Red Hat NETWORK PROXY 5.3.0 - Скачать руководство пользователя страница 30 | Manualshive

Страница: 30 / 48

background image

Chapter 6. Troubleshooting

26

rhn-org-httpd-ssl-key-pair-

MACHINE_NAME-VER-REL

.noarch.rpm

is installed on the RHN Proxy Server and the corresponding

rhn-org-trusted-ssl-cert-

*.noarch.rpm

or raw CA SSL public (client) certificate is installed on all client systems.

• Verify the client systems are configured to use the appropriate certificate.

• If using one or more RHN Proxy Servers, ensure each Proxy's SSL certificate is prepared correctly.

If using the RHN Proxy Server in conjunction with an RHN Satellite Server the Proxy should have
both its own server SSL key-pair and CA SSL public (client) certificate installed, since it will serve
in both capacities. Refer to the SSL Certificates chapter of the

RHN Client Configuration Guide

for

specific instructions.

• If the RHN Proxy Server is connecting through an HTTP Proxy, make sure the URL listed is valid.

For instance, the HTTP Proxy URL field should not contain references to protocols, such as http:// or
https://. Only the hostname and port should be included in the form hostname:port, such as

your-

gateway.example.com:8080

.

• Make sure client systems are not using firewalls of their own blocking required ports, as identified in

Section 2.4, “Additional Requirements”

.

6.7. Caching Issues

If package delivery fails or an object appears to be corrupt, and it is not related to connection errors,
you should consider clearing the caches. The RHN Proxy Server has two caches you should be
concerned with: one for Squid and the other for authentication.

The Squid cache is located in

/var/spool/squid/

. To clear it, stop the Apache Web server and

Squid, delete the contents of that directory, and restart both services. Issue these commands in this
order:

service httpd stop
service squid stop
rm -fv /var/spool/squid/*
service squid start
service httpd start

You may accomplish the same task more quickly by just clearing the directory and restarting squid, but
you will likely receive a number of RHN traceback messages.

The internal caching mechanism used for authentication by the Proxy may also need its cache
cleared. To do this, issue the following command:

rm -fv /var/cache/rhn/*

Although the RHN Authentication Daemon was deprecated with the release of RHN Proxy Server
3.2.2 and replaced with the aforementioned internal authentication caching mechanism, the daemon
may still be running on your Proxy. To turn it off, issue the following individual commands in this order:

«
...
28
29
30
31
32
...
»

Содержание NETWORK PROXY 5.3.0 -

Страница 1: ...Red Hat Network Proxy 5 3 0 Installation Guide Red Hat Network Proxy ...

Страница 2: ...ermission of the copyright holder Distribution of the work or derivative of the work in any standard paper book form for commercial purposes is prohibited unless prior permission is obtained from the copyright holder Red Hat and the Red Hat Shadow Man logo are registered trademarks of Red Hat Inc in the United States and other countries All other trademarks referenced herein are the property of th...

Страница 3: ...ite Server 11 4 Installation 13 4 1 Base Install 13 4 2 RHN Proxy Server Installation Process 13 4 2 1 The Answer File 17 5 RHN Package Manager 19 5 1 Creating a Private Channel 19 5 2 Uploading Packages 19 5 3 Command Line Options 20 6 Troubleshooting 23 6 1 Managing the Proxy Service 23 6 2 Log Files 23 6 3 Questions and Answers 23 6 4 General Problems 24 6 5 Host Not Found Could Not Determine F...

Страница 4: ...iv ...

Страница 5: ...eduled Actions use the website to schedule actions including Errata Updates package installs and software profile updates Simplification maintaining Red Hat systems becomes a simple automated process 1 2 RHN Proxy Server An RHN Proxy Server is a package caching mechanism that reduces the bandwidth requirements for RHN and enables custom package deployment Proxy customers cache RPMs such as Errata ...

Страница 6: ...ion to contact the RHN Servers unless the RHN Proxy Server is using a RHN Satellite Server in which case only the RHN Satellite Server requires an Internet connection 1 3 Terms to Understand Before understanding RHN Proxy Server it is important to become familiar with the following Red Hat Network terms Channel A channel is a list of software packages There are two types of channels base channels ...

Страница 7: ...ecute a specific action for the client The RHN Proxy Server downloads all of the updated packages if they are not already present in its cache and delivers them to the client system Requests from the Red Hat Update Agent or Package Updater on the client systems are still authenticated on the server side but package delivery is significantly faster since the packages are cached in the HTTP Proxy Ca...

Страница 8: ...RHN Servers Only the headers are uploaded not the actual package files The headers are required because they contain crucial RPM information such as software dependencies that allows RHN to automate package installation The actual custom RPM packages are stored on the RHN Proxy Server and sent to the client systems from inside the organization s local area network Configuring a computer network to...

Страница 9: ...e group Base For installing Red Hat Enterprise Linux via CD or ISO image select the following package group Minimal Warning If you are running Red Hat Enterprise Linux AS 4 Security enhanced Linux SELinux must be disabled prior to installation of RHN Proxy Server If you use Red Hat Enterprise Linux 5 Server SELinux can be left enabled when installing RHN Proxy Server You can disable SELinux in one...

Страница 10: ...rprise Linux 25 GB storage per distribution channel The load on the Apache Web server is directly related to the frequency with which client systems connect to the Proxy If you reduce the default interval of four hours or 240 minutes as set in the etc sysconfig rhn rhnsd configuration file of the client systems you will increase the load on this component significantly Note RHN Proxy Server does n...

Страница 11: ... redhat com xmlrpc rhn redhat com and your Satellite URL depending on whether RHN Proxy is talking to either RHN Hosted or a Satellite Server 4545 Outbound If your Proxy is connected to an RHN Satellite Server Monitoring makes connections to rhnmd running on client systems via this TCP port if Monitoring is enabled and probes configured to registered systems 5222 Inbound Opening this port allows o...

Страница 12: ...xy This can be especially useful for distributing GPG keys or establishing installation trees for kickstarts In addition Red Hat recommends that the system running the code not be publicly available No users but the system administrators should have shell access to these machines All unnecessary services should be disabled You can use ntsysv or chkconfig to disable services Finally you should have...

Страница 13: ...l group of clients and a network that would benefit from caching Red Hat RPMs and storing custom packages on a local server The disadvantage of using one RHN Proxy Server is that performance will be compromised as the number of clients requesting packages grows Figure 3 1 Single Proxy Topology 3 2 Multiple Proxy Horizontally Tiered Topology For larger networks a more distributed method may be need...

Страница 14: ...need to establish synchronization between the RHN Proxy Servers as they use the up2date functionality inherent with the product Like the horizontally tiered configuration this vertical method allows any client of any RHN Proxy Servers to have all custom packages delivered to them The Proxy merely looks in its repository to see if it can find the package on its file system If not it then makes the ...

Страница 15: ...his works similarly to the vertically tiered Proxy configuration but increases capacity significantly as Satellites can serve a much greater number of client systems For a thorough description of this combination refer to the Example Topologies chapter of the RHN Satellite Server Installation Guide Linking the two products SSL certificates is described in the RHN Client Configuration Guide To find...

Страница 16: ...12 ...

Страница 17: ... partition where var spool squid is mounted and allocates up to 60 percent of the free space for RHN Proxy Server use Install the packages required by RHN Proxy Server Note You must install only the base packages as others will cause the RHN Proxy Server installation to fail Refer to Section 2 1 Software Requirements for the method to obtain the correct package group needed for each version of Red...

Страница 18: ...example com The RHN Parent is the domain name or address of the system that serves the Proxy which could be the RHN Hosted servers xmlrpc rhn redhat com or an RHN Satellite Server server Traceback email The Traceback email is the email address to which error related traceback messages are mailed usually the email of the Proxy administrator Use commas to separate more than one email address at this...

Страница 19: ...ails for City State and Country Finally enter the email address for the administrator or technical contact in charge of SSL certificates 5 The command line installation program prompts you to install monitoring support to RHN Proxy Server allows you to create and populate a configuration channel for future RHN Proxy Server installations finalizes SSL configuration and restarts any service daemons ...

Страница 20: ...ttpd conf d cobbler proxy conf Local file etc httpd conf d rhn_proxy conf remote file etc httpd conf d rhn_proxy conf Local file etc httpd conf d rhn_broker conf remote file etc httpd conf d rhn_broker conf Local file etc httpd conf d rhn_redirect conf remote file etc httpd conf d rhn_redirect conf Local file etc jabberd c2s xml remote file etc jabberd c2s xml Local file etc jabberd sm xml remote ...

Страница 21: ...ent server SSL and other configuration parameters For more information about creating and using answer files refer to the configure proxy sh manual page by typing man configure proxy sh at a shell prompt example of answer file for configure proxy sh for full list of possible option see man configure proxy sh VERSION 5 2 RHN_PARENT rhn satellite example com TRACEBACK_EMAIL jsmith example com USE_SS...

Страница 22: ...18 ...

Страница 23: ...If the Manage Channels option is not present in the left navigation bar ensure that this user has channel editing permissions set Do this through the Users category accessible through the top navigation bar 3 In the left navigation bar click Manage Software Channels and then the create new channel button at the top right corner of the page 4 Select a parent channel and base channel architecture th...

Страница 24: ...e RHN Web interface to verify their presence Click Channels in the top navigation bar Manage Software Channels in the left navigation bar and then the name of the custom channel Then click the Packages subtab Each RPM should be listed You can also check to see if the local directory is in sync with the RHN Server s image of the channels at the command line rhn_package_manager s c label_of_private_...

Страница 25: ...y your RHN username If you do not provide one with this option you will be prompted for it password PASSWORD Specify your RHN password If you do not provide one with this option you will be prompted for it source Upload source package headers dontcopy In the post upload step do not copy the packages to their final location in the package tree test Only print the packages to be pushed no ssl Not re...

Страница 26: ...22 ...

Страница 27: ... start with a look at the associated log file or files These files provide invaluable information about the activity that has taken place on the device or within the application and can be used to monitor performance and ensure proper configuration See Table 6 1 Log Files for the paths to all relevant log files Component Log File Location Apache Web server var log httpd directory Squid var log squ...

Страница 28: ... as root or from http www redhat com support errata 1 The RHN Proxy Server is an extension of Apache See Table 6 1 Log Files for its log file location Q My RHN Proxy Server configuration does not work Where do I begin troubleshooting it A Make sure etc sysconfig rhn systemid is owned by root apache with the permissions 0640 Read the log files A list is available at Table 6 1 Log Files 6 4 General ...

Страница 29: ...are resolved Usually the etc hosts file is checked first followed by Network Information Service NIS if used followed by DNS One of these has to succeed for the Apache Web server to start and the RHN client applications to work To resolve this problem identify the contents of the etc hosts file It may look like this 127 0 0 1 this_machine example com this_machine localhost localdomain localhost Fi...

Страница 30: ...t using firewalls of their own blocking required ports as identified in Section 2 4 Additional Requirements 6 7 Caching Issues If package delivery fails or an object appears to be corrupt and it is not related to connection errors you should consider clearing the caches The RHN Proxy Server has two caches you should be concerned with one for Squid and the other for authentication The Squid cache i...

Страница 31: ...d by users and has a robust browse and search interface for finding the right answers to your Proxy issues You can access the Red Hat Knowledgebase at http kbase redhat com Additionally Red Hat provides a command line tool called the SoS Report commonly known by its command sosreport This tool collects your Proxy s configuration parameters log files and database information and sends it directly t...

Страница 32: ...ast name then a support case number also called an Issue Tracker number It may take several minutes for the system to generate and archive the report to a compressed file Once finished email the new file from the tmp directory to your Red Hat representative for immediate diagnosis ...

Страница 33: ...Subscribed Channels section check the listed channels for the Tools channel If not subscribed to this channel click the Alter Channel Subscriptions link check the box next to the tools channel and then click the Change Subscriptions button to confirm your choice 4 Install the rhncfg actions package which also installs the rhncfg and rhncfg client packages as dependencies by first navigating to the...

Страница 34: ...conf configuration files on the system to ease upgrades later If you have edited these files and want to preserve them they are rotated in place and can be retrieved after installation Figure A 1 System Details Proxy 9 In the System Details Details Proxy subtab the pulldown menu should indicate your ability to activate the system as an RHN Proxy Server Ensure that the correct version is selected a...

Страница 35: ... Figure A 2 Welcome 10 In the Welcome page you will find notification of any requirements not met by the system When the system is ready a continue link appears Click it to go to the Terms Conditions page ...

Страница 36: ...Conditions page click the terms and conditions link to view the licensing agreement of the RHN Proxy Server When satisfied click the I agree link You must agree in order to continue with the installation For Proxies that register to a Satellite and have Monitoring enabled the Enable Monitoring page appears next ...

Страница 37: ...s served by it For this to take place the RHN Proxy Server must meet the requirements identified in Chapter 2 Requirements and must be connected to an RHN Satellite Server or another Proxy connected to a Satellite To enable monitoring on the Proxy select the checkbox and click continue The Configure RHN Proxy Server page appears ...

Страница 38: ...list of email addresses The RHN Proxy Hostname is the fully qualified domain name FQDN of the RHN Proxy Server The RHN Parent Server is the domain name of the server serving the Proxy either the central RHN servers another RHN Proxy Server or an RHN Satellite Server To connect to the central RHN servers include the value xmlrpc rhn redhat com To connect to a Satellite or another Proxy enter the pa...

Страница 39: ... Satellite or another Proxy through SSL requires the CA certificate password used in enabling SSL on the parent system Note Refer to the chapter entitled SSL Infrastructure in the Red Hat Network Client Configuration Guide for more information about configuring a secure RHN Proxy Server infrastructure using SSL If you choose not to enable SSL during installation leave this box unchecked and refer ...

Страница 40: ... on the parent server The remaining fields may match the parent server s values but can differ depending on the role of the RHN Proxy Server for instance reflecting a different geographic location Similarly the email address may be the same one provided earlier for the Proxy administrator but may instead be directed to a particular certificate administrator Certificate expiration is configurable A...

Страница 41: ...tion as they take place Click the link to any step to go to its Action Details page When an action begins its status goes from Queued to Picked Up and then finally to Completed Like the earlier package installs you can immediately trigger these steps by running the rhn_check command in a terminal on the system as root When finished the Install Progress page will display the message The installatio...

Страница 42: ...38 ...

Страница 43: ...ue to 0 to turn off SSL between the Proxy and the upstream server temporarily Note that this greatly compromises security Return the setting to its default value of 1 to re enable SSL or simply remove the line from the configuration file Automatically generated RHN Management Proxy Server configuration file SSL CA certificate location proxy ca_chain usr share rhn RHNS CA CERT Corporate HTTP proxy ...

Страница 44: ...40 ...

Страница 45: ...41 Appendix C Revision History Revision History Revision 1 0 Fri Feb 27 2009 ...

Страница 46: ...42 ...

Страница 47: ...on Administrator 2 outbound ports 80 443 7 P port 443 7 5222 7 80 7 port 443 7 port 4545 7 port 80 7 private channel 19 Proxy Ports 7 Q questions and answers 23 R Red Hat Network introduction 1 Red Hat Update Agent 2 3 requirements 5 additional 7 disk space 6 hardware 6 software 5 RHN Authentication Daemon disabling rhn_auth_cache stopping 26 RHN Package Manager 4 19 channels specifying 20 command...

Страница 48: ...Index 44 multiple proxies vertically tiered 10 proxies with RHN Satellite Server 11 single proxy 9 traceback 2 troubleshooting 23 ...

Отзывы:

Нет отзывов

Похожие инструкции для NETWORK PROXY 5.3.0 -

Бренд: PRIMERGY Страницы: 87

Бренд: 3Com Страницы: 122

Бренд: QNAP Страницы: 61

Бренд: AXIOMTEK Страницы: 45

Industrial Ethernet Serial Server LES401A LES401A

Бренд: Black Box Страницы: 2

Бренд: Black Box Страницы: 8

Бренд: ZLAN Страницы: 16

Бренд: ZLAN Страницы: 17

Бренд: ICPDAS Страницы: 30

Бренд: Adaptec Страницы: 7

Snap Server 110

Бренд: Adaptec Страницы: 74

NetFRAME 2100 Series

Бренд: Micron Страницы: 178

1-Bay SATA NAS Server NAS-7100

Бренд: Planet Страницы: 20

MINISTATION MFA500

Бренд: Plustek Страницы: 92

Бренд: Planet Страницы: 108

SecureBox SDS1100

Бренд: Lantronix Страницы: 75

MAX Communication Server ACM 6.0

Бренд: Altigen Страницы: 448

Carina Event Manager Lite

Бренд: Wahsega Страницы: 40

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды