1. Manuals
  2. Brands
  3. Red Hat Manuals
  4. Software
  5. NETWORK SATELLITE SERVER 3.6
  6. Installation manual

Red Hat NETWORK SATELLITE SERVER 3.6 Installation Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
RHN Satellite Server 3.6
Installation Guide

Advertisement

Table of Contents
loading

Related Manuals for Red Hat NETWORK SATELLITE SERVER 3.6

Summary of Contents for Red Hat NETWORK SATELLITE SERVER 3.6

  • Page 1 RHN Satellite Server 3.6 Installation Guide...
  • Page 2 RHN Satellite Server 3.6: Installation Guide Copyright © 2001 - 2004 by Red Hat, Inc. RHNsatellite(EN)-3.6-RHI (2004-12-07T20:06) Copyright © 2001 - 2004 by Red Hat, Inc. Red Hat, Red Hat Network, the Red Hat "Shadow Man" logo, RPM, Maximum RPM, the RPM logo, Linux Library, PowerTools, Linux Undercover, RHmember, RHmember More, Rough Cuts, Rawhide and all Red Hat-based trademarks and logos are trademarks or registered trademarks of Red Hat, Inc.

  • Page 3: Table Of Contents

    Table of Contents 1. Introduction............................. 1 1.1. Red Hat Network ....................... 1 1.2. RHN Satellite Server......................1 1.3. Terms to Understand ......................2 1.4. How it Works ........................2 1.5. Summary of Steps ......................4 2. Requirements........................... 7 2.1. Software Requirements...................... 7 2.2.
  • Page 4 8. Maintenance ..........................45 8.1. Managing the Satellite Service ..................45 8.2. Updating the Satellite....................... 45 8.3. Backing Up the Satellite ....................46 8.4. Using RHN DB Control ....................46 8.4.1. DB Control Options ..................46 8.4.2. Backing up the Database................... 47 8.4.3.

  • Page 5: Introduction

    Chapter 1. Introduction RHN Satellite Server provides a solution to organizations requiring absolute control over and privacy of the maintenance and package deployment of their servers. It allows Red Hat Network customers the greatest exibility and power in keeping servers secure and updated. Two types of RHN Satellite Server are available: One with a stand-alone database on a separate ma- chine and one with an embedded database installed on the same machine as the Satellite.

  • Page 6: Terms To Understand

    Chapter 1. Introduction Security — an end-to-end secure connection is maintained from the client systems to the RHN • Satellite Server without connecting to the public Internet. Efficiency — packages are delivered significantly faster over a local area network. • Control —...
  • Page 7 Chapter 1. Introduction Database — for the Stand-Alone Database, this may be the organization’s existing database or, • preferably, a separate machine. RHN Satellite Server 3.6 supports Oracle 9i R2. For the Embedded Database, the database comes bundled with RHN Satellite Server and is installed on the same machine as the Satellite during the installation process.

  • Page 8: Summary Of Steps

    3. Your Red Hat contact creates a Satellite-entitled account on the RHN website and sends you the login information. 4. You log into the RHN website (rhn.redhat.com) and download the distribution ISOs for Red Hat Enterprise Linux AS and RHN Satellite Server 3.6. Remember, Monitoring requires Red Hat Enterprise Linux AS 3.
  • Page 9 Chapter 1. Introduction page. These Channel Content ISOs differ from the distribution ISOs previously mentioned in that they contain metadata necessary for parsing and serving packages by Satellite. 6. If installing a Stand-Alone Database, you prepare your database instance using the formula provided in Chapter 2 Requirements.
  • Page 10 Chapter 1. Introduction...

  • Page 11: Requirements

    Chapter 2. Requirements These requirements must be met before installation. 2.1. Software Requirements To perform an installation, the following software components must be available: Base operating system — RHN Satellite Server is supported with Red Hat Enterprise Linux AS 2.1 •...

  • Page 12: Hardware Requirements

    Chapter 2. Requirements @ Advanced Server • @ Base • @ Messaging and Web Tools • @ Software Development • @ Utilities • @ Web Server • For installing Red Hat Enterprise Linux AS 2.1 Update 5 via CD or ISO image, select the following package groups: Network Support •...

  • Page 13: Database Requirements

    Chapter 2. Requirements Stand-Alone Database Embedded Database Strongly recommended - a SCSI drive connected to a level 5 RAID Separate partition (or better, a separate set of physical disks) for storing backups. This can be any directory specifiable at backup time. Table 2-1.

  • Page 14: Additional Requirements

    Chapter 2. Requirements Keep in mind, the database storage needs may grow rapidly, depending upon the variance of the following factors: The number of public Red Hat packages imported (typical: 5000) • The number of private packages to be managed (typical: 500) •...
  • Page 15 Chapter 2. Requirements The RHN Satellite Server solution can be firewalled from the Internet, but it must be able to issue outbound connections to rhn.redhat.com and xmlrpc.rhn.redhat.com on ports 80 and 443. Synchronized System Times • There is great time sensitivity when connecting to a Web server running SSL (Secure Sockets Layer);...
  • Page 16 Chapter 2. Requirements If the Satellite will serve Monitoring-entitled systems and you wish to acknowledge via email the • alert notifications you receive, you must configure sendmail to properly handle incoming mail as described in Section 4.3 Sendmail Configuration. Finally, you should have the following technical documents in hand for use in roughly this order: 1.

  • Page 17: Example Topologies

    Chapter 3. Example Topologies The RHN Satellite Server can be configured in multiple ways. Select one method depending on the following factors: The total number of client systems to be served by the RHN Satellite Server. • The maximum number of clients expected to connect concurrently to the RHN Satellite Server. •...

  • Page 18: Satellite-Proxy Vertically Tiered Topology

    Chapter 3. Example Topologies Figure 3-2. Multiple Satellite Horizontally Tiered Topology 3.3. Satellite-Proxy Vertically Tiered Topology An alternative method to balance load is to install RHN Proxy Servers below a RHN Satellite Server that connect to the Satellite for RPMs from Red Hat Network and custom packages created locally. In essence, the Proxies act as clients of the Satelllite.

  • Page 19: Installation

    Chapter 4. Installation This chapter describes the initial installation of the RHN Satellite Server. It presumes the prerequisites listed in Chapter 2 Requirements have been met. If you are instead upgrading to a newer version of RHN Satellite Server, contact your Red Hat representative for assistance. 4.1.
  • Page 20 Chapter 4. Installation 5. Ensure the RHN Entitlement Certificate has been loaded onto the Satellite. It can be named anything and located in any directory. The installation program will ask you for its contents or location. Also, make sure your account has been granted the necessary entitlements to conduct the installation.
  • Page 21 Chapter 4. Installation Figure 4-2. Administrator Email Address 8. The Administrator Email Address page requires an email address to receive administrative correspondence. Ideally, this address serves multiple people in your organization to ensure de- livery. Keep in mind, this address will receive all mail generated by the Satellite, including sometimes large quantities of error-related tracebacks.
  • Page 22 Chapter 4. Installation 9. The Database Configuration page collects information required for the Satellite with Stand- Alone Database to connect to its database. If this is Satelllite with Embedded Database, skip to the Database Schema page description. For Satellite with Stand-Alone Database, consult your database administrator for the appropriate values.
  • Page 23 Chapter 4. Installation Figure 4-6. RHN Configuration 12. The RHN Configuration page enables you to change the way the Satellite communicates with Red Hat Network. You may alter the Satellite’s hostname, its parent RHN server (to connect to another Satellite, for instance) and the location, or mountpoint of the package repository. Typically, the defaults will do.
  • Page 24 Chapter 4. Installation Figure 4-7. Monitoring Configuration 13. The Monitoring Configuration page captures email routing information used in monitoring. This is required only if you intend to receive alert notifications from probes. If you do, provide the mail server (exchanger) and domain to be used. Note that sendmail must be configured to handle email redirects of notifications.
  • Page 25 Chapter 4. Installation To skip this step, such as for Satellites that will operate in disconnected mode, click either the continue link or button. If you do not register the Satellite, the RHN Satellite Synchronization Tool cannot be used to populate software channels. Contact your Red Hat representative to obtain the packages and updates manually.
  • Page 26 Chapter 4. Installation Figure 4-10. Satellite Synchronization 16. The Satellite Synchronization page allows you to initially populate your Satellite with software channel metadata. This is possible during installation only if you chose to register your Satellite with RHN. To synchronize, select the Perform Satellite Sync checkbox and click Continue. After the installation, you will still need to populate the channels with packages.
  • Page 27 Chapter 4. Installation Figure 4-11. SSL Certificate 17. The SSL Certificate page collects information necessary to create the Secure Sockets Layer (SSL) certificate used by the Satellite and its client machines. In addition, you may manage your SSL infrastructure using the RHN SSL Maintenance Tool. Refer to the SSL Certificates chapter of the RHN Client Configuration Guide for instructions.
  • Page 28 Chapter 4. Installation Figure 4-12. Bootstrap Script 18. The Bootstrap Script page allows you to create a script for redirecting client systems from the central RHN Servers to the Satellite. This script, to be placed in the directory of the Satellite, significantly reduces the effort /var/www/html/pub/bootstrap/ involved in reconfiguring all systems, which by default obtain packages from the central RHN Servers.
  • Page 29 Chapter 4. Installation Figure 4-13. Installation Complete 19. The Installation Complete page marks the end of the initial Satellite installation and configu- ration. Click Complete to reboot the system and create the Satellite Administrator account. The Satellite Restart page appears. Figure 4-14.

  • Page 30: Sendmail Configuration

    Chapter 4. Installation Figure 4-15. Satellite Administrator 21. The Satellite Administrator page enables you to create the Organization Administrator account on the Satellite. This master account can conduct any task available to all other user levels, as well as create other user accounts. As always, ensure this information exists on the backups of login information described in Chapter 2 Requirements.
  • Page 31 Chapter 4. Installation 4.3. Sendmail Configuration If your RHN Satellite Server will serve Monitoring-entitled systems and you wish to acknowledge via email the alert notifications you receive, you must configure sendmail to properly handle incoming mail. This is required by the email redirect feature, which allows you to stop notifying users about a Monitoring-related event with a single reply.
  • Page 32 Chapter 4. Installation...

  • Page 33: Entitlements

    Chapter 5. Entitlements The RHN Satellite Server, like RHN itself, provides all services to customers through the setting of entitlements. For RHN, entitlements are purchased by customers as needed; however, for RHN Satellite Server, entitlements are contractually agreed-upon beforehand, and they are set at installation time.

  • Page 34: Managing The Rhn Certificate With Rhn Satellite Activate

    If your RHN Satellite Server is connected to the Internet, you have the option of uploading your new RHN Entitlement Certificate through the RHN website. To do this: 1. Log into https://rhn.redhat.com with your organization’s Satellite-entitled account. 2. Click Systems in the top navigation bar and then the name of the RHN Satellite Server. You may also find the Satellite through the Satellite line item within the Channels category.

  • Page 35: Activating The Satellite

    Chapter 5. Entitlements 5.3.2. Activating the Satellite You should use the options in Table 5-1 to accomplish the following tasks in this order: 1. Validate the RHN Entitlement Certificate’s sanity (or usefulness). 2. Activate the Satellite locally by inserting the RHN Entitlement Certificate into the local database.
  • Page 36 Chapter 5. Entitlements...

  • Page 37: Importing And Synchronizing

    Chapter 6. Importing and Synchronizing After installing the RHN Satellite Server, you must provide it the packages and channels to be served. This chapter explains how to import that data and keep it up-to-date. 6.1. RHN Satellite Synchronization Tool With the Satellite installation, Red Hat Network provides an application designed specifically to im- port and synchronize data - the RHN Satellite Synchronization Tool.
  • Page 38 Chapter 6. Importing and Synchronizing Option Description Option Description Display this list of options and exit. --help Include alternate database connect string: --db=DB username/password@SID. Import/sync from local media mounted to the --mount-point=MOUNT_POINT Satellite. To be used in closed environments (such as those created during disconnected installs).

  • Page 39: Import/Sync Cache Refresh

    Chapter 6. Importing and Synchronizing Option Description Use an alternative SSL CA certificate by including the --ca-cert=CA_CERT full path and filename. For debugging only - Include path to alternative --systemid=SYSTEM_ID digital system ID. For debugging only - Include path to alternative --systemid=SYSTEM_ID digital system ID.

  • Page 40: Prerequisites

    Chapter 6. Importing and Synchronizing Important To populate custom channels correctly, you must first populate at least one Red Hat base channel. The RHN Satellite Synchronization Tool creates the necessary directory structures and permis- sions; without these, the custom channel tools will not work properly. For this reason, you should use these instructions to set up your base channel(s) and then refer to the RHN Channel Management Guide for steps to establish custom channels.

  • Page 41: Running The Import

    Chapter 6. Importing and Synchronizing 6. This sample command assumes the administrator wants to copy the contents of the CD/ISO (mounted in ) into /mnt/import /var/rhn-sat-import/ cp -ruv /mnt/import/* /var/rhn-sat-import/ 7. Then unmount in preparation for the next CD or ISO: /mnt/import umount /mnt/import/ 8.

  • Page 42: Synchronizing

    Chapter 6. Importing and Synchronizing 2. Creating a particular channel in the database and importing the metadata describing the channel. Individually, use the option. --step=channels 3. Moving the RPM packages from the temporary repository into their final location. Individually, use the option.

  • Page 43: Synchronizing Errata And Packages Via Local Media

    Chapter 6. Importing and Synchronizing 6.3.1. Synchronizing Errata and Packages Directly via RHN For customers who want to sync data as frequently as possible and who can initiate connections outside of their own environments, the satellite sync can be run over the Internet through SSL. This is the default setting for the satellite sync script.
  • Page 44 Chapter 6. Importing and Synchronizing...

  • Page 45: Troubleshooting

    This chapter provides tips for determining the cause of and resolving the most common errors asso- ciated with RHN Satellite Server. If you need additional help, contact Red Hat Network support at https://rhn.redhat.com/help/contact.pxt. Log in using your Satellite-entitled account to see your full list of options.

  • Page 46: Host Not Found/Could Not Determine Fqdn

    If the administrator isn’t getting email from the RHN Satellite Server, confirm the correct email ad- dresses have been set for traceback_mail /etc/rhn/rhn.conf If the traceback mail is marked from dev-null@rhn.redhat.com and you would like the address to be valid for your organization, include the option and appropriate value in web.default_mail_from /etc/rhn/rhn.conf...

  • Page 47: Connection Errors

    Chapter 7. Troubleshooting This problem typically originates from the file. You may confirm this by examining /etc/hosts , which defines the methods and the order by which domain names are re- /etc/nsswitch.conf solved. Usually, the file is checked first, followed by Network Information Service (NIS) /etc/hosts if used, followed by DNS.

  • Page 48: Caching Issues

    Chapter 7. Troubleshooting Confirm the correct • rhn-org-httpd-ssl-key-pair-MACHINE_NAME-VER-REL.noarch.rpm installed Satellite Server corresponding is installed on all client systems. rhn-org-trusted-ssl-cert-*.noarch.rpm Verify the client systems are configured to use the appropriate certificate. • If also using one or more RHN Proxy Servers, ensure each Proxy’s SSL certificates are prepared •...

  • Page 49: Maintenance

    For RHN Satellite Server systems that may not be connected to the Internet, the packages themselves may be retrieved using a customer account at https://rhn.redhat.com. Then, they can be applied man- ually by the customer according to instructions in the Errata Advisory.

  • Page 50: Backing Up The Satellite

    /etc/httpd/ • /var/www/rhns/ • /var/www/html/pub/ - custom RPMs • /var/satellite/redhat/1/ - pertains only to RHN Satellite Server 1.1.x. • /etc/pxtdb.conf If possible, back up , as well. In case of failure, this will save lengthy down- /var/satellite/ load time. Since (specifically...

  • Page 51: Backing Up The Database

    Chapter 8. Maintenance 8.4.1. DB Control Options RHN DB Control offers many command line options. To use them, as oracle insert the option and the appropriate value, if needed, after the command. db-control Option Description Lists these options with additional help db-control details.

  • Page 52: Verifying The Backup

    Chapter 8. Maintenance Once the backup is complete, return to root user mode and restart the database and related services with these commands in this order: service rhn-database start service taskomatic start service httpd start You should then copy that backup to another system using rsync or another file-transfer utility. Red Hat strongly recommends scheduling the backup process automatically using cron jobs.

  • Page 53: Establishing Redundant Satellites With Stand-Alone Db

    Chapter 8. Maintenance 8.5. Cloning the Satellite with Embedded DB You may limit outages caused by hardware or other failures by cloning the Satellite with Embedded Database in entirety. The secondary Satellite machine can be prepared for use if the primary fails. To clone the Satellite, conduct these tasks: 1.

  • Page 54: Conducting Satellite-Specific Tasks

    Chapter 8. Maintenance If you generated a new SSL certificate during secondary Satellite installation to include a new Common Name value, instead copy the RPMs from the secondary to the primary Satellite and redistribute the client-side certificate. If you also created another bootstrap script, you may use this to install the certificate on client systems.

  • Page 55: Deleting Users

    Chapter 8. Maintenance Figure 8-1. Internal Tools To refresh the view of channels that have been updated but do not yet reflect those modifications on the Satellite website, click the Update Errata cache now link on this page. 8.7.1.1. Maintaining the RHN Task Engine The default display shows the status of the RHN Task Engine.

  • Page 56: Automating Synchronization

    Chapter 8. Maintenance 8.7.2. Deleting Users Because of the isolated environment in which RHN Satellite Servers operate, Satellite customers have been granted the ability to delete users. To access this functionality, click Users in the top navigation bar of the RHN website. In the resulting User List, click the name of the user to be removed. This takes you to the User Details page.

  • Page 57: Implementing Pam Authentication

    Chapter 8. Maintenance 8.8. Automating Synchronization Manually synchronizing the RHN Satellite Server repository with Red Hat Network can be an ar- duous task. In addition, staff levels tend to be highest at peak usage times. For this reason, Red Hat encourages you to automate synchronization in late evening or early morning to better balance load and ensure quick synchronization.

  • Page 58: Enabling Push To Clients

    Chapter 8. Maintenance Please note that changing the password on the RHN website will change only the local password on the RHN Satellite Server, which may not be used at all if PAM is enabled for that user. In the above example, for instance, the Kerberos password will not be changed.

  • Page 59: Sample Rhn Satellite Server Configuration File

    #/etc/rhn/rhn.conf example for an RHN Satellite #---------------------------------------------- # Destination of all tracebacks, such as crash information, etc. traceback_mail = test@pobox.com, test@redhat.com # Location of RPMs (Red Hat and custom) served by the RHN Satellite mount_point = /var/satellite # Corporate gateway (hostname:PORT): server.satellite.http_proxy = corporate_gateway.example.com:8080...
  • Page 60 Appendix A. Sample RHN Satellite Server Configuration File...

  • Page 61: Index

    Index log files, 41 advantages, 1 automating Satellite synchronization, 53 maintenance, 45 backing up the RHN Satellite Server, 46 Red Hat Network introduction, 1 redundant satellite satellite redundancy, 49 caching issues, 44 requirements, 7 cloning satellite, 49 additional, 10 components, 2 database, 9 connection errors, 43 hardware, 8...
  • Page 62 terms to understand, 2 tool use, 50 topologies, 13 multiple satellites horizontally tiered, 13 satellite and proxies vertically tiered, 14 single satellite, 13 traceback, 2 troubleshooting, 41 updating the RHN Satellite Server, 45...

This manual is also suitable for:

Rhn satellite server 3.6

Table of Contents