manualshive.com logo in svg

Red Hat NETWORK PROXY SERVER 3.6 -, Installation Manual

The Red Hat Network Proxy Server 3.6 - Installation Manual is a comprehensive and user-friendly guide that assists you in smoothly installing and setting up the proxy server. This manual guarantees a hassle-free experience by offering step-by-step instructions and valuable insights. Download this essential manual for free from our website manualshive.com to optimize your network performance.

Share
Download
background image

Chapter 1. Introduction

3

1.4. How it Works

The

Red Hat Update Agent

on the client systems does not directly contact a Red Hat Network Server.

Instead, the client (or clients) connects to an RHN Proxy Server that connects to the Red Hat Network

Servers. Thus, the client systems do not need direct access to the Internet. They need access only to

the RHN Proxy Server.

Important

Red Hat strongly recommends that clients connected to RHN Proxy Server be running the latest

update of Red Hat Enterprise Linux to ensure proper connectivity.

By default, a client is authenticated directly by Red Hat Network Servers. Using an RHN Proxy Server,

authentication works similarly except that the RHN Proxy Server provides route information as well.

After a successful authentication, the Red Hat Network Server informs the RHN Proxy Server that it

is permitted to execute a specific action for the client. The RHN Proxy Server downloads all of the

updated packages (if they are not already present in its cache) and delivers them to the client system.
Requests from the

Red Hat Update Agent

on the client systems are still authenticated on the server

side, but package delivery is significantly faster since the packages are cached in the HTTP proxy

caching server or the RHN Proxy Server (for local packages); the RHN Proxy Server and client system

are connected via the LAN and are limited only by the speed of the local network.
Authentication is done in the following order:

1. The client performs a login action at the beginning of a client session. This login is passed

through one or more RHN Proxy Servers until it reaches a Red Hat Network Server.

2. The Red Hat Network Server attempts to authenticate the client. If authentication is successful,

the server then passes back a session token via the chain of RHN Proxy Servers. This token,

which has a signature and expiration, contains user information, including subscribe-to chan-

nels, username, etc.

3. Each RHN Proxy Server caches this token on its local file system in

/var/cache/rhn/

.

Caching reduces some of the overhead of authenticating with Red Hat Network Servers and

greatly improves the performance of Red Hat Network.

4. This session token is passed back to the client machine and is used in subsequent actions on Red

Hat Network.

From the client’s point of view, there is no difference between an RHN Proxy Server and a Red Hat

Network Server. From the Red Hat Network Server’s point of view, an RHN Proxy Server is a special

kind of client. Thus, clients are not affected by the route a request takes to reach a Red Hat Network

Server. All the logic is implemented in the RHN Proxy Servers and Red Hat Network Servers.
Optionally the RHN Package Manager can be installed and configured to serve custom packages writ-

ten specifically for the organization. These are not official Red Hat packages. After creating a private

RHN channel, the custom RPM packages are associated with the private channel by uploading the

package headers to the RHN Servers. Only the headers are uploaded, not the actual package files. The

headers are required because they contain crucial RPM information, such as software dependencies,

that allows RHN to automate package installation. The actual custom RPM packages are stored on the

RHN Proxy Server and sent to the client systems from inside the organization’s private area network.
Configuring a computer network to use RHN Proxy Servers is straightforward. The Red Hat Network

applications on the client systems must be configured to connect to the RHN Proxy Server instead

of the Red Hat Network Servers. Refer to the

RHN Client Configuration Guide

for details. On the

proxy side, one has to specify the next proxy in the chain (which will eventually end with a Red Hat

Summary of Contents for NETWORK PROXY SERVER 3.6 -

Page 1: ...RHN Proxy Server 3 6 Installation Guide ...

Page 2: ...ogo RPM Maximum RPM the RPM logo Linux Library PowerTools Linux Undercover RHmember RHmember More Rough Cuts Rawhide and all Red Hat based trademarks and logos are trademarks or registered trademarks of Red Hat Inc in the United States and other countries Linux is a registered trademark of Linus Torvalds All other trademarks and copyrights referred to are the property of their respective owners ...

Page 3: ...y Vertically Tiered Topology 10 3 4 Proxies with RHN Satellite Server 11 4 Installation 13 4 1 Base Install 13 4 2 RHN Proxy Server Installation Process 13 5 RHN Package Manager 21 5 1 Creating a Private Channel 21 5 2 Uploading Packages 21 5 3 Command Line Options 22 6 Troubleshooting 25 6 1 Managing the Proxy Service 25 6 2 Log Files 25 6 3 Questions and Answers 25 6 4 General Problems 26 6 5 Ho...

Page 4: ......

Page 5: ...ebsite to schedule actions including Errata Updates package in stalls and software profile updates Simplification maintaining Red Hat systems becomes a simple automated process 1 2 RHN Proxy Server An RHN Proxy Server is a service deployed within a corporate network with advanced Red Hat Network functionality such as a package caching mechanism for reduced bandwidth usage and cus tomizable channel...

Page 6: ...RHN Proxy Server it is important to become familiar with the following Red Hat Network terms Channel A channel is a list of software packages There are two types of channels base channels and child channels A base channel consists of a list of packages based on a specific architecture and Red Hat release A child channel is a channel associated with a base channel but contains extra packages Organi...

Page 7: ...ion token via the chain of RHN Proxy Servers This token which has a signature and expiration contains user information including subscribe to chan nels username etc 3 Each RHN Proxy Server caches this token on its local file system in var cache rhn Caching reduces some of the overhead of authenticating with Red Hat Network Servers and greatly improves the performance of Red Hat Network 4 This sess...

Page 8: ...4 Chapter 1 Introduction Network Server If the RHN Package Manager is used the client systems must be subscribed to the private RHN channel ...

Page 9: ...t Enterprise Linux AS 3 Update 3 or Red Hat Enterprise Linux AS 2 1 Update 5 specify the following package group Base For installing Red Hat Enterprise Linux AS 3 Update 3 via CD or ISO image select the following package group Minimal For installing Red Hat Enterprise Linux AS 2 1 Update 5 via CD or ISO image select the following package group Advanced Server An available RHN Proxy Server entitlem...

Page 10: ...llowing additional requirements must be met before the RHN Proxy Server installation can be considered complete Full Access Client systems need full network access to the RHN Proxy Server solution s services and ports Firewall Rules The RHN Proxy Server solution can be firewalled from the Internet but it must be able to issue outbound connections to the Internet on ports 80 and 443 In addition if ...

Page 11: ...ble No users but the system administrators should have shell access to these machines All unnecessary services should be disabled You can use ntsysv or chkconfig to disable services Finally you should have the following technical documents in hand for use in roughly this order 1 The RHN Proxy Server Installation Guide This guide which you are now reading provides the essential steps necessary to g...

Page 12: ...8 Chapter 2 Requirements ...

Page 13: ... clients and a network that would benefit from caching Red Hat RPMs and storing custom packages on a local server The disadvantage of using one RHN Proxy Server is that performance will be compromised as the number of clients requesting packages grows Figure 3 1 Single Proxy Topology 3 2 Multiple Proxy Horizontally Tiered Topology For larger networks a more distributed method may be needed such as...

Page 14: ...e primary This alleviates the need to establish synchronization between the RHN Proxy Servers as they use the up2date functionality inherent with the product Like the horizontally tiered configuration this vertical method allows any client of any RHN Proxy Servers to have all custom packages delivered to them The Proxy merely looks in its repository to see if it can find the package on its filesys...

Page 15: ... works similarly to the vertically tiered Proxy configuration but increases capacity significantly as Satellites can serve a much greater number of client systems For a thorough description of this combination refer to the Example Topologies chapter of the RHN Satellite Server Installation Guide Linking the two products SSL certificates is described in the RHN Client Configuration Guide To find ou...

Page 16: ...12 Chapter 3 Example Topologies ...

Page 17: ... Linux AS 3 This is the only supported base operating system for Proxies serving Monitoring entitled systems Do not install Proxy on Red Hat Enterprise Linux AS 2 1 Enable Network Time Protocol NTP on the Proxy and select the appropriate time zone All client systems should already be running the ntpd daemon and be set to the correct time zone Disable the ipchains and iptables services after instal...

Page 18: ...e System Details Events tab prepare the system to accept remote commands and configuration management with the following commands mkdir p etc sysconfig rhn allowed actions mkdir p etc sysconfig rhn allowed actions script touch etc sysconfig rhn allowed actions script run mkdir p etc sysconfig rhn allowed actions configfiles touch etc sysconfig rhn allowed actions configfiles deploy 8 Within the RH...

Page 19: ...t met by the system When the system is ready a continue link appears Click it to go to the Terms Conditions page Figure 4 3 Terms Conditions 11 In the Terms Conditions page click the terms and conditions link to view the licensing agreement of the RHN Proxy Server When satisfied click the I agree link The Enable Moni ...

Page 20: ...l be used to monitor systems served by it For this to take place the RHN Proxy Server must meet the requirements identified in Chapter 2 Requirements and be connected to an RHN Satellite Server or another Proxy connected to a Satellite To enable monitoring on the Proxy select the checkbox and click continue The Configure RHN Proxy Server page appears ...

Page 21: ...l RHN Servers include the value xmlrpc rhn redhat com To connect to a Satellite or another Proxy enter the parent system s FQDN If the RHN Proxy Server will connect through an HTTP proxy configure it using the associated fields Note that references to protocol such as http or https should not be included in the HTTP Proxy Server field Insert only the hostname and port in the form hostname port suc...

Page 22: ...e Monitoring skip to the description of the Configure Monitoring page If you did not enable SSL or Monitoring skip to the description of the Install Progress page Figure 4 6 Configure SSL 14 In the Configure SSL page applicable only to a Proxy connecting to an RHN Satellite Server or another RHN Proxy Server with SSL enabled provide the information needed to generate the server certificate The mos...

Page 23: ...ance Tool using the Browse button It will be named rhn org httpd ssl archive MACHINENAME VERSION tar with the machine name reflecting the Proxy s hostname Once located click continue Figure 4 8 Configure Monitoring 15 In the Configure Monitoring page provide or confirm the hostname and IP address of the parent server connected to by the RHN Proxy Server This must be either an RHN Satellite ...

Page 24: ...y take place Click the link to any step to go to its Action Details page When a step has been undertaken its status goes from Queued to Picked Up and then finally to Completed Like the earlier package installs you can immediately trigger these steps by running the rhn_check command in a terminal on the system as root When finished the Install Progress page will display the message The installation...

Page 25: ... Channels option is not present in the left navigation bar ensure this user has channel editing permissions set Do this through the Users category accessible through the top navigation bar 3 In the left navigation bar click Manage Channels and then the create new channel button at the top right corner of the page 4 Select a parent channel and base channel architecture then enter a name label summa...

Page 26: ...channel Then click the Packages subtab Each RPM should be listed You can also check to see if the local directory is in sync with the RHN Server s image of the channels at the command line rhn_package_manager s c label_of_private_channel This s option will list all the missing packages packages uploaded to the RHN Server not present in the local directory You must be an Organization Administrator ...

Page 27: ...mpted for it source Upload source package headers dontcopy In the post upload step do not copy the packages to their final location in the package tree test Only print the packages to be pushed nosig Push unsigned packages By default the RHN Package Manager attempts to push only signed packages no ssl Not recommended Turn off SSL X exclude PATTERN Exclude files matching this glob expression can be...

Page 28: ...24 Chapter 5 RHN Package Manager ...

Page 29: ...2 Log Files Virtually every troubleshooting step should start with a look at the associated log file or files These provide invaluable information about the activity that has taken place on the device or within the application that can be used to monitor performance and ensure proper configuration See Table 6 1 for the paths to all relevant log files Component Log File Location Apache HTTP Server ...

Page 30: ... location 4 My configuration does not work Where do I begin troubleshooting it Make sure etc sysconfig rhn systemid is owned by root apache with the permissions 0640 Read the log files A list is available at Section 6 2 Log Files 6 4 General Problems To begin troubleshooting general problems examine the log file or files related to the component exhibiting failures A useful exercise is to tail all...

Page 31: ... the file such as 127 0 0 1 localhost localdomain com localhost 123 45 67 8 this_machine example com this_machine Replace the value here with the actual IP address of the Proxy This should resolve the problem Keep in mind if the specific IP address is stipulated the file will need to be updated when the machine obtains a new address 6 6 Connection Errors If your are experiencing problems that you ...

Page 32: ...the following individual commands in this order chkconfig level 2345 rhn_auth_cache off service rhn_auth_cache stop To clear its cache issue rm var up2date rhn_auth_cache If you must retain the RHN Authentication Daemon which Red Hat recommends against and does not support note that its performance can suffer from verbose logging For this reason its logging to var log rhn rhn_auth_cache log is tur...

Page 33: ...ble timestamping creating tarball may take some time tmp rhn proxy debug tar bz2 removing temporary debug tree Debug dump created stored in tmp rhn proxy debug tar bz2 Deliver the generated tarball to your RHN contact or support channel Once finished email the new file from the tmp directory to your Red Hat representative for imme diate diagnosis ...

Page 34: ...30 Chapter 6 Troubleshooting ...

Page 35: ...e to 0 to turn off SSL between the Proxy and the upstream server temporarily Note that this greatly compromises security Return the setting to its default value of 1 to re enable SSL or simply remove the line from the configuration file Automatically generated RHN Management Proxy Server configuration file SSL CA certificate location proxy ca_chain usr share rhn RHNS CA CERT Corporate HTTP proxy f...

Page 36: ...32 Appendix A Sample RHN Proxy Server Configuration File ...

Page 37: ... questions and answers 25 R Red Hat Network introduction 1 Red Hat Update Agent 2 3 requirements 5 additional 6 disk space 6 hardware 5 software 5 RHN Authentication Daemon disabling rhn_auth_cache stopping 28 RHN Package Manager 3 21 channels specifying 22 command line options 22 configuration file 21 configuring 21 create private channel 21 installing 21 upload package headers 21 verify local pa...

Page 38: ......

Reviews:

No comments

Related manuals for NETWORK PROXY SERVER 3.6 -

Panasonic KX-NCP Series Software Manual preview
KX-NCP Series
Brand: Panasonic Pages: 16
Xantech XMUSICWP User Manual preview
XMUSICWP
Brand: Xantech Pages: 52
CAAS Audio Digital Audio Server User Manual & Warranty preview
Digital Audio Server
Brand: CAAS Audio Pages: 23
N-Tron ESERV-11T User Manual preview
ESERV-11T
Brand: N-Tron Pages: 55
Harman AMX Vision2 V2-MASTER-1210 Quick Start Manual preview
AMX Vision2 V2-MASTER-1210
Brand: Harman Pages: 2
Digital Equipment Prioris Series Manual preview
Prioris Series
Brand: Digital Equipment Pages: 15
Avaya S3210 Manual preview
S3210
Brand: Avaya Pages: 84
Cisco UCS C220 M4 Maintaining The Server preview
UCS C220 M4
Brand: Cisco Pages: 72
Cisco UCS C240 M3 User Manual preview
UCS C240 M3
Brand: Cisco Pages: 64
Cisco TelePresence MSE 8710 Installation Manual preview
TelePresence MSE 8710
Brand: Cisco Pages: 12
Cisco Secure Network Server 3600 Series Hardware Installation Manual preview
Secure Network Server 3600 Series
Brand: Cisco Pages: 38
Cisco UCS C220 M5 Maintaining preview
UCS C220 M5
Brand: Cisco Pages: 86
Cisco SFS 7008P Installation And Configuration Manual preview
SFS 7008P
Brand: Cisco Pages: 34
Cisco SNS-3415 series Installing Manual preview
SNS-3415 series
Brand: Cisco Pages: 18
Cisco UCS C240 M3 Specifications preview
UCS C240 M3
Brand: Cisco Pages: 90
Cisco UCS C460 M2 User Manual preview
UCS C460 M2
Brand: Cisco Pages: 56
Cisco UCS C220 M5SX Quick Start Manual preview
UCS C220 M5SX
Brand: Cisco Pages: 28
Cisco UCS C240 Installation Manual preview
UCS C240
Brand: Cisco Pages: 22

Brands by name

Popular brands

Load more brands