Table of Contents
Advertisement
20
Red Hat recommends your RPMs be signed by a custom GNU Privacy Guard (GPG) key. Make
•
the key available so you may refer to it from the script. Generate the key as described in the RHN
Channel Management Guide and place the key in the
Server, per Chapter 4 Importing Custom GPG Keys.
If you wish to use the script to deploy your CA SSL public certificate, have the certificate or the
•
package (RPM) containing that certificate available on that RHN Server and include it during script
generation with the
Have the values ready to develop one or many bootstrap scripts, depending on the variety of
•
systems to be reconfigured. Since RHN Bootstrap provides a full set of reconfiguration options,
you may use it to generate different bootstrap scripts to accommodate each type of system. For
instance,
bootstrap-web-servers.sh
bootstrap-app-servers.sh
Bootstrap Options for the complete list.
5.2. Generation
Now that all of the necessary components are in place, you may use RHN Bootstrap to generate
the required scripts. Log into the RHN Server as root and issue the
followed by the options and values you desire. If no options are included, a
will be created in the
server, including hostname, the SSL certificate, it if exists, SSL and GPG settings, and a call for the
client-config-overrides.txt
At a minimum, Red Hat strongly recommends your scripts also accommodate activation keys, GPG
keys, and advanced configuration options, in the following manner:
Use the
•
--activation-keys
ments identified in Section 5.1 Preparation.
Use the
•
--gpg-key
wise, use the
--no-gpg
retaining this security measure.
Include the
•
--allow-config-actions
client systems touched by the script. This feature is useful in reconfiguring multiple systems simul-
taneously.
Include the
•
--allow-remote-commands
Like configuration management, this feature aids in reconfiguring multiple systems.
When you're done, your command will look something like this:
rhn-bootstrap --activation-keys KEY1,KEY2 \
--gpg-key /var/www/html/pub/MY_CORPORATE_PUBLIC_KEY \
--allow-config-actions \
--allow-remote-commands
Obviously, include the actual key names. Refer to Section 5.4 RHN Bootstrap Options for the com-
plete list of options.
5.3. Script Use
Finally, when you're finished preparing the script for use, you're ready to run it. On the RHN Server,
navigate to the
/var/www/html/pub/bootstrap/
tering the hostname and name of the script as needed to suit system type:
option. Refer to Chapter 3 SSL Infrastructure for details.
--ssl-cert
can handle the application servers. Consult Section 5.4 RHN
subdirectory that contains the essential values derived from the
bootstrap/
file.
option to include keys, taking into account the entitlement require-
option to identify the key path and filename during script generation. Other-
option to turn off this verification on client systems. Red Hat recommends
Chapter 5. Using RHN Bootstrap
/var/www/html/pub/
might be used to reconfigure your Web servers, while
flag to enable remote configuration management on all
flag to enable remote script use on all client systems.
directory and run the following command, al-
directory of the RHN
command
rhn-bootstrap
bootstrap.sh
file
Advertisement
Table of Contents
