manualshive.com logo in svg

Red Hat NETWORK SATELLITE SERVER 3.6, Installation Manual

Red Hat NETWORK SATELLITE SERVER 3.6 Installation Manual is available for free download. Obtain the manual from manualshive.com to easily understand and set up your network satellite server. This detailed guide will assist you in optimizing your server's performance and managing your infrastructure efficiently.

Share
Download
background image

Chapter 8. Maintenance

53

8.8. Automating Synchronization

Manually synchronizing the RHN Satellite Server repository with Red Hat Network can be an ar-

duous task. In addition, staff levels tend to be highest at peak usage times. For this reason, Red Hat

encourages you to automate synchronization in late evening or early morning to better balance load

and ensure quick synchronization.

Further, Red Hat strongly recommends synchronization occur ran-

domly for best performance.

This automation can be set easily by the addition of a simple cron job. To do this, edit the crontab as

root:

crontab -e

This opens the crontab in a text editor, by default Vi. Another editor can be used by first changing the

EDITOR

variable, like so:

export EDITOR=gedit

.

Once opened, use the first five fields (minute, hour, day, month, and weekday) to schedule the syn-

chronization. Remember, hours use military time. Edit the crontab to include random synchronization,

like so:

0 1 * * * perl -le ’sleep rand 9000’ && satellite-sync --email >/dev/null 2>/dev/null

This particular job will run randomly between 1:00 a.m. and 3:30 a.m. system time each night and

redirect

stdout

and

stderr

from

cron

to prevent duplicating the more easily read message from

satellite-sync

. Options other than

--email

can also be included. Refer to Section 6.1.2

Im-

port/Sync Options

for the full list of options. Once you exit from the editor, the modified crontab is

installed immediately.

8.9. Implementing PAM Authentication

As security measures become increasingly complex, administrators must be given tools that simplify

their management. For this reason, RHN Satellite Server supports network-based authentication sys-

tems via Pluggable Authentication Modules (PAM). PAM is a suite of libraries that helps system

administrators integrate the Satellite with a centralized authentication mechanism, thus eliminating

the need for remembering multiple passwords.
RHN Satellite Server supports, LDAP, Kerberos, and other network-based authentication systems

via PAM. To enable the Satellite to use PAM and your organization’s authentication infrastructure,

complete the following tasks.
Set up a PAM service file (usually

/etc/pam.d/rhn-satellite

) and have the Satellite use it by

adding the following line to

/etc/rhn/rhn.conf

:

pam_auth_service = rhn-satellite

This assumes the PAM service file is named

rhn-satellite

.

Enable a certain user to authenticate against PAM. Do this by clicking the

Use PAM Authentication

button on the

User Details

page.

As an example, to authenticate against Kerberos one could put the following in

/etc/pam.d/rhn-satellite

:

#%PAM-1.0
auth

required

/lib/security/pam_env.so

auth

sufficient

/lib/security/pam_krb5.so no_user_check

auth

required

/lib/security/pam_deny.so

account

required

/lib/security/pam_krb5.so no_user_check

Summary of Contents for NETWORK SATELLITE SERVER 3.6

Page 1: ...RHN Satellite Server 3 6 Installation Guide...

Page 2: ...n logo RPM Maximum RPM the RPM logo Linux Library PowerTools Linux Undercover RHmember RHmember More Rough Cuts Rawhide and all Red Hat based trademarks and logos are trademarks or registered trademar...

Page 3: ...ertificate 29 5 2 Uploading the RHN Entitlement Certificate 29 5 3 Managing the RHN Certificate with RHN Satellite Activate 30 5 3 1 Command Line Entitlement Options 30 5 3 2 Activating the Satellite...

Page 4: ...ng the Backup 48 8 4 4 Restoring the Database 48 8 5 Cloning the Satellite with Embedded DB 48 8 6 Establishing Redundant Satellites with Stand Alone DB 49 8 7 Conducting Satellite Specific Tasks 50 8...

Page 5: ...ems with Red Hat Network When a client system requests package updates only the applicable packages for the client are returned based upon the software profile stored on the RHN Servers Advantages of...

Page 6: ...nels and child channels A base channel consists of a list of packages based on a specific architecture and Red Hat release A child channel is a channel associated with a base channel but contains extr...

Page 7: ...ts connected to RHN Satellite Server be running the latest update of Red Hat Enterprise Linux to ensure proper connectivity When a client requests updates the organization s internal RHN Satellite Ser...

Page 8: ...tion seeks to provide a definitive list of all required and recommended steps from evaluation through custom package deployment They should take place in roughly this order 1 After an evaluation you c...

Page 9: ...The rhn org trusted ssl cert noarch rpm will already be there 12 You download and install from the Satellite the configuration files and rhn org trusted ssl cert noarch rpm on the remaining client sys...

Page 10: ...6 Chapter 1 Introduction...

Page 11: ...t by conducting an Everything install Red Hat this installs packages that if not properly managed could pose security hazards For this reason Red Hat recommends obtaining the desired package set in th...

Page 12: ...btained from your Red Hat representative if synchronization isn t possible such as in a disconnected environment 2 2 Hardware Requirements The following hardware configuration is required for the two...

Page 13: ...will be stored Default Red Hat channels contain approximately 3 GB of packages each and that size grows with each synchronization customers must also account for the space requirements of packages in...

Page 14: ...RHN Satellite Server with full DDL and DML access to that user s default tablespace The user will need standard connection information for the database at the time of installation The precise access...

Page 15: ...up at the time of purchase with the sales representative Backups of Login Information It is imperative customers keep track of all primary login information For RHN Satellite Server this includes use...

Page 16: ...rver up and running 2 The RHN Client Configuration Guide This guide explains how to configure the systems to be served by an RHN Proxy Server or RHN Satellite Server This will also likely require refe...

Page 17: ...cribes possible configurations and explains their benefits 3 1 Single Satellite Topology The simplest configuration is to use a single RHN Satellite Server to serve your entire network This configurat...

Page 18: ...Proxies act as clients of the Satelllite This vertically tiered configuration requires that channels and RPMs be created only on the RHN Satellite Server In this manner the Proxies inherit and then se...

Page 19: ...e Linux AS Important If you plan to obtain Monitoring level service you must install your RHN Satellite Server on Red Hat Enterprise Linux AS 3 This is the only supported base operating system for Sat...

Page 20: ...that the RHN Satellite Server Installation Program updates the kernel as well as all required packages 6 Launch the RHN Satellite Server Installation Program as root with the command mnt cdrom instal...

Page 21: ...s address will receive all mail generated by the Satellite including sometimes large quantities of error related tracebacks To stem this flow consider establishing mail filters that capture messages w...

Page 22: ...administrator for the appropriate values Then click Test DB Connection The Database Schema page appears Figure 4 4 Database Schema 10 No input is required on the Database Schema page other than your...

Page 23: ...do If you intend to monitor systems with this Satellite select both the Enable monitoring backend and Enable monitoring scout checkboxes In addition this page allows you to configure the Satellite to...

Page 24: ...n 4 3 Sendmail Configuration for instruc tions When finished click Continue The RHN Registration page appears Figure 4 8 RHN Registration 14 The RHN Registration page enables you to register the Satel...

Page 25: ...cate 15 The RHN Satellite Entitlement Certificate page gathers your RHN Entitlement Certificate either by obtaining its location or collecting its contents To identify the certificate s path click Bro...

Page 26: ...nnel metadata This is possible during installation only if you chose to register your Satellite with RHN To synchronize select the Perform Satellite Sync checkbox and click Continue After the installa...

Page 27: ...s with your and your organization s information As always ensure this information exists on the backups of login information described in Chapter 2 Requirements The CA Cert Common Name field may alrea...

Page 28: ...ervers The required fields are prepopulated with values derived from previous installation steps Ensure this information is accurate Checkboxes offer options for including built in security SSL and GN...

Page 29: ...u ration Click Complete to reboot the system and create the Satellite Administrator account The Satellite Restart page appears Figure 4 14 Satellite Restart 20 The Satellite Restart page requires no u...

Page 30: ...information exists on the backups of login information described in Chapter 2 Requirements When finished click Create Login The Account Created page appears Figure 4 16 Account Created 22 The Account...

Page 31: ...single reply To configure sendmail correcly edit the etc aliases file on the mail server as root and add the following line rogerthat01 opt notification scripts ack_enqueuer pl Then also as root edit...

Page 32: ...28 Chapter 4 Installation...

Page 33: ...ted here for use by customers who have received a new RHN Entitlement Certificate such as one reflecting an increase in the number of entitlements 5 1 Receiving the Certificate The RHN Entitlement Cer...

Page 34: ...ntral RHN Servers Refer to Chapter 6 Importing and Synchronizing 5 3 Managing the RHN Certificate with RHN Satellite Activate For disconnected Satellites or customers who prefer to work locally Red Ha...

Page 35: ...a second step if you chose the disconnected option Here are some examples depicting use of the tool and these options To validate an RHN Entitlement Certificate s sanity only rhn satellite activate s...

Page 36: ...32 Chapter 5 Entitlements...

Page 37: ...tail in a moment 6 1 1 Import Sync Steps The RHN Satellite Synchronization Tool works incrementally or in steps For it to obtain Errata information it must first know the packages contained For the pa...

Page 38: ...ackage data no errata Do not process Errata information no kickstarts Do not process kickstart data provisioning only force all packages Forcibly process all package data without conducting a diff cac...

Page 39: ...ocess This cache which exists by default in var cache rhn can be completely refreshed every time the process is run be partially refreshed or be left in place entirely The closer to a full refresh the...

Page 40: ...click Channels in the top navigation bar and then the name of the channel for your version of RHN Satellite Server Click the Downloads tab and use the instructions on the page to obtain the Channel Co...

Page 41: ...the channels available for import This is accomplished with the command satellite sync list channels mount point var rhn sat import The next step is to initiate the import of a specific channel Do thi...

Page 42: ...ndalone environment any update advisories published by RHN must be manually imported and synchronized by the administrator of the RHN Satellite Server During synchronization over the Internet the RHN...

Page 43: ...hannels are specified all channels on the Satellite will be freshened 6 3 2 Synchronizing Errata and Packages via Local Media For customers who cannot connect directly to RHN the option of delivered p...

Page 44: ...40 Chapter 6 Importing and Synchronizing...

Page 45: ...le Location Apache HTTP Server var log httpd directory RHN Satellite Server var log rhn directory RHN Satellite Server Installation Program var log rhn_satellite_install log Database population var lo...

Page 46: ...ur Satellite s database run the command rhn charsets If the administrator isn t getting email from the RHN Satellite Server confirm the correct email ad dresses have been set for traceback_mail in etc...

Page 47: ...ing installed on a machine whose time had been improperly set During the Satellite installation process SSL certificates are created with inaccurate times If the Satellite s time is then corrected the...

Page 48: ...Section 6 1 3 Import Sync Cache Refresh for information on the available levels 7 6 Satellite Debugging by Red Hat If you ve exhausted these troubleshooting steps or want to defer them to Red Hat Net...

Page 49: ...ata for the RHN Satellite Server For RHN Satellite Server systems that may be connected to the Internet the best method for applying these Errata Updates is using the Red Hat Update Agent via Red Hat...

Page 50: ...ository it can be regenerated with satellite sync Red Hat recommends the entire var satellite tree be backed up In the case of disconnected satellites var satellite must be backed up Backing up only t...

Page 51: ...e database instance This can also be accomplished by issuing the service rhn database stop command as root verify DIRNAME Verifies the contents of the backup kept in DIRNAME This command checks the md...

Page 52: ...ssing files issue this command as oracle db control examine DIRNAME To conduct a more thorough review including checking the md5sum of each of the files in the backup issue this command as oracle db c...

Page 53: ...s with Stand Alone Database may be run as active as well as standby This is entirely up to your network topology and is independent of the steps listed here To establish this redundancy first install...

Page 54: ...by default located in var satellite between the Satellites over some type of networked storage device This eliminates data replication and ensures a consistent store of data for each Satellite 8 Make...

Page 55: ...rrata mailings etc that must be performed in the background The page displays the execution times for various activities carried out by the daemon Administrators should ensure the RHN Task Engine stay...

Page 56: ...User List click the name of the user to be removed This takes you to the User Details page Click the delete user link at the top right corner of the page Figure 8 2 User Deletion A confirmation page w...

Page 57: ...6 1 2 Im port Sync Options for the full list of options Once you exit from the editor the modified crontab is installed immediately 8 9 Implementing PAM Authentication As security measures become incr...

Page 58: ...m fails to connect To take advantage of this feature you must first configure your firewall rules to allow connections on the required port s as described in Section 2 4 Additional Requirements Then y...

Page 59: ...teway example com 8080 server satellite http_proxy_username server satellite http_proxy_password Database connection information username password SID default_db test01 test01 test01 DON T TOUCH ANY O...

Page 60: ...56 Appendix A Sample RHN Satellite Server Configuration File...

Page 61: ...5 of RHN Satellite Server 15 sendmail 27 installation task list 4 L log files 41 M maintenance 45 R Red Hat Network introduction 1 redundant satellite satellite redundancy 49 requirements 7 additional...

Page 62: ...understand 2 tool use 50 topologies 13 multiple satellites horizontally tiered 13 satellite and proxies vertically tiered 14 single satellite 13 traceback 2 troubleshooting 41 U updating the RHN Satel...

Reviews:

No comments

Related manuals for NETWORK SATELLITE SERVER 3.6

Canon Optura Pi Install Manual preview
Optura Pi
Brand: Canon Pages: 2
Canon PowerShot A410 Software Starter Manual preview
PowerShot A410
Brand: Canon Pages: 106
Generic Media gMovie v1.4 Operating Instructions Manual preview
gMovie v1.4
Brand: Generic Media Pages: 17
Belkin SMROUTERUPDATINGFIRMWARE Firmware Upgrade Manual preview
SMROUTERUPDATINGFIRMWARE
Brand: Belkin Pages: 4
Acer ASM 7 Faq preview
ASM 7
Brand: Acer Pages: 32
Acer Altos RAIDWatch Manual preview
Altos RAIDWatch
Brand: Acer Pages: 212
Brother Wi-Fi Direct Manual preview
Wi-Fi Direct
Brand: Brother Pages: 24
Brother MacBroidery„ Embroidery Lettering Software for Mac Manual preview
MacBroidery„ Embroidery Lettering Software for Mac
Brand: Brother Pages: 56
Brother Quattro 6000D User Manual preview
Quattro 6000D
Brand: Brother Pages: 48
Brother PE-Design 6 Instruction Manual preview
PE-Design 6
Brand: Brother Pages: 272
Brother PE-DESIGN 2.0 Instruction Manual preview
PE-DESIGN 2.0
Brand: Brother Pages: 200
Elgato EyeTV Hybrid Hardware Reference Manual preview
EyeTV Hybrid
Brand: Elgato Pages: 5
DeLorme Earthmate GPS BT-20 Quick Start Manual preview
Earthmate GPS BT-20
Brand: DeLorme Pages: 9
Intel ITANIUM ARCHITECTURE Manual preview
ITANIUM ARCHITECTURE
Brand: Intel Pages: 604
LEI accessories MAPCREATE 7 Installation And Operation Instructions Manual preview
MAPCREATE 7
Brand: LEI accessories Pages: 116
Ulead PYRO1394WebCam User Manual preview
PYRO1394WebCam
Brand: Ulead Pages: 24
Brother BR-Raceipts User Manual preview
BR-Raceipts
Brand: Brother Pages: 33
Brother My Custom Design (Spanish) Manual De Instrucciones preview
My Custom Design
Brand: Brother Pages: 49

Brands by name

Popular brands

Load more brands