1. Manuals
  2. Brands
  3. Red Hat Manuals
  4. Software
  5. NETWORK SATELLITE 5.1.1 - RELEASE NOTES
  6. Installation manual

Red Hat NETWORK SATELLITE 5.1.1 Installation Manual

Hide thumbs Also See for NETWORK SATELLITE 5.1.1:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Reference Manual
Red Hat Network
Satellite 5.1.1
Installation Guide
Red Hat Network Satellite

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the NETWORK SATELLITE 5.1.1 and is the answer not in the manual?

Questions and answers

Related Manuals for Red Hat NETWORK SATELLITE 5.1.1

Summary of Contents for Red Hat NETWORK SATELLITE 5.1.1

  • Page 1 Red Hat Network Satellite 5.1.1 Installation Guide Red Hat Network Satellite...
  • Page 2 Installation Guide Red Hat Network Satellite 5.1.1 Installation Guide Red Hat Network Satellite Edition 5.1.1...

  • Page 3: Table Of Contents

    1. Introduction 1.1. Red Hat Network ......................1 1.2. RHN Satellite Server ....................1 1.3. Terms to Understand ....................2 1.4. How it Works ....................... 3 1.5. Summary of Steps ....................... 4 1.6. Upgrades ........................6 2. Requirements 2.1. Software Requirements ....................7 2.2.
  • Page 4 Installation Guide 8. Maintenance 8.1. Managing the Satellite Service ..................53 8.2. Updating the Satellite ....................53 8.3. Backing Up the Satellite ..................... 54 8.4. Using RHN DB Control ....................55 8.4.1. DB Control Options ..................55 8.4.2. Backing up the Database ................. 56 8.4.3.

  • Page 5: Introduction

    Chapter 1. Introduction RHN Satellite Server provides a solution to organizations requiring absolute control over and privacy of the maintenance and package deployment of their servers. It allows Red Hat Network customers the greatest flexibility and power in keeping servers secure and updated. Two types of RHN Satellite Server are available: One with a stand-alone database on a separate machine and one with an embedded database installed on the same machine as the Satellite.

  • Page 6: Terms To Understand

    Chapter 1. Introduction Advantages of using RHN Satellite Server include: • Security — an end-to-end secure connection is maintained from the client systems to the RHN Satellite Server without connecting to the public Internet. • Efficiency — packages are delivered significantly faster over a local area network. •...

  • Page 7: How It Works

    How it Works For more detailed explanations of these terms and others, refer to the Red Hat Network Reference Guide. 1.4. How it Works RHN Satellite Server consists of the following components: • Database — for the Stand-Alone Database, this may be the organization's existing database or, preferably, a separate machine.

  • Page 8: Summary Of Steps

    Chapter 1. Introduction package profile to the database on the RHN Satellite Server; those packages are removed from the list of outdated packages for the client. The organization can configure the website for the RHN Satellite Server to be accessible from the local area network only or from both the local area network and the Internet.
  • Page 9 3. Your Red Hat contact creates a Satellite-entitled account on the RHN website and sends you the login information. 4. Log into the RHN website (rhn.redhat.com) and download the distribution ISOs for Red Hat Enterprise Linux AS 3 or 4 and RHN Satellite Server 5.0.0. These can be found within the Downloads tab of the respective Channel Details pages.

  • Page 10: Upgrades

    1.6. Upgrades The process for upgrading a Satellite from one version to another is not covered within this Satellite http://kbase.redhat.com/faq/ Guide, but can be found within the Red Hat Knowledgebase ( and can be found by performing a search for upgrade satellite or by following this link —...

  • Page 11: Requirements

    /etc/selinux/config file to read SELINUX=permissive and reboot the system. More in-depth coverage of SELinux is available at http://www.redhat.com/docs/. You may also refer to the Red Hat Knowledgebase article on SELinux and RHN Satellite Server at http://kbase.redhat.com/faq/.
  • Page 12 Chapter 2. Requirements Stand-Alone Database Embedded Database Required - Pentium IV processor, 2.4GHz, 512K Required - Pentium IV processor, 2.4GHz, 512K cache or equivalent cache or equivalent Recommended - Pentium IV processor, 2.4GHz Recommended - Pentium IV processor, 2.4GHz dual processor, 512K cache or equivalent dual processor, 512K cache or equivalent Required - 2 GB of memory Required - 2 GB of memory...

  • Page 13: Database Requirements

    Database Requirements 2.3. Database Requirements This section applies only to RHN Satellite Server with Stand-Alone Database as the requirements for the Embedded Database are included in the Satellite machine's hardware requirements. Red Hat supports RHN Satellite Server 5.0.0 installations in conjunction with Oracle 9i R2. The Stand-Alone Database must not run on the same server as the RHN Satellite Server.

  • Page 14: Additional Requirements

    TCP ports must be opened on the Satellite, depending on your implementation of RHN Satellite Server: Port Direction Reason Outbound Satellite uses this port to reach rhn.redhat.com xmlrpc.rhn.redhat.com satellite.rhn.redhat.com (unless running in a disconnected mode for Satellite) Inbound WebUI and client requests come in via...
  • Page 15 Additional Requirements Port Direction Reason satellite.rhn.redhat.com (unless running in a disconnected mode for Satellite) 4545 Outbound RHN Satellite Server Monitoring makes connections to rhnmd running on client systems, if Monitoring is enabled and probes are configured for registered systems. 5222...
  • Page 16 It is imperative that customers keep track of all primary login information. For RHN Satellite Server, this includes usernames and passwords for the Organization Administrator account on rhn.redhat.com, the primary administrator account on the Satellite itself, SSL certificate generation, and database connection (which also requires a SID, or net service name). Red Hat strongly recommends this information be copied onto two separate floppy disks, printed out on paper, and stored in a fireproof safe.
  • Page 17 Additional Requirements • If the Satellite serves Monitoring-entitled systems and you wish to acknowledge via email the alert notifications you receive, you must configure sendmail to properly handle incoming mail as Section 4.4, “Sendmail Configuration”. described in Finally, you should have the following technical documents in hand for use in roughly this order: 1.

  • Page 19: Example Topologies

    Chapter 3. Example Topologies The RHN Satellite Server can be configured in multiple ways. Select one method depending on the following factors: • The total number of client systems to be served by the RHN Satellite Server. • The maximum number of clients expected to connect concurrently to the RHN Satellite Server. •...

  • Page 20: Satellite-Proxy Vertically Tiered Topology

    Chapter 3. Example Topologies It is possible to synchronize content between RHN Satellites using the rhn-satellite-exporter Section 6.1.1, “rhn- and satellite-sync -m commands. This feature is discussed in detail in satellite-exporter”. Additional maintenance is the biggest disadvantage of this horizontal structure. Figure 3.2.
  • Page 21 Satellite-Proxy Vertically Tiered Topology Figure 3.3. Satellite-Proxy Vertically Tiered Topology...

  • Page 23: Installation

    Chapter 4. Installation This chapter describes the initial installation of the RHN Satellite Server. It presumes the prerequisites Chapter 2, Requirements listed in have been met. If you are instead upgrading to a newer version of RHN Satellite Server, contact your Red Hat representative for assistance. 4.1.
  • Page 24 Chapter 4. Installation 4. Ensure that the RHN Entitlement Certificate has been copied onto the Satellite's file system. It can be named anything and located in any directory. The installation program will ask you for its location. Also, make sure your account has been granted the necessary entitlements to conduct the installation.
  • Page 25 RHN Satellite Server Installation Program 10. T he next step creates and populates the initial database, if you have opted for the RHN Satellite Server with Embedded Database. If you are installing RHN Satellite Server with Stand-Alone Database, the installer connects with the database. This step can take quite a while. If you would like to monitor the progress of the installation, use tail in a separate window to monitor the /var/ log/rhn/install_db.log file.
  • Page 26 Chapter 4. Installation Visit https://your-satellite.example.com to create the satellite administrator account. 15. F ollow the on-screen instructions and visit the FQDN of your Satellite via a web browser. Create the satellite administrator account - also referred to as the Organization Administrator - and click the Create Login button to move to the next screen, the Your RHN screen.
  • Page 27 RHN Satellite Server Installation Program Figure 4.2. Final Configuration Prompt 17. T he Satellite Configuration - General Configuration page allows you to alter the most basic Satellite settings, such as the admin email address and whether Monitoring is enabled.
  • Page 28 Chapter 4. Installation Figure 4.3. General Configuration 18. T he RHN Satellite Configuration - Monitoring page allows you to configure the monitoring aspects of this Satellite. The local mail exchanger and local main domain are used to mail monitoring notification messages to administration. This is required only if you intend to receive alert notifications from probes.
  • Page 29 RHN Satellite Server Installation Program Figure 4.4. Monitoring 19. T he RHN Satellite Configuration - Certificate page allows you to upload a new Satellite certificate. To identify the certificate's path, click Browse, navigate to the file, and select it. To input its contents, open your certificate in a text editor, copy all lines, and paste them directly into the large text field at the bottom.
  • Page 30 Chapter 4. Installation Figure 4.5. Certificate 20. T he RHN Satellite Configuration - Bootstrap page allows you to generate a bootstrap script for redirecting client systems from the central RHN Servers to the Satellite. This script, to be placed in the /var/www/html/pub/bootstrap/ directory of the Satellite, significantly reduces the effort involved in reconfiguring all systems, which by default obtain packages from the central RHN Servers.
  • Page 31 RHN Satellite Server Installation Program Figure 4.6. Bootstrap 21. T he RHN Satellite Configuration - Restart page contains the final step in configuring the Satellite. Click the Restart button to restart the Satellite in order to incorporate all of the configuration options added on the previous screens.

  • Page 32: Options To The Satellite Installation Program

    Chapter 4. Installation Figure 4.7. Restart 22. O nce the Satellite has restarted, the countdown notice disappears. You are now free to begin using your Satellite. Figure 4.8. Restart Complete 4.2.1. Options to the Satellite Installation Program The various options available for the Satellite Installation Program are included below for easy reference.

  • Page 33: Automated Rhn Satellite Server Installation

    Automated RHN Satellite Server Installation Option Usage For use only with --answer-file. If the --answer- --non-interactive file does not provide a required response, exit instead of prompting the user. Register the system with RHN, even if it is already registered. --re-register Install the satellite in disconnected mode.

  • Page 34: Sendmail Configuration

    Chapter 4. Installation ./install.pl --answer-file=/tmp/answers.txt The RHN Satellite Server Installation Program then looks for answers in the file. For any option no filled out in the file, the Installer Program prompts the user for the missing information. 4.4. Sendmail Configuration If your RHN Satellite Server will serve Monitoring-entitled systems and you wish to acknowledge via email the alert notifications you receive, you must configure sendmail to properly handle incoming mail.

  • Page 35: Mysql Installation

    MySQL Installation service sendmail restart 4.5. MySQL Installation This sections is applicable only if your RHN Satellite Server will serve Monitoring-entitled systems and you wish to run MySQL probes against them. Refer to the Probes appendix of the RHN Reference Guide for a list of available probes.

  • Page 37: Entitlements

    Chapter 5. Entitlements The RHN Satellite Server, like RHN itself, provides all services to customers through the setting of entitlements. For RHN, entitlements are purchased by customers as needed; however, for RHN Satellite Server, entitlements are contractually agreed-upon beforehand, and they are set at installation time.

  • Page 38: Uploading The Rhn Entitlement Certificate

    5.2. Uploading the RHN Entitlement Certificate If your RHN Satellite Server is connected to the Internet, you have the option of uploading your new RHN Entitlement Certificate through the RHN website. To do this: https://rhn.redhat.com 1. Log into with your organization's Satellite-entitled account.

  • Page 39: Activating The Satellite

    Activating the Satellite Option Description Display the help screen with a list of options. -h, --help Confirm certificate sanity. Does not activate the --sanity-only Satellite locally or remotely. Activates locally but not on remote RHN Servers. --disconnected Uploads new certificate and activates the Satellite --rhn-cert=/PATH/TO/CERT based upon the other options passed (if any).
  • Page 40 Chapter 5. Entitlements A standard grace period of seven (7) days now exists between the date of Satellite certificate expiration and when the Satellite becomes inactive. This grace period is provided in order for customers to contact Red Hat Support and obtain a new certificate. During the grace period, the following things happen: •...

  • Page 41: Importing And Synchronizing

    Chapter 6. Importing and Synchronizing After installing the RHN Satellite Server, you must provide it with the packages and channels to be served to client systems. This chapter explains how to import that data and keep it up to date whether the content is from RHN's central servers, local media, or from one Satellite within your organization to another.

  • Page 42: Exporting

    Chapter 6. Importing and Synchronizing The RHN Satellite Exporter offers several command line options. To use them, insert the option and appropriate value after the rhn-satellite-exporter command. Option Description Place the exported information into this directory. -d, --dir= Process data for this specific channel (specified -cCHANNEL_LABEL, -- by label) only.

  • Page 43: Importing With Rhn Satellite Synchronization Tool

    Importing with RHN Satellite Synchronization Tool • There must be sufficient disk space in the directory specified in the --dir option to contain the exported contents. Although it is not a requirement for the export to succeed, the export will be most useful when performed on a Satellite that has populated channels.
  • Page 44 Chapter 6. Importing and Synchronizing 2. channels — Import/synchronize channel data. 3. rpms — Import/synchronize RPMs. 4. packages — Import/synchronize full package data for those RPMs retrieved successfully. 5. errata — Import/synchronize Errata information. Each of these steps can be initiated individually for testing purposes with the effect of forcing the tool to stop when that step is complete.

  • Page 45: Preparing For Import From Local Media

    Preparing for Import from Local Media Option Description set in /etc/rhn/rhn.conf, 0-6 (2 is default). Email a report of what was imported/ --email synchronized to the designated recipient of traceback email. Direct sync output (from --email) to this --traceback-mail=TRACEBACK_MAIL email address. Include the hostname of an alternative -s=, --server=SERVER server to connect to for synchronization.
  • Page 46 Chapter 6. Importing and Synchronizing 6.2.2.1. Preparing Channel Content ISOs Channel Content ISOs are special collections that contain both packages and XML dumps of metadata. The ISO images can be downloaded from the RHN website on a machine connected to the Internet and then transferred to the Satellite.

  • Page 47: Running The Import

    Running the Import 1. Log into the machine as root. 2. Create a target directory for the files, such as: mkdir /var/rhn-sat-import/ 3. Make the export data available on the local machine in the directory created in the previous step. This can be done by copying the data directly, or by mounting the data from another machine using NFS.

  • Page 48: Synchronizing

    Chapter 6. Importing and Synchronizing Populating the tables describing common features for channels (channel families). This can also be accomplished individually by passing the --step=channel-families option to satellite- sync. Creating a particular channel in the database and importing the metadata describing the channel. Individually, use the --step=channels option.

  • Page 49: Synchronizing Errata And Packages Directly Via Rhn

    Synchronizing Errata and Packages Directly via RHN Note All analysis is performed on the RHN Satellite Server; the central RHN Servers deliver only an export of its channel information and remain ignorant of any details regarding the RHN Satellite Server. 3.

  • Page 51: Troubleshooting

    This chapter provides tips for determining the cause of and resolving the most common errors associated with RHN Satellite Server. If you need additional help, contact Red Hat Network support at https://rhn.redhat.com/help/contact.pxt. Log in using your Satellite-entitled account to see your full list of options.
  • Page 52 If the administrator is not getting email from the RHN Satellite Server, confirm the correct email addresses have been set for traceback_mail in /etc/rhn/rhn.conf. If the traceback mail is marked from dev-null@rhn.redhat.com and you would like the address to be valid for your organization, include the web.default_mail_from option and appropriate value in / etc/rhn/rhn.conf.

  • Page 53: Host Not Found/Could Not Determine Fqdn

    Host Not Found/Could Not Determine FQDN Next, restart the importation or synchronization. If up2date or the push capability of the RHN Satellite Server ceases to function, it is possible that old log files may be at fault. Stop the jabberd daemon before removing these files. To do so, issue the following commands as root: service jabberd stop cd /var/lib/jabberd...

  • Page 54: Updated Software Components

    Chapter 7. Troubleshooting To troubleshoot this, check the date and time on the clients and the Satellite with the following command: date The results should be nearly identical for all machines and within the "notBefore" and "notAfter" validity windows of the certificates. Check the client certificate dates and times with the following command: openssl x509 -dates -noout -in /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT Check the Satellite server certificate dates and times with the following command: openssl x509 -dates -noout -in /etc/httpd/conf/ssl.crt/server.crt...

  • Page 55: Satellite Debugging By Red Hat

    Satellite Debugging by Red Hat • Red Hat Developer Suite • Red Hat Application Server • Red Hat Extras Subscribing to these channels and updating your Satellite (such as by running up2date), may install newer, incompatible versions of critical software components, causing the Satellite to fail. 7.6.

  • Page 57: Maintenance

    For RHN Satellite Server systems that may not be connected to the Internet, the packages themselves may be retrieved using a customer account at https://rhn.redhat.com. Then, they can be applied manually by the customer according to instructions in the Errata Advisory.

  • Page 58: Backing Up The Satellite

    • /root/ssl-build/ If possible, back up /var/satellite/, as well. In case of failure, this will save lengthy download time. Since /var/satellite/ (specifically /var/satellite/redhat/NULL/) is primarily a duplicate of Red Hat's RPM repository, it can be regenerated with satellite-sync. Red Hat recommends the entire /var/satellite/ tree be backed up.

  • Page 59: Using Rhn Db Control

    Using RHN DB Control 8.4. Using RHN DB Control RHN Satellite Server with Embedded Database requires a utility for managing that database. Red Hat provides just such a tool: RHN DB Control. This command line utility allows you to do everything from make, verify, and restore backups to obtain database status and restart it when necessary.

  • Page 60: Backing Up The Database

    Chapter 8. Maintenance 8.4.2. Backing up the Database Red Hat recommends performing nightly backups of the Embedded Database and moving the resulting directory to another system via NFS, SCP, FTP, etc. Preferably, this backup system resides off-site. To conduct a backup, shut down the database and related services first by issuing the following command as root: service rhn-satellite stop Then switch to the oracle user and issue this command to initiate the backup:...

  • Page 61: Cloning The Satellite With Embedded Db

    Cloning the Satellite with Embedded DB db-control restore DIRNAME This not only restores the Embedded Database but first verifies the contents of the backup directory using md5sums. Once the restoration is complete, return to root user mode and restart the database and related services with these commands in this order: service rhn-satellite start 8.5.

  • Page 62: Conducting Satellite-Specific Tasks

    Chapter 8. Maintenance If your original SSL certificate does not take your high-availability solution into account, you may create a new one with a more appropriate Common Name value now. In this case, you may also generate a new bootstrap script that captures this new value. 3.

  • Page 63: Using The Tools Menu

    Using the Tools menu 8.7.1. Using the Tools menu In addition to the standard categories available to all users through the top navigation bar, Satellite Organization Administrators also have access to a Tools menu. Clicking this opens the RHN Internal Tools page.

  • Page 64: Deleting Users

    Chapter 8. Maintenance 8.7.1.2. Accessing the String Manager The Tools menu also offers a String Manager function. This page allows you to edit footers, headers and other universal information displayed in emails, error messages and elsewhere. 8.7.2. Deleting Users Because of the isolated environment in which RHN Satellite Servers operate, Satellite customers have been granted the ability to delete users.

  • Page 65: Automating Synchronization

    Automating Synchronization Figure 8.3. User Delete Confirmation Many other options exist for managing users. You can find instructions for them in the RHN website chapter of the RHN Reference Guide. 8.8. Automating Synchronization Manually synchronizing the RHN Satellite Server repository with Red Hat Network can be a time- intensive task.

  • Page 66: Implementing Pam Authentication

    Chapter 8. Maintenance This particular job will run randomly between 1:00 a.m. and 3:30 a.m. system time each night and redirect stdout and stderr from cron to prevent duplicating the more easily read message from Table 6.2, “Satellite satellite-sync. Options other than --email can also be included. Refer to Import/Sync Options”...
  • Page 67 Enabling Push to Clients the typical delay between scheduling an action and the client system checking in with RHN to retrieve Important SSL must be employed between the Satellite and its clients systems for this feature to work. If the SSL certificates are not available, the daemon on the client system fails to connect.

  • Page 69: Sample Rhn Satellite Server Configuration File

    #/etc/rhn/rhn.conf example for an RHN Satellite #---------------------------------------------- # Destination of all tracebacks, such as crash information, etc. traceback_mail = test@pobox.com, test@redhat.com # Location of RPMs (Red Hat and custom) served by the RHN Satellite mount_point = /var/satellite # Corporate gateway (hostname:PORT): server.satellite.http_proxy = corporate_gateway.example.com:8080...
  • Page 70 Appendix A. Sample RHN Satellite Server Configuration File RHN::Task::DailySummary, RHN::Task::SummaryPopulation, RHN::Task::RHNProc, RHN::Task::PackageCleanup web.rhn_gpg_backend_module = RHN::GPG::OpenPGP web.restrict_mail_domains =...

  • Page 71: Revision History

    Appendix B. Revision History Revision History Revision 1.0...

  • Page 73: Index

    Index /rhnsat/, 19 enabling push to clients, 62 entitlement certificate, 11, 19 uploading, 34 Symbols /etc/nsswitch.conf, 49 /etc/rhn/rhn.conf, 48 firewall rules requirements, 10 advantages, 2 Apache, 53 general problems, 47 Apache HTTP, 3 GPG keys, 19 automating Satellite synchronization, 61 host not found error backing up the RHN Satellite Server, 54 could not determine FQDN, 49...
  • Page 74 Index options, 40 RHN Task Engine, 59, 60 operating system rhn-satellite supported, 7 service, 53 Oracle 9i R2, 3 rhn-satellite-activate, 34 Organization Administrator activating, 35 definition, 2 options, 34 osa-dispatcher, 63 rhn-satellite-exporter, 37 osad, 63 export, 38 options, 38 rhn.conf PAM authentication sample file, 65 implementation, 62...

Table of Contents