUSE Manager Server. The command for this step could look something like:
rhnreg_ks --activationkey mykey --serverUrl https://your-suse_manager-FQDN/XMLRPC
Alternatively, most of the above steps can be combined in a shell script that includes the following lines (note that this command has been split into multiple lines for print and PDF purposes but should be typed as one line at a shell prompt).
wget -0 - http://your-suse_manager-FQDN/pub/bootstrap.sh | bash && rhnreg_ks --activation-key my_key --serverUrl https://your-suse_manager-FQDN/XMLRPC
The bootstrap script, generated at installation and available for both SUSE Manager Server and SUSE Manager Proxy Server, is such a script. The script and the mgr_bootstrap that generates it are discussed in detail in Chapter 5, Using Bootstrap.
![]() | |
Systems running Red Hat Enterprise Linux 2.1 and versions of Red Hat Linux prior to 8.0 may experience problems using Activation Keys to migrate SSL certificate settings from rhn_register to up2date . Therefore, the SSL certificate information on those systems must be set manually. All other settings, such as the server URL, transfer properly. |
The Red Hat Update Agent in Red Hat Enterprise Linux 3 and 4 provides an interface for configuring various settings. For full listings of these settings, refer to the up2date manual page (man up2date at a command line).
To reconfigure the Red Hat Update Agent, issue the following command as root:
up2date --configure
You are presented with a dialog box offering various settings that may
be reconfigured. In the General tab, under
Select a SUSE Manager Server to use
replace the default value with the fully qualified domain name (FQDN) of
the SUSE Manager Server or SUSE Manager Proxy Server, such as
https://your_proxy_or_susemgr.your_domain.com/XMLRPC
.
Retain the /XMLRPC
at the end. When
finished, click .
Make sure you enter the domain name of your SUSE Manager Server or
SUSE Manager Proxy Server correctly. Entering an incorrect domain or
leaving the field blank may prevent up2date
--configure from launching. This may be resolved, however, by
editing the value in the up2date
configuration file. Refer to
Section 2.2.3, “Updating the Configuration Files Manually” for precise instructions.
![]() | |
Systems running Red Hat Enterprise Linux 3 or 4 have registration functionality built into the Red Hat Update Agent and therefore do not install the Red Hat Network Registration Client. Systems on Red Hat Enterprise Linux 5 do not use up2date , and need rhn_register to register their systems to SUSE Manager and yum and pup to update their packages. |
As an alternative to the GUI interface described in the previous section, users may also reconfigure the Red Hat Update Agent by editing the application's configuration file.
To configure Red Hat Update Agent on the
client systems connecting to the SUSE Manager Proxy Server or SUSE Manager
Server, edit the values of the serverURL and
noSSLServerURL settings in the
/etc/sysconfig/rhn/up2date
configuration file (as
root
). Replace the default URL with the fully qualified domain name
(FQDN) for the SUSE Manager Proxy Server or SUSE Manager Server. For example:
serverURL[comment]=Remote server URL serverURL=https://your_primary.your_domain.com/XMLRPC noSSLServerURL[comment]=Remote server URL without SSL noSSLServerURL=http://your_primary.your_domain.com/XMLRPC
![]() | |
The |
Beginning with up2date-4.2.38
, the Red
Hat Update Agent can be configured to seek updates from a
series of SUSE Manager Servers. This can be especially helpful in
sustaining constant updates if your primary SUSE Manager Proxy Server or
SUSE Manager Server may be taken offline.
To use this feature, first ensure that you are running the required
version of up2date
. Then manually add the secondary servers to the
serverURL and noSSLServerURL
settings in the /etc/sysconfig/rhn/up2date
configuration file (as root
). Add the fully qualified domain names
(FQDN) for the Proxy or SUSE Manager immediately after the primary server,
separated by a semicolon (;). For example:
serverURL[comment]=Remote server URL serverURL=https://your_primary.your_domain.com/XMLRPC; https://your_secondary.your_domain.com/XMLRPC; noSSLServerURL[comment]=Remote server URL without SSL noSSLServerURL=http://your_primary.your_domain.com/XMLRPC; https://your_secondary.your_domain.com/XMLRPC;
Connection to the servers is attempted in the order provided here. You can include as many servers as you wish. You may list the central SUSE Manager Servers, as well. This makes sense, however, only if the client systems can reach the Internet.
Red Hat Enterprise Linux 5 features a running program on the graphical desktop panel that periodically checks for updates from SUSE Manager server and will alert users when a new update is available.
The Package Updater Applet stays in the notification tray of the desktop panel and checks for new updates periodically. The applet also allows you to perform a few package maintenance tasks from the applet by clicking the notification icon and choosing from the following actions:
Refresh — Check SUSE Manager for new updates
View Updates — launches the Package Updater application so that you can see any available updates in more detail and configure the updates to your specifications
Apply Updates — Download and Install all updated packages.
Quit — close the applet
The Network Alert Notification Tool, the round icon in the panel of your Red Hat Enterprise Linux 3 or 4 desktop, can be configured on systems running Red Hat Enterprise Linux 3 or later to recognize updates available from custom channels on your SUSE Manager Server. You must ensure the SUSE Manager Server is configured to support this feature. (SUSE Manager Proxy Server supports the applet without modification of client or server.) The steps to configure the Network Alert Notification Tool are as follows:
Ensure that your SUSE Manager Server is version 1.2 or later and that you
have the
rhns-applet
package installed on the SUSE Manager. The package
can be found in the SUSE Manager software Channel for versions 1.2 and
newer.
Retrieve the mgr-applet-actions
package with up2date
or through the Tools software channel. Install the package
on all Red Hat Enterprise Linux 3 and newer client systems to be
notified of custom updates with the Network Alert
Notification Tool. The client systems must be entitled to
the Management or Provisioning service levels.
Within the SUSE Manager's version of the Novell Customer Center website, go to the System Details page for each system and click the link within the RHN Applet area to redirect the Network Alert Notification Tool to the SUSE Manager.
The next time the applet is started, it will apply its new configuration and connect to the SUSE Manager Server for updates.