RedHat Enterprise Satellite Server 6

(1)

(2)

(3)

RED HAT

ENTERPRISE

DEPLOYMENT

AND SYSTEMS

MANAGEMENT

(4)

RH401

Red Hat Enterprise Linux 6 RH401

Red Hat Enterprise Deployment and Systems Management

Edition 1

No part of this publication may be stored in a retrieval system, transmitted or reproduced in any way, including, but not limited to, photocopy, photograph, magnetic, electronic or other record, without the prior written permission of Red Hat, Inc.

This instructional program, including all material provided herein, is supplied without any guarantees from Red Hat, Inc. Red Hat, Inc. assumes no liability for damages or legal action arising from the use or misuse of contents or details contained herein.

If you believe Red Hat training materials are being used, copied, or otherwise improperly distributed please e-mail [email protected] or phone toll-free (USA) +1 (866) 626-2994 or +1 (919) 754-3700.

Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, Hibernate, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.

Linux® is the registered trademark of Linus Torvalds in the United States and other countries.

Java® is a registered trademark of Oracle and/or its affiliates.

XFS® is a registered trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.

(5)

Document Conventions vii

Notes and Warnings ... vii

Introduction ix

Welcome to class! ... ix

About Red Hat Enterprise Linux ... ix

Additional Red Hat Enterprise Linux Software ... x

Contacting Red Hat Technical Support ... xii

About This Course xv

Red Hat Enterprise Deployment and Systems Management ... xv

Structure of the Course ... xv

Orientation to the Classroom Network ... xvi

Internationalization xvii

Language Support ... xvii

System-wide Default Language ... xvii

Per-user Language Selection ... xvii

Input Methods ... xviii

Language Codes Reference ... xviii

1. Essential System Management 1

Enterprise Management Best Practices ... 2

PXE/Kickstart Installation ... 6

Criterion Test ... 8

2. Installing a Red Hat Network Satellite Server 13

RHN Satellite Server Concepts ... 14

RHN Satellite Server Installation ... 16

Obtaining Software from Hosted RHN ... 21

Importing Initial Software Packages ... 25

3. Red Hat Network Organization 33

RHN Organization Administration ... 34

RHN User Administration ... 36

System Groups ... 40

4. Using Subversion to Manage Changes 45

Revision Control Concepts ... 46

Subversion Administration ... 48

(6)

RH401

iv RH401-6-en-1-20110713

Software Management Using Cloned Channels ... 94

Managing Software Updates ... 97

7. Building RPMs 101

RPM Package Design/Architecture ... 102

Spec File Directives and Sections ... 104

Creating a Spec File ... 107

Software Build Process ... 111

8. Configuration File Management with RHN 119

Configuration Channel Management ... 120

Client Configuration ... 124

Configuration File Management ... 127

Flexible Configuration with Macros ... 130

9. Provisioning with PXE 135

Provisioning Requirements ... 136

Tuning RHN Satellite for Provisioning ... 137

Dynamic Host Configuration Protocol ... 145

Cobbler and Koan ... 150

10. RHN Virtual Machine Management 157

Virtual Host Configuration ... 158

Virtual Machine Provisioning ... 163

11. RHN Satellite Server Administration 171

RHN Satellite Database Management ... 172

Satellite Server Management ... 177

Software Channel Synchronization ... 181

High Availability Options ... 183

Troubleshooting Satellite Server Issues ... 184

12. RHN Application Programming Interface 189

Application Programming Interface Scripting ... 190

RHN Satellite Reporting Tool ... 196

13. Comprehensive Review 201

Preparations/Do You Still Have Questions? ... 202

A. Solutions 209

Essential System Management ... 209

Installing a Red Hat Network Satellite Server ... 212

Red Hat Network Organization ... 220

Using Subversion to Manage Changes ... 223

Red Hat Network Client Configuration ... 230

Red Hat Network Software Management ... 236

Building RPMs ... 245

Configuration File Management with RHN ... 248

Provisioning with PXE ... 252

RHN Virtual Machine Management ... 262

(7)

RHN Application Programming Interface ... 273 Comprehensive Review ... 278

(8)

(9)

Document Conventions

Notes and Warnings

Note

"Notes" are tips, shortcuts or alternative approaches to the task at hand. Ignoring a note should have no negative consequences, but you might miss out on a trick that makes your life easier.

Comparison

"Comparisons" look at similarities and differences between the technology or topic being discussed and similar technologies or topics in other operating systems or environments.

References

"References" describe where to find external documentation relevant to a subject.

Important

"Important" boxes detail things that are easily missed: configuration changes that only apply to the current session, or services that need restarting before an update will apply. Ignoring a box labeled "Important" will not cause data loss, but may cause irritation and frustration.

(10)

(11)

Introduction

Welcome to class!

Thank you for attending this Red Hat training class. Please let us know if you have any special needs while at our training facility.

Please ask the instructor if you have any questions about the facility, such as operating hours of the facility and when you will have access to the classroom, locations of restrooms and break rooms, availability of telephones and network connectivity, and information about the local area. As a courtesy to other students, please place your pager or cell phone's ringer on vibrate or mute, or turn off your devices during class. We ask that you only make calls during break periods. If you have a personal emergency and are unable to attend or complete the class, please let us know. Thank you!

About Red Hat Enterprise Linux

This course is taught using Red Hat Enterprise Linux, an enterprise-targeted Linux distribution focused on mature open source software designed specifically for organizations using Linux in production settings.

Red Hat Enterprise Linux is sold on a subscription basis, where the subscription gives you continues access to all supported versions of the operating system in binary and source form, not just the latest one, including all updates and bug fixes. Extensive support services are included: a support contract and Update Module entitlement to Red Hat Network are included for the subscription period. Various Service Level Agreements are available that may provide up to 24x7 coverage with a guaranteed one hour response time for Severity 1 issues. Support will be available for up to seven years after a particular major release (ten years with the optional "Extended Update Support" Add-On).

Red Hat Enterprise Linux is released on a multi-year cycle between major releases. Minor updates to major releases are released roughly every six months during the lifecycle of the product. Systems certified on one minor update of a major release continue to be certified for future minor updates of the major release. A core set of shared libraries have APIs and ABIs

(12)

Introduction

x RH401-6-en-1-20110713

is running on “bare metal”, in a virtual machine, as a software appliance, or in the cloud using technologies such as Amazon EC2.

Currently, the Red Hat Enterprise Linux product family includes:

• Red Hat Enterprise Linux for Servers: the datacenter platform for mission-critical servers running Red Hat Enterprise Linux. This product includes support for the largest x86-64 and x86-compatible servers and the highest levels of technical support, deployable on bare metal, as a guest on the major hypervisors, or in the cloud. Subscriptions are available with flexible guest entitlements of one, four, or unlimited guests per physical host. Pricing is based on the basis of the number of socket-pairs populated on the system motherboard, the number of guests supported, the level of support desired, and the length of subscription desired. Red Hat Enterprise Linux for IBM POWER and Red Hat Enterprise Linux for IBM System z are similar variants intended for those system architectures.

• Red Hat Enterprise Linux Desktop: built for the administrator and end-user, Red Hat Enterprise Linux Desktop provides an attractive and highly productive environment for knowledge workers on desktops and laptops. Client installations can be finely tailored and locked down for simplicity and security for any workstation task.

The basic Desktop variant is designed for task workers who have a limited amount of

administrative control over the system, who primarily use productivity applications like Firefox Evolution/Thunderbird, OpenOffice.org, and Planner/TaskJuggler. The more sophisticated Workstation variant is designed for advanced Linux users who need a stand-alone development environment, and who are expected to have local super-user privileges or selected super-user privileges.

In addition, other variants exist such as Red Hat Enterprise Linux for HPC Head Node and Red Hat Enterprise Linux for HPC Compute Node (targeted at high-performance computing clusters), and Red Hat Enterprise Linux for SAP Business Applications. For more information please visit http://www.redhat.com/.

Additional Red Hat Enterprise Linux Software

Two additional software update channels are provided with Red Hat Enterprise Linux beyond the core software packages shipped:

• Supplementary: the "Supplementary" channel provides selected closed source packages, built for Red Hat Enterprise Linux as a convenience to the customer. These include things like Adobe Flash or proprietary Java JVMs.

• Optional: the "Optional" channel provides selected open source packages, as a convenience only. They are generally included in another Red Hat Enterprise Linux variant as a fully-supported package, or are a build requirement for the distribution. These packages are only available through a Red Hat Network child channel.

(13)

Additional Red Hat Enterprise Linux Software

Important

Supplementary and Optional packages are provided with limited support, as a customer convenience only.

Red Hat also offers a portfolio of fully-supported Add-Ons for Red Hat Enterprise Linux which extend the features of your Red Hat Enterprise Linux subscription. These add-ons allow you to add capabilities and tailor your computing environment to your particular needs. These Add-Ons include support for high availability application clustering, cluster file systems and very large file systems, enhanced system management with Red Hat Network, extended update support, and more.

Note

Please visit http://www.redhat.com/rhel/add-ons/ for more information about available Add-Ons for Red Hat Enterprise Linux.

For information about other products which are provided by Red Hat, such as Red Hat Enterprise Virtualization, JBoss Enterprise Middleware, Red Hat Enterprise MRG, and various custom consulting and engineering services, http://www.redhat.com/products/ also has useful information.

The Fedora Project also provides additional packages for Red Hat Enterprise Linux through EPEL (Extra Packages for Enterprise Linux). EPEL is a volunteer-based community effort to create a repository of high-quality add-on packages which can be used with Red Hat Enterprise Linux and compatible derivatives. It accepts legally-unencumbered free and open source software which does not conflict with packages in Red Hat Enterprise Linux or Red Hat add-on products. EPEL packages are built for a particular major release of Red Hat Enterprise Linux and will be updated by EPEL for the standard support lifetime of that major release.

Red Hat does not provide commercial support or service level agreements for EPEL packages. While not supported officially by Red Hat, EPEL provides a useful way to reduce support costs for unsupported packages which your enterprise wishes to use with Red Hat Enterprise Linux. EPEL allows you to distribute support work you would need to do by yourself across other

(14)

Introduction

xii RH401-6-en-1-20110713

Important

EPEL is supported by the community-managed Fedora Project and not by Red Hat Support.

Contacting Red Hat Technical Support

One of the benefits of your subscription to Red Hat Enterprise Linux is access to technical support through Red Hat's customer portal at http://access.redhat.com/. If you do not have a Red Hat account on the customer portal or are not able to log in, you can go to https:// access.redhat.com/support/faq/LoginAssistance.html or contact Customer Service for assistance.

You may be able to resolve your problem without formal technical support by searching Knowledgebase (https://access.redhat.com/kb/knowledgebase/). Otherwise, Red Hat Support may be contacted through a web form or by phone depending on your support level. Phone numbers and business hours for different regions vary; see https://access.redhat.com/support/contact/technicalSupport.html for current information. Information about the support process is available at https:// access.redhat.com/support/policy/support_process.html.

Some tips on preparing your bug report to most effectively engage Red Hat Support:

• Define the problem. Make certain that you can articulate the problem and its symptoms before you contact Red Hat. Be as specific as possible, and detail the steps you can use (if any) to reproduce the problem.

• Gather background information. What version of our software are you running? Are you using the latest update? What steps led to the failure? Can the problem be recreated and what steps are required? Have any recent changes been made that could have triggered the issue? Were messages or other diagnostic messages issued? What exactly were they (exact wording may be critical)?

• Gather relevant diagnostic information. Be ready to provide as much relevant information as possible; logs, core dumps, traces, the output of sosreport, etc. Technical Support can assist you in determining what is relevant.

• Determine the Severity Level of your issue. Red Hat uses a four-level scale to indicate the criticality of issues; criteria may be found at https://access.redhat.com/support/ policy/GSS_severity.html.

(15)

Contacting Red Hat Technical Support

Warning

Bugzilla is not a support tool! For support issues affecting Red Hat Enterprise Linux, customers should file their bugs through the support channels discussed above in order to ensure that Red Hat is fully aware of your issue and can respond under the terms of your Service Level Agreement. Customers should not file bugs directly in the http:// bugzilla.redhat.com/ web interface.

For Red Hat Enterprise Linux, Bugzilla is used by engineering to track issues and changes, and to communicate on a technical level with Engineering partners and other external parties. Anyone, even non-customers, can file issues against Bugzilla, and Red Hat does monitor them and review them for inclusion in errata.

However, Red Hat does not guarantee any SLA for bugs filed directly in Bugzilla (bypassing normal support channels). A review might happen immediately, or after a time span of any length. Issues coming through Support are always prioritized above issues of similar impact and severity filed against Bugzilla. Also, work arounds and hotfixes if possible and appropriate may be provided to customers by Support even before a permanent fix is issued through Red Hat Network.

Red Hat considers issues directly entered into Bugzilla important feedback, and it allows us to provide efficient interaction with the open source development community and as much transparency as possible to customers as issues are processed. Nevertheless, for customers encountering production issues in Red Hat Enterprise Linux, Bugzilla is not the right channel.

(16)

(17)

About This Course

Red Hat Enterprise Deployment and Systems

Management

RH401 Red Hat Enterprise Deployment and Systems Management is a four-day lab-based course that explores the concepts and methods necessary for successful large-scale deployment and management of Red Hat Enterprise Linux systems. Course participants will learn how to install and use a Red Hat Network Satellite Server to deploy and manage systems.

Subjects covered in the course include: installing and managing a Red Hat Network Satellite Server; provisioning systems using RHN, DHCP, and PXE; using revision control software to manage script and configuration file development; and building custom RPMS. Attention will be given on how to structure RHN organizations and user accounts, modify programs which use the RHN programming API, and look at routine RHN Satellite Server maintenance functions.

Objectives

• Understand large-scale deployment issues

• Install, configure, and maintain RHN Satellite Server • Build custom RPM software packages

• Use Subversion revision control software to manage changes • Use RHN Satellite for effective software life cycle management • Deploy a PXE infrastructure for bare metal provisioning • Understand and deploy RHN Proxy Server

Audience and Prerequisites

• RH401 is aimed at senior Red Hat Enterprise Linux system administrators and other IT professionals working in enterprise environments.

• RH401 requires RHCE-level system administration skills. A current RHCE certification is recommended, but not required.

(18)

About This Course

xvi RH401-6-en-1-20110713

This course is divided up into a number of Units organized around a particular topic area. Each Unit is divided up into multiple Sections which focus on a specific skill or task. The unit will start with an introduction to the material, then move on to the first section.

In each section, there will be a presentation led by the instructor. During the presentation, it may be a good idea to take notes in your student workbook (this book), and the instructor may remind you to do so. The presentation is followed by a short activity or assessment to give you the opportunity to practice with the material or review procedures. After a review of the assessment, the instructor will move on to the next section. At the end of the unit, there will normally be a hands-on lab exercise of some sort (a "criterion test") which will give you an opportunity to learn by doing and review your understanding of the unit's content. Please feel free ask questions in class, or asking the instructor for advice and help during the end-of-unit exercise. We want the classroom environment to be a "low risk" place where you feel comfortable asking questions and learning from things that work and things that do not at first.

Orientation to the Classroom Network

Two subnets may be used in this course. The primary classroom network is 192.168.0.0/24, and belongs to hosts in the DNS domain "example.com". This network will be used for most classroom activities. Some courses use a second subnet, 192.168.1.0/24, belonging to hosts in the DNS domain "remote.test". This network can be reached from hosts in example.com, and is used in lab exercises which require testing services or security settings from machines (theoretically) outside your administrative control.

Students are each assigned two physical machines (desktopX.example.com on 192.168.0.X) and (desktopY.example.com on 192.168.0.Y). The first machine will server as the RHN Satellite Server which will be used to manage the second machine which is the client. When bare-metal provisioning becomes the focus of the course, the client machine will be cabled to a private network behind the RHN Satellite Server and will assume the identity (station1.privateX.com on 10.100.X.1).

The instructor controls a number of machines which students may see as well. The

instructor.example.com machine is the classroom utility server, providing default routing services, DHCP, DNS name service, one or more Yum repositories of software used by the class, and other network services. It is also connected to the classroom video projector to allow the instructor to display slides and demonstrations.

Machine name IP addresses Role

desktopX.example.com 192.168.0.X Physical student workstation -RHN Satellite Server

desktopY.example.com 192.168.0.Y Physical student workstation -RHN client

station1.privateX.com 10.100.X.1 RHN client on a private

network

instructor.example.com 192.168.0.254 Physical instructor machine and utility server

(19)

Internationalization

Language Support

Red Hat Enterprise Linux 6 officially supports twenty-two languages: English, Assamese, Bengali, Chinese (Simplified), Chinese (Traditional), French, German, Gujarati, Hindi, Italian, Japanese, Kannada, Korean, Malayalam, Marathi, Oriya, Portuguese (Brazilian), Punjabi, Russian, Spanish, Tamil, and Telugu. Support for Maithili, Nepalese, and Sinhala are provided as Technology Previews.

System-wide Default Language

The operating system's default language is normally set to US English (en_US.UTF-8), but this can be changed during or after installation.

To use other languages, you may need to install additional package groups to provide the appropriate fonts, translations, dictionaries, and so forth. By convention, these package groups are always named language-support. These package groups can be selected during installation, or after installation with PackageKit (System → Administration → Add/Remove Software) or yum.

A system's default language can be changed with system-config-language (System → Administration → Language), which affects the /etc/sysconfig/i18n file.

Per-user Language Selection

Users may prefer to use a different language for their own desktop environment or interactive shells than is set as the system default. This is indicated to the system through the LANG environment variable.

This may be set automatically for the GNOME desktop environment by selecting a language from the graphical login screen by clicking on the Language item at the bottom left corner of the graphical login screen immediately prior to login. The user will be prompted about whether the

(20)

Internationalization

xviii RH401-6-en-1-20110713

Languages with non-ASCII characters may have problems displaying in some environments. Kanji characters, for example, may not display as expected on a virtual console. Individual commands can be made to use another language by setting LANG on the command-line:

[user@host ~]$ LANG=fr_FR.UTF-8 date lun. oct. 24 10:37:53 CDT 2011

Subsequent commands will revert to using the system's default language for output. The locale command can be used to check the current value of LANG and other related environment

variables.

Input Methods

IBus (Intelligent Input Bus) can be used to input text in various languages under X if the

appropriate language support packages are installed. You can enable IBus with the im-chooser command (System → Preferences → Input Method).

Language Codes Reference

Language $LANG value Language package group

English (US) en_US.UTF-8 (default)

Assamese as_IN.UTF-8 assamese-support

Bengali bn_IN.UTF-8 bengali-support

Chinese (Simplified) zh_CN.UTF-8 chinese-support

Chinese (Traditional) zh_TW.UTF-8 chinese-support

French fr_FR.UTF-8 french-support

German de_DE.UTF-8 german-support

Gujarati gu_IN.UTF-8 gujarati-support

Hindi hi_IN.UTF-8 hindi-support

Italian it_IT.UTF-8 italian-support

Japanese ja_JP.UTF-8 japanese-support

Kannada kn_IN.UTF-8 kannada-support

Korean ko_KR.UTF-8 korean-support

Malayalam ml_IN.UTF-8 malayalam-support

Marathi mr_IN.UTF-8 marathi-support

Oriya or_IN.UTF-8 oriya-support

Portuguese (Brazilian) pt_BR.UTF-8 brazilian-support

Punjabi pa_IN.UTF-8 punjabi-support

(21)

Language Codes Reference

Language $LANG value Language package group

Spanish es_ES.UTF-8 spanish-support

Tamil ta_IN.UTF-8 tamil-support

Telugu te_IN.UTF-8 telugu-support

Technology Previews

Maithili mai_IN.UTF-8 maithili-support

Nepali ne_NP.UTF-8 nepali-support

Sinhala si_LK.UTF-8 sinhala-support

(22)

(23)

Chapter 1.

UNIT ONE

ESSENTIAL SYSTEM

MANAGEMENT

Introduction

Topics covered in this unit:

• Define enterprise management best practices • Standardization

• Centralization • Scalability • Provisioning • Automation

(24)

Chapter 1. Essential System Management

2 RH401-6-en-1-20110713

Enterprise Management Best Practices

Fill in the enterprise best practices below and take notes as your instructor explains them: 1. 2. 3. 4. 5.

Standardization

Standardization is a very important piece of the puzzle of successful system administration. Generally standardization is a prerequisite of automation, and automation is the ultimate goal. By performing tasks with the same, well thought out method each and every time you will reduce the possibility of human error and increase the amount you know about every installed system. Procedures: A software installation procedure might be a follows:

1. Install new software on test machines to determine appropriate configuration 2. Create RPM packages for third party software that does not natively support RPM 3. Deploy RPM packages on test machines

4. Deploy tested RPM packages to production machines 5. Verify proper operation of affected systems

6. Rollback to a previous configuration if necessary

Baselines: In System Administration a system baseline describes the state of the machine when it is considered installed and ready for use. Whatever must be done to take the system from bare metal to this state must be documented and preferably automated.

The baseline must include: • OS package install list • Filesystem layout

(25)

Centralization

• Third party software • Configuration files • Anything else!

Centralization

By centralizing policies, procedures, and baselines into one easily managed system you make all aspects of system administration more efficient. Having multiple places to search to find answers about your systems is tedious and should be avoided.

Scalability

Scalability is growth in capacity with minimal system administrator impact. Goal: increased production with minimal cost growth.

In defining every project and procedure, scalability must always be an important consideration. A little extra work up front will pay off in multitudes of saved time and avoided errors.

A Simple Example: OS Installation

Manual installation of individual machines requires much time to perform and lends itself to deviation from a corporate standard. In contrast installing new machines using kickstart yields machines that conform to a standard build specification, require little human interaction to perform the install process, and allows for many installs to occur simultaneously.

Provisioning

Provisioning is the process taken to turn a system from bare-metal to installed and configured to meet the defined baseline. This should be as close to a fully automated process as possible. Components of a provisioning environment:

DHCP Server: Dispenses configuration information, for example IP addresses, PXE images, and other information including the addresses of network file servers.

Network Installation Server: Stores and shares to the network all the files that make up the OS installation and possibly in-house or 3rd party software as well.

RHN Satellite Server: Centrally managed server that deploys, maintains, and monitors Red Hat Enterprise Linux systems.

(26)

4 RH401-6-en-1-20110713

Tools: Bash, Perl, and Ruby are all scripting languages that may be used in the %post section of a kickstart file.

sed is the streaming editor that is useful for making changes to existing files as well as editing the output from other programs.

In the %post section of a kickstart file, all scripts run in a chroot'ed environment by default, allowing you to easily use any interpreter installed on the new system. With the wide variety of tools included in Red Hat Enterprise Linux, there is virtually no limit to what may be automatically performed for system installation or management.

The "One-off" Trap

One-off systems require special care and extra work to maintain. Generally the longer they are kept running the worse of a headache they become.

Unique Installations: Every uniquely installed system requires extra work to maintain. Avoid unique installations.

Package Management: Ideally, package management should be pervasive. Every piece of software install outside of package management will require more work and at the same time be less visible as a potential problem.

Configuration Files: The use of a version control system to maintain configuration files, combined with a centralized system to manage them allows for quick and efficient deployment as well as rollbacks, when needed.

Documentation: Everything should be documented. This includes software versions, baseline definitions, configuration files, and procedures.

(27)

Centralization

Practice Resequencing Exercise

Enterprise Management Best Practices

For each of the keywords below, write down the number of its definition from the list at the bottom. Standardization Centralization Scalability Provisioning Automation

1. Growth in capacity with minimal system administrator impact.

2. Performing tasks with the same, well thought out method each and every time.

3. The process taken to turn a system from bare-metal to installed and configured to meet the defined baseline. This should be as close to a fully automated process as possible.

4. Generally requires more upfront work. Investing time writing kickstart files allows one to install more systems simultaneously and more quickly than could be achieved by hand. 5. Gather policies, procedures, and baselines into one easily managed system.

(28)

6 RH401-6-en-1-20110713

PXE/Kickstart Installation

PXE Peer Tutoring

Your instructor will split the class into teams. Gather around one of your machines and determine how to initiate a PXE installation. Write the steps needed to PXE boot below.

(29)

Centralization

Practice Exercise

PXE Boot

Carefully perform the following steps. Ask your instructor if you have problems or questions. The purpose of this exercise is to become familiar with the PXE capabilities of the classroom hardware. You will also look at the menu and capabilities that are provided by the classroom provisioning environment. You will not be installing your workstations - that is for a later exercise.

1. PXE boot one of your two machines, either of your machines will work.

2. In the PXE menu, edit the “Install minimal RHEL 5 for RHN Satellite use” option. What are the two options included for Kickstart?

(30)

Chapter 1. Essential System Management 8 RH401-6-en-1-20110713 Test

Criterion Test

Exercise

Provisioning Preview

Before you begin...

You have two servers: desktopX and desktopY. Both servers are currently connected to the classroom network (192.168.0.0/24) which includes the instructor's machine, instructor.example.com. desktopX should be equipped with two Ethernet interfaces. Carefully perform the following steps. Ask your instructor if you have problems or questions. Let's preview the capabilities and conveniences of a bare-metal provisioning environment. The instructor's machine, instructor.example.com, has been configured to provide bare-metal provisioning services. Your task is to configure both of your servers to PXE-boot and kickstart themselves.

1. Reboot desktopX and go into the system BIOS configuration screens and make adjustments so desktopX will attempt to PXE boot from the network. Ask your instructor for help since this process can vary between various classroom environments.

2. Reboot desktopX, but this time allow it to PXE boot from the network. If everything is properly configured, you should be presented with a PXE boot menu similar to the following:

Choose the “Install minimal RHEL 5 for RHN Satellite use” option without any arguments to begin the installation. While the installation begins, repeat these steps on your second

(31)

Centralization

server, desktopY. Be sure to choose the “Install minimal RHEL 5 for RHN Satellite use” option without any arguments to begin the installation.

(32)

10 RH401-6-en-1-20110713

(33)

Centralization

Unit Summary

Enterprise Management Best Practices In this section you learned the value of: • Standardization • Centralization • Scalability • Provisioning • Automation . PXE/Kickstart Installation

In this section you learned how to: • Initiate a PXE installation

• Determine kickstart arguments in an installation .

(34)

(35)

Chapter 2.

UNIT TWO

INSTALLING A RED HAT

NETWORK SATELLITE SERVER

Introduction

• Advantages of the RHN Satellite Server • Installing Red Hat Network Satellite software • Downloading channel content ISOs

• Importing channel content into a RHN Satellite server • Troubleshooting a Satellite Server installation

(36)

Chapter 2. Installing a Red Hat Network Satellite Server

14 RH401-6-en-1-20110713

RHN Satellite Server Concepts

Features of RHN Satellite Server

The original Red Hat Network solution provided users with the ability to get immediate and easy access to the latest updated software, thus solving the critically important problem of errata concurrency. With the success of this product came the problem of data access speeds, particularly in enterprises containing a large number of systems: many systems were synchronizing with the Red Hat Network servers from a single location, often downloading the same data.

The RHN Satellite Server was created to solve this problem. The RHN Satellite Server provides an on-site server that feeds updates within an enterprise with minimal (or potentially no) access to the Red Hat Network servers over the Internet. This permits updates to happen over LAN speeds, instead of WAN speeds. Furthermore, tiered with a number of RHN Proxy or additional Satellite servers, a large enterprise can distribute updates efficiently across a geographically dispersed intranet.

Some high security data centers are disconnected from the Internet and cannot access the services of RHN provided by Red Hat's servers. A Satellite server allows these types of centers to have RHN software deployment features that their disconnected requirements wouldn't allow for otherwise.

Another key feature of RHN Satellite is the ability to create custom software channels. This gives you the ability to add your own software into the RHN Satellite system and the ability to do bare-metal provisioning, installing across a large number of systems with relative ease.

Advantages of RHN Satellite Server

Five major advantages of using RHN Satellite server include: 1.

2.

3.

4.

(37)

RHN Satellite Server Components

RHN Satellite Server improves security by ensuring that software updates are rolled out in a timely manner. The disconnection from the Internet assures that all transactions are performed within the intranet. Coupled with RHN Proxy servers or with multiple RHN Satellite servers, highly geographically dispersed environments can get rapid access to updates.

RHN Satellite server allows local administrators (not Red Hat) control over which systems can access the server with what permissions.

The ability to load third-party or custom software packages into the RHN Satellite server and to create custom channels permits a high level of customization.

RHN Satellite Server Components

The RHN Satellite Server is a large and complex subsystem, consisting of: • Red Hat Network Satellite Server: the underlying software.

• An Oracle Database: the RHN Satellite Server requires a database to store information about the systems it manages. This database can be an existing Oracle database or it can be embedded in the Satellite Server software.

• Web Interface: much of the management of the RHN Satellite Server happens through the web interface. This looks very similar to Red Hat's RHN web interface.

• RPM Repository: the part of the system taking the most disk space, this repository holds the software to be distributed by the RHN Satellite Server.

• Management Tools: a number of command line and web based management tools permitting the setup and maintenance of the server. RHN Satellite also has an API for access to Satellite information and functions.

References

Red Hat Network Satellite Installation Guide • Section 1.1: Red Hat Network

(38)

16 RH401-6-en-1-20110713

RHN Satellite Server Installation

Standalone vs. Embedded Database

The RHN Satellite Server requires a database. If you already have an Oracle database with sufficient disk space and power, you can use it to hold the RHN Satellite Server database provided that you have a database administrator who can manage the setup of the service. It is important you do not run the RHN Satellite Server on the same system that runs the Oracle database.

If you do not have an Oracle database, or if it does not have sufficient disk, RAM, or CPU resources, you can install the RHN Satellite Server with an embedded database. This database requires additional disk space. It has the advantage of having a single system acting as both Satellite Server and database server. Further, the database is already fully configured, requiring less effort on the part of the database administrator.

Hardware Requirements

RHN Satellite Servers have relatively high hardware requirements since they can run an instance of the Oracle database (for the embedded version) as well as deliver a large amount of data to remote systems. Because the Oracle database runs multiple processes, multiple processors can significantly improve performance.

The RHN Satellite Server uses a considerable amount of disk space and it is time consuming to repopulate a database should a disk fail. It is strongly recommended to use redundant storage to hold the underlying data.

The hardware specifications outlined in the Red Hat Network Satellite Installation Guide are standard minimal and recommended specifications for Red Hat Network Satellite. The following table shows typical specifications and capacity of RHN Satellite server deployments:

Hardware specifications RHN client system capacity

32-bit x86 with 2GB of RAM ~500 RHN client systems 32-bit x86 with 4GB of RAM ~2,000 RHN client systems 64-bit x86 with 8-16GB of RAM ~15,000 RHN client systems Table 2.1. RHN Satellite Server Capacity

File System Requirements

The embedded database is installed in /rhnsat and RPM channel content is stored in /var/ satellite. Do not skimp on the hard disk requirements! Red Hat Network Satellite Server will not run on systems with insufficient disk space. For example, /var/satellite may need approximately 120 GB of disk capacity to maintain content for Red Hat Enterprise Linux versions 4 through 6 for two architectures.

Furthermore, when populating the database using channel content ISOs you will need

substantially large amounts of temporary disk space. For example the base channel content ISOs for Red Hat Enterprise Linux 5 Client/Server i386 (11 CD ISOs) originally took almost 7 GB of storage. As of April, 2011 they have grown to almost 47 GB of storage (11 DVD ISOs) to include all revisions including RHEL 5.6. To use these ISOs, you will need to mount each one and copy it over to a temporary location which will take an additional 47 GB of disk space. Therefore, for this

(39)

Installing Satellite Server: The Base Install

one channel, almost 100 GB of temporary space will be needed to expand the channel content to be synchronized into a RHN Satellite server.

Older versions of RHEL require more space because of their longer history of package updates. Red Hat Enterprise Linux 5 Server (ia64) + EUS + AMC + RHN Tools + Supplementary (Base 2011-04-13) is published, at the time of this writing, on 7 DVD ISOs.

Installing Satellite Server: The Base Install

The base install of the RHN Satellite Server is substantially similar to other Red Hat operating system installations. However, note the following:

SELinux: The RHN Satellite Server installer requires SELinux to be enabled. Enable SELinux in Permissive Mode when installing the base operating system.

Disk space: Refer to the previous information on disk space allocations. Follow or exceed the guidelines, as the RHN Satellite Server will not install properly without a sufficient amount of disk space.

Time: The SSL parts of the server installation require proper synchronization of time with the computers that must communicate with one another. Use UTC for the hardware time and if possible run the Network Time Protocol daemon on all RHN Satellite Servers, RHN Proxy Servers and on their client systems.

Software Packages: Only install the @Base package group to avoid RPM dependency conflicts. The @GNOME package group may also be selected if you want to administer the Satellite Server locally, but it is not required. Provide additional RPMS to satisfy package dependencies: either register the Satellite system with Red Hat Network or point to a yum repository with RHEL RPMs.

Installing the Satellite Software

Installing the RHN Satellite Server software is a time consuming process, made faster by powerful dual processors and a large amount of RAM. To begin the installation, download the latest RHN Satellite software ISO from Red Hat Network. Note that two versions of the software are provided: the standalone version and the embedded version. Only one is needed.

The RHN Satellite Server ISO contains an installation script called install.pl. Execute this script to begin the installation process. install.pl will update some system libraries and install additional packages required by the Satellite Server software. After installing all relevant software RPMs, this application prompts the user for the following information:

(40)

18 RH401-6-en-1-20110713

SSL certificate information: All communication between your Satellite Server and its clients will be done through encrypted tunnels. This requires an SSL certificate. You will have to provide information about your organization, its location, and a certificate password which you should record and put in a safe place.

This is a long process, typically taking near an hour to complete, including the time needed to answer the installer's questions and for the computer to process the data. Installer log messages can be found in a file called /var/log/rhn/rhn-installation.log.

install.pl Options

Options can be passed to install.pl to modify how it behaves when installing the Satellite Server software.

The --disconnected option indicates the Satellite Server will operate disconnected from the Internet. In this case install.pl will not prompt for RHN credentials used to connect to Red Hat's servers.

An answer file can be specified at install time with the --answer-file option. The user provides install.pl with the absolute path name to a text file with answers to the installer's questions which the user created beforehand. This allows the installation process to be

performed in an unattended manner which prevents mistakes from being committed during the installation process. A sample answers.txt file can be found on the Satellite Server install media in the install subdirectory.

Note

The --answer-file option requires an absolute path name. When a relative path name is specified, the RHN Satellite installer will silently ignore this option and start prompting the user with questions.

The --re-register option causes install.pl to re-register the Satellite Server with Red Hat Network, even if it is already registered.

--clear-db tells install.pl to clear any existing database schema before installing on a previously installed server. This is useful when Satellite Server software needs to be reinstalled. A best practice is to install a RHN Satellite Server in disconnected mode and initially populate it from local media. The eliminates any dependence upon Internet connectivity and grants best installation performance. Later the Satellite Server can be registered and reactivated with Red Hat Network, then channel content can be brought up to date against Red Hat's servers.

References

Red Hat Network Satellite Installation Guide • Chapter 2: Requirements

(41)

Installing Satellite Server: The Base Install

Practice Performance Checklist

Installing Red Hat Network Satellite Software

You should have a Red Hat Enterprise Linux 5 Server with a minimal installation on desktopX. Install RHN Satellite software on your provisioning server, desktopX.

Copy the sample RHN Entitlement Certificate, redhat-gls-minimal-5.4.cert, from the instructor's machine to root's home directory (~). This file can be found in the automounted /misc/instructor/rh401-satellite directory.

Copy the satellite-embedded-*.iso image found on the instructor's machine to / tmp then mount it using a loopback device to /mnt. Don't execute /mnt/install.pl. We will use this script shortly. Instead list the contents of /mnt/install and look for a file called answers.txt. This file can be modified and used with install.pl to perform an unattended installation of the RHN Satellite Server software. Copy answers.txt to root's home directory.

Use your favorite text editor to modify root's answers.txt file. Find the following variable definitions and make all necessary adjustments:

# RHN Satellite Server administrator admin-email = [email protected]

# Satellite Server CA certificate info ssl-set-org = Red Hat Inc. ssl-set-org-unit = Training ssl-set-city = your city ssl-set-state = your state

ssl-set-country = your two-letter country code ssl-set-email = [email protected] ssl-password = a password you can remember

# Location of RHN Satellite Entitlement certificate satellite-cert-file = /root/redhat-gls-minimal-5.4.cert

run-updater = yes

ssl-config-sslvhost = yes enable-tftp = yes

Although comments in the file suggest ssl-set-mail defaults to the value of admin-email, that is not the case and the installer will stop and prompt you for the SSL

(42)

e-Chapter 2. Installing a Red Hat Network Satellite Server

20 RH401-6-en-1-20110713

Once the SSL certificate has been generated and imported into the Satellite Server, install.pl will restart the Satellite Server then exit. A URI will be displayed which you can use with a browser to complete the installation process.

Launch a web browser and visit the URI displayed by install.pl: https:// desktopX.example.com. Examine the certificate offered to your browser and see if you recognize some of the values about the certificate subject and the issuer. Once you are satisfied with the contents of the certificate, accept it into your browser permanently. Create a RHN user called satadmin with a password of redhat. The e-mail address for this account should be [email protected]. Provide your name for the additional account information. You are now logged in as the Satellite Administrator, satadmin, of a functioning Red Hat Network Satellite Server.

Unmount the ISO image from /mnt since the installation of the RHN Satellite Server software is complete.

Use yum to install updated packages for the Red Hat Network Satellite Server software. The classroom kickstart process configures yum to point to repositories provided by the instructor's server. After the packages have been updated, restart your Satellite Server.

(43)

Obtaining Software from Hosted RHN

Populating the Satellite Server over the Network

Populating the database over the network takes less administrator time but more clock time overall. Use the satellite-sync command to perform a network synchronization, specifying the channel you wish to download:

[root@host ~]# satellite-sync -c rhel-i386-client-vt-5

This single command will perform the task, but it may take several hours for base channels with thousands of packages.

Channel Content ISOs

Channel Content ISOs contain the information, including RPMs and metadata, needed to populate a Satellite Server. They are not a package-for-package match to a channel, instead they are a superset. A particular Channel Content ISO may contain channel data for that base channel, for its child channels, and even for related, but different, base channels. For example, a listing of the channels included on the channel content ISOs distributed for “RHEL 5 Client/ Server (i386) + vt + cluster + supplementary + workstation” might read as follows (from satellite-sync --list-channels):

Retrieving / parsing channel data

p = previously imported/synced channel . = channel not yet imported/synced base-channels: p rhel-i386-client-5 1807 p rhel-i386-server-5 2411 rhel-i386-client-5: . rhn-tools-rhel-i386-client-5 348 . rhel-i386-client-workstation-5 891 . rhel-i386-client-supplementary-5 27 . rhel-i386-client-vt-5 34 rhel-i386-server-5: . rhn-tools-rhel-i386-server-5 348 . rhel-i386-server-hts-5 4 p rhel-i386-server-vt-5 34 . rhel-i386-server-supplementary-5 46 . rhel-i386-server-cluster-5 39 . rhel-i386-server-cluster-storage-5 51

(44)

22 RH401-6-en-1-20110713

Note

Importing channel content into a RHN Satellite server can take a long time to complete. This is especially true when a Satellite server is freshly installed. Installing a small base channel and restarting the Satellite server causes the embedded database to initialize itself so that further channel installs are much quicker. In the lab exercise, a simple base channel called one-rpm-channel will be used for this purpose.

Using Channel ISOs to Populate the Satellite Server

To populate the database using the Channel Content ISOs:

1. Confirm you have sufficient disk space. You will need disk space for the ISOs and the data to be extracted from the ISOs, in addition to the disk space needed to store the data in the database.

2. Download the Channel Content ISOs from Red Hat Network.

• Log onto Red Hat Network and click the Software Downloads icon.

• Expand the base channel called Red Hat Enterprise Linux (v. 5 for 64-bit x86_64), or the version of Red Hat Enterprise Linux you are using, by clicking the plus symbol to the left of the channel name. Then click the link for the latest Red Hat Network Satellite channel. For example, you might select Red Hat Network Satellite (v5.4 for Server v5 AMD64 / Intel64).

• Click View Base Channel Content ISOs for Satellite to list the Channel Content ISOs. Scroll down to find the Channel Content ISOs for the channel you wish to download. For example, scroll down to Red Hat Enterprise Linux 5 Client/Server (i386) + rhn-tools + vt + cluster + supplementary + workstation (Base 2009-09-30) to download the content ISOs for that channel.

3. For each channel, mount each ISO in turn and copy the data to a temporary directory. If you intend to use the expanded channel content on more than one Satellite Server (or back it up), be sure to mount it read only since satellite-sync will attempt to remove the content as it imports the RPMS.

4. List the channels available from the Channel Content ISOs. For example, if you have copied the ISO data into a directory called /rhn-sat-import, then list the available channels by running:

[root@host ~]# satellite-sync -m /rhn-sat-import --list-channels

5. Run the satellite-sync command to upload the information from this directory into the Satellite Server. For example, to load the rhel-i386-server-5 channel into the database that has been copied into /rhn-sat-import, run:

(45)

Using Channel ISOs to Populate the Satellite Server

Installing a base channel does not include the child channels or the related channels. They must be installed separately.

References

Red Hat Network Satellite Installation Guide • Chapter 7: Troubleshooting

(46)

24 RH401-6-en-1-20110713

Preparing Channel Content for Import

The RHN Satellite software installation on your desktopX machine should be completed.

Channel content ISOs are available from the instructor's machine, instructor.example.com. Extract their contents into a common directory on your Satellite server, desktopX, so the channel content can be imported in a later lab exercise.

The first step to take is make sure you have enough disk space to extract the content ISOs. They will require over 8 GB of space. Notify your instructor if you don't have enough room on your machine to extract them.

The content ISOs are published to the classroom in the /misc/instructor/rh401-satellite/sat-rhel6-content/ directory. Mount the content ISOs using a loop interface to /mnt and copy the contents of both ISOs to a directory called /root/sat-rhel6-content/.

(47)

Importing Initial Software Packages

RHN Software Channels

The Red Hat Network system deploys packages based on the concept of software channels. A software channel is essentially a collection of packages. The two types of software channels are base channels and child channels. A base channel is the collection of packages that all systems using a particular type of software typically will install (it is not always necessary to install all packages, but a full install would include all of these packages). Child channels provide additional software related to the base channel.

For example, if you browse Red Hat Network's Channels tab, you will see the latest version of the Red Hat Enterprise Linux base channel along with its associated child channels. It will look something like this:

Channel Name Architecture

Red Hat Enterprise Linux Server 5 IA-32, IA-64, PPC, s390x, x86_64 Red Hat FasTrack Server 5 IA-32, IA-64, PPC, s390x, x86_64 Red Hat Network Tools Server 5 IA-32, IA-64, x86_64

Red Hat Productivity Apps Server 5 IA-32, x86_64

Red Hat Supplementary Server 5 IA-32, IA-64, PPC, s390x, x86_64 Red Hat Virtualization Server 5 IA-32, IA-64, x86_64

The channels are listed in alphabetical order by name, followed by the architectures relevant to that channel.

The channel listing on a Satellite Server looks a little different. The software channels are displayed in a way that shows their relationship to each other. The base channel is displayed first with its child channels appearing immediately below their parent:

Channel Name Packages Systems -Red Hat Enterprise Linux (v. 5 for 32-bit x86) 3239 10 |--RHEL Virtualization (v. 5 for 32-bit x86) 67 3 ...

RHN Entitlement Certificate

Entitlement Certificates unlock the services of Satellite Servers. They define how many systems can register with the Satellite Server and what types of system entitlements they have, such as Update, Management, Provisioning, or Monitoring. They also define the number and type of

(48)

26 RH401-6-en-1-20110713

<rhn-cert-field name="issued">2011-02-11 00:00:00</rhn-cert-field> <rhn-cert-field name="expires">2013-02-11 00:00:00</rhn-cert-field> <rhn-cert-field name="slots">6</rhn-cert-field>

<rhn-cert-field name="monitoring-slots">3</rhn-cert-field> <rhn-cert-field name="provisioning-slots">3</rhn-cert-field>

<rhn-cert-field name="channel-families" quantity="4" family="rhel-server"/> <rhn-cert-field name="channel-families" quantity="2" family="rhel-client"/> <rhn-cert-field name="channel-families" quantity="6" family="rhn-tools"/> <rhn-cert-field name="channel-families" quantity="1" family="rhn-proxy"/> <rhn-cert-field name="satellite-version">5.0</rhn-cert-field>

<rhn-cert-field name="virtualization_host_platform">4</rhn-cert-field> <rhn-cert-signature>

...

Populating the Satellite Server: Options

Once you have set up the RHN Satellite Server, you must populate the server with information for the various channels you wish to distribute. Red Hat provides two methods to accomplish this: network and Channel Content ISOs. Neither method is fast, but the network method is considerably slower, often taking eight hours per channel to download.

Using the network method, your server will download the RPMS and metadata over the Internet. While relatively simple to implement, this is a fundamentally inefficient method which consumes a lot of network bandwidth.

Troubleshooting

Troubleshooting tips:

Disk space! This is the number one culprit when having difficulties with the RHN Satellite Server. At install time, the system may complain of insufficient disk space, but if the Oracle embedded database has an insufficient amount of disk space, often the only symptom is that it refuses to start.

Log files: The RHN Satellite Server consists of multiple subsystems: the server itself; the Oracle database; the web interface; and many other less obvious but still important elements. Therefore, the entire system uses several log files and log directories, including:

• /var/log/rhn/ for the RHN Satellite Server software itself;

• /var/log/rhn_database.log for the embedded Oracle database; • /var/log/up2date for the Red Hat Update agent.

Even standard log files contain logging information important to this product, including: • /var/log/messages for taskomatic

• /var/log/httpd/ for the web server

Subsystems: Confirm all subsystems are running. On RHN Satellite 5.4, use the following command to check their status:

[root@host ~]# /usr/sbin/rhn-satellite status

(49)

Troubleshooting

[root@host ~]# service rhn-satellite status

Time: Use the date -u command on all RHN Satellite and Proxy Servers to confirm their time is closely coordinated.

SSL certificate: Confirm the /etc/sysconfig/rhn/{rhn_register,up2date} files on the clients are using the newly created RHN-ORG-TRUSTED-SSL-CERT certificate and not the original RHNS-CA-CERT certificate.

References

Red Hat Network Satellite Installation Guide

• Section 6.2: Importing with RHN Satellite Synchronization Tool • Section 6.3: Synchronizing

Red Hat Network Satellite Installation Guide • Chapter 7: Troubleshooting

(50)

28 RH401-6-en-1-20110713

Populating RHN Satellite with RHEL6 Software

The RHN Satellite software installation on your desktopX machine should be completed and RHN channel content from both ISOs should be expanded into the /root/sat-rhel6-content/ directory on that server.

Import the RHN base channel content for the Red Hat Enterprise Linux 6 Server software for 64-bit x86 machines into your RHN Satellite server.

The first software channel to be imported into a RHN Satellite 5.4 server takes much more time to import that subsequent channels. To conserve time, import the one-rpm-channel base software channel published in the /misc/instructor/rh401-satellite/one-rpm-channel.tar tar archive. Change into root's home directory on desktopX, extract the archive, import the one-rpm-channel software channel, then reboot your Satellite server before importing the Red Hat software channels.

Log back into desktopX as root. The sat-rhel6-content directory below root's home directory contains the software channel content needed to deploy Red Hat Enterprise Linux 6 Server.

Before you populate the database with RPMs and other information for a particular channel you must first find out which channels are available. Which software channels are provided by the content in the sat-rhel6-content directory?

Now that you have determined which channels are available, import the rhel-x86_64-server-6 channel data from the sat-rhel6-content directory into your Satellite Server's database. This process takes a very long time to complete.

Use a web browser to browse https://desktopX.example.com, where X is the machine number of your Satellite Server. You probably want to bookmark this page since you will refer to it often in upcoming lab exercises.

Log in as the Satellite Administrator, satadmin. Navigate around the web site, particularly looking at the Errata, Channels, Users, and Admin tabs.

Your RHN Satellite Server is now installed and will be ready to be used by clients when the channel content sync is complete. In a later lab you will configure clients to use this server.

(51)

Criterion Test

Test

Criterion Test

Case Study

Deploying a RHN Satellite Server

You should have a Red Hat Enterprise Linux 5 Server with a minimal installation on desktopY. Your department deploys and manages several servers running Red Hat Enterprise Linux. Your facility is an extremely secure site so you don't have access to hosted Red Hat Network services via the Internet. Your manager has invested in a Red Hat Network Satellite software to manage your systems.

Your task is to install the RHN Satellite software on your desktopY machine and load it with the software channels needed to deploy Red Hat Enterprise Linux 6 Server systems. All of the material you need to install the system can be found in the /misc/instructor/rh401-satellite directory. Use the redhat-gls-minimal-5.4.cert RHN Entitlement Certificate to activate the server.

When you install the Satellite server, make sure the SSL CA certificate information is specified as follows:

• Organization = Red Hat Inc. • Organization Unit = Training • City = your city

• State = your state

• Country = your two-letter country code

Also specify [email protected] for all e-mail addresses requested during installation.

The Satellite Administrator should log in as satadmin with a password of redhat.

How would you address the case study described above? Take notes on your process in the space below and then implement it.

(52)

30 RH401-6-en-1-20110713

(53)

Criterion Test

Unit Summary

RHN Satellite Server Concepts

In this section you learned about the features, benefits, and components of Red Hat Network Satellite software.

.

RHN Satellite Server Installation In this section you learned how to:

• Install Red Hat Network Satellite Server software .

Obtaining Software from Hosted RHN In this section you learned how to:

• Get RHN software channel content from Red Hat • Prepare channel content ISOs for use with RHN Satellite .

Importing Initial Software Packages In this section you learned how to:

• Import Red Hat software content into a Satellite server .

(54)

(55)

Chapter 3.

UNIT THREE

RED HAT NETWORK

ORGANIZATION

Introduction

• Red Hat Network organization management • User account management

• Purpose and privileges of RHN user roles • Red Hat Network system groups

(56)

Chapter 3. Red Hat Network Organization

34 RH401-6-en-1-20110713

RHN Organization Administration

Time invested in the initial planning and design of Red Hat Network organizations and system groups saves time spent on RHN Satellite Server administration later. Organizing Red Hat Network to fit with the way your company does business will allow your system administrators to maximize the benefits of using RHN.

Trust relationships between organizations allow them to share custom software channels with each other. Trust is always bi-directional between two organizations. This feature was introduced with the release of Red Hat Network Satellite 5.3.

Trust relationships also facilitate the migration of systems between organizations that trust each other. Note this is not a trivial process that can be handled using the web interface.

Command-line tools must be used to migrate a system profile from one organization to the other. Remember that organizations were originally created to provide a layer of isolation between users and systems using Red Hat Network.

A freshly installed Satellite Server starts with a single organization which has a single user -the Satellite Administrator. A best practice is to always use organizations on a new Satellite Server deployment. Even if only one managed organization is created and used, it allows for the creation of other organizations if and when the need arises.

References

Red Hat Network Satellite Deployment Guide • Chapter 3: Multiple Organizations

Red Hat Network Satellite Reference Guide • Chapter 9: Multiple Organizations

(57)

Practice Exercise

Organization Creation and Entitlement

Students should have a functioning Red Hat Network Satellite Server, desktopX, installed with Red Hat Enterprise Linux Server base channel content loaded.

Carefully perform the following steps. Ask your instructor if you have problems or questions. Log in as the Satellite Administrator of your desktopX Satellite server. Create an organization called “Example Inc.” and assign it entitlements for provisioning and managing Red Hat Enterprise Linux Server systems.

• Create an organization in your Red Hat Network Satellite Server named “Example Inc.”. The Organization Administrator is Mr. Edward Example and he should log in as example with a password of redhat. E-mail for this account should be sent to [email protected].

System entitlements should be assigned to this new organization as follows: • Management: 3

• Monitoring: 0 • Provisioning: 1 • Virtualization: 1

• Virtualization Platform: 0

The following quantity of software entitlements should be assigned as well: • Red Hat Enterprise Linux Server (v. 6): 2