Red Hat NETWORK PROXY SERVER 3.6 - Скачать руководство пользователя страница 5

Страница: 5 / 38

Chapter 1.

Introduction

1.1. Red Hat Network

Red Hat Network (RHN) is the environment for system-level support and management of Red Hat

systems and networks of systems. Red Hat Network brings together the tools, services, and informa-

tion repositories needed to maximize the reliability, security, and performance of their systems. To use

RHN, system administrators register the software and hardware profiles, known as System Profiles,

of their client systems with Red Hat Network. When a client system requests package updates, only

the applicable packages for the client are returned (based upon the software profile stored on the RHN

Servers).
Advantages of using Red Hat Network include:

•

Scalability — with Red Hat Network, a single system administrator can set up and maintain hun-

dreds or thousands of Red Hat systems more easily, accurately, and quickly than that same admin-

istrator could maintain a single system without Red Hat Network.

•

Standard Protocols — standard protocols are used to maintain security and increase capability. For

example, XML-RPC gives Red Hat Network the ability to do much more than merely download

files.

•

Security — all communication between registered systems and Red Hat Network takes place over

secure Internet connections.

•

View Errata Alerts — easily view Errata Alerts for all your client systems through one website.

•

Scheduled Actions — use the website to schedule actions, including Errata Updates, package in-

stalls, and software profile updates.

•

Simplification — maintaining Red Hat systems becomes a simple, automated process.

1.2. RHN Proxy Server

An RHN Proxy Server is a service deployed within a corporate network with advanced Red Hat

Network functionality, such as a package-caching mechanism for reduced bandwidth usage and cus-

tomizable channels enabling custom package deployment.
This service allows a business or corporation to cache RPM Updates on an internal, centrally located

RHN Proxy Server and have the client systems download the updates from that server instead of

from one of the RHN Servers

over the Internet. The clients’ System Profiles and user information

are stored on the secure, central RHN Servers, which also serve the RHN website (rhn.redhat.com).

The Proxy does not serve the website itself; It acts as a go-between for client systems and Red Hat

Network. Only the RPM files are stored on the RHN Proxy Server. Every transaction is authenticated,

and the

Red Hat Update Agent

checks the GPG signature of each package retrieved from the local

RHN Proxy Server.
In addition to storing official Red Hat packages, the RHN Proxy Server can be configured to deliver

an organization’s own custom RPM packages from private RHN

channels

, using the RHN Package

Manager. For instance, an organization could develop its own software, package it in an RPM, sign it

1. Throughout this document, replace RHN Server with RHN Satellite Server if the RHN Proxy Server connects
to a RHN Satellite Server instead.

Содержание NETWORK PROXY SERVER 3.6 -

Страница 1: ...RHN Proxy Server 3 6 Installation Guide ...

Страница 2: ...ogo RPM Maximum RPM the RPM logo Linux Library PowerTools Linux Undercover RHmember RHmember More Rough Cuts Rawhide and all Red Hat based trademarks and logos are trademarks or registered trademarks of Red Hat Inc in the United States and other countries Linux is a registered trademark of Linus Torvalds All other trademarks and copyrights referred to are the property of their respective owners ...

Страница 3: ...y Vertically Tiered Topology 10 3 4 Proxies with RHN Satellite Server 11 4 Installation 13 4 1 Base Install 13 4 2 RHN Proxy Server Installation Process 13 5 RHN Package Manager 21 5 1 Creating a Private Channel 21 5 2 Uploading Packages 21 5 3 Command Line Options 22 6 Troubleshooting 25 6 1 Managing the Proxy Service 25 6 2 Log Files 25 6 3 Questions and Answers 25 6 4 General Problems 26 6 5 Ho...

Страница 4: ......

Страница 5: ...ebsite to schedule actions including Errata Updates package in stalls and software profile updates Simplification maintaining Red Hat systems becomes a simple automated process 1 2 RHN Proxy Server An RHN Proxy Server is a service deployed within a corporate network with advanced Red Hat Network functionality such as a package caching mechanism for reduced bandwidth usage and cus tomizable channel...

Страница 6: ...RHN Proxy Server it is important to become familiar with the following Red Hat Network terms Channel A channel is a list of software packages There are two types of channels base channels and child channels A base channel consists of a list of packages based on a specific architecture and Red Hat release A child channel is a channel associated with a base channel but contains extra packages Organi...

Страница 7: ...ion token via the chain of RHN Proxy Servers This token which has a signature and expiration contains user information including subscribe to chan nels username etc 3 Each RHN Proxy Server caches this token on its local file system in var cache rhn Caching reduces some of the overhead of authenticating with Red Hat Network Servers and greatly improves the performance of Red Hat Network 4 This sess...

Страница 8: ...4 Chapter 1 Introduction Network Server If the RHN Package Manager is used the client systems must be subscribed to the private RHN channel ...

Страница 9: ...t Enterprise Linux AS 3 Update 3 or Red Hat Enterprise Linux AS 2 1 Update 5 specify the following package group Base For installing Red Hat Enterprise Linux AS 3 Update 3 via CD or ISO image select the following package group Minimal For installing Red Hat Enterprise Linux AS 2 1 Update 5 via CD or ISO image select the following package group Advanced Server An available RHN Proxy Server entitlem...

Страница 10: ...llowing additional requirements must be met before the RHN Proxy Server installation can be considered complete Full Access Client systems need full network access to the RHN Proxy Server solution s services and ports Firewall Rules The RHN Proxy Server solution can be firewalled from the Internet but it must be able to issue outbound connections to the Internet on ports 80 and 443 In addition if ...

Страница 11: ...ble No users but the system administrators should have shell access to these machines All unnecessary services should be disabled You can use ntsysv or chkconfig to disable services Finally you should have the following technical documents in hand for use in roughly this order 1 The RHN Proxy Server Installation Guide This guide which you are now reading provides the essential steps necessary to g...

Страница 12: ...8 Chapter 2 Requirements ...

Страница 13: ... clients and a network that would benefit from caching Red Hat RPMs and storing custom packages on a local server The disadvantage of using one RHN Proxy Server is that performance will be compromised as the number of clients requesting packages grows Figure 3 1 Single Proxy Topology 3 2 Multiple Proxy Horizontally Tiered Topology For larger networks a more distributed method may be needed such as...

Страница 14: ...e primary This alleviates the need to establish synchronization between the RHN Proxy Servers as they use the up2date functionality inherent with the product Like the horizontally tiered configuration this vertical method allows any client of any RHN Proxy Servers to have all custom packages delivered to them The Proxy merely looks in its repository to see if it can find the package on its filesys...

Страница 15: ... works similarly to the vertically tiered Proxy configuration but increases capacity significantly as Satellites can serve a much greater number of client systems For a thorough description of this combination refer to the Example Topologies chapter of the RHN Satellite Server Installation Guide Linking the two products SSL certificates is described in the RHN Client Configuration Guide To find ou...

Страница 16: ...12 Chapter 3 Example Topologies ...

Страница 17: ... Linux AS 3 This is the only supported base operating system for Proxies serving Monitoring entitled systems Do not install Proxy on Red Hat Enterprise Linux AS 2 1 Enable Network Time Protocol NTP on the Proxy and select the appropriate time zone All client systems should already be running the ntpd daemon and be set to the correct time zone Disable the ipchains and iptables services after instal...

Страница 18: ...e System Details Events tab prepare the system to accept remote commands and configuration management with the following commands mkdir p etc sysconfig rhn allowed actions mkdir p etc sysconfig rhn allowed actions script touch etc sysconfig rhn allowed actions script run mkdir p etc sysconfig rhn allowed actions configfiles touch etc sysconfig rhn allowed actions configfiles deploy 8 Within the RH...

Страница 19: ...t met by the system When the system is ready a continue link appears Click it to go to the Terms Conditions page Figure 4 3 Terms Conditions 11 In the Terms Conditions page click the terms and conditions link to view the licensing agreement of the RHN Proxy Server When satisfied click the I agree link The Enable Moni ...

Страница 20: ...l be used to monitor systems served by it For this to take place the RHN Proxy Server must meet the requirements identified in Chapter 2 Requirements and be connected to an RHN Satellite Server or another Proxy connected to a Satellite To enable monitoring on the Proxy select the checkbox and click continue The Configure RHN Proxy Server page appears ...

Страница 21: ...l RHN Servers include the value xmlrpc rhn redhat com To connect to a Satellite or another Proxy enter the parent system s FQDN If the RHN Proxy Server will connect through an HTTP proxy configure it using the associated fields Note that references to protocol such as http or https should not be included in the HTTP Proxy Server field Insert only the hostname and port in the form hostname port suc...

Страница 22: ...e Monitoring skip to the description of the Configure Monitoring page If you did not enable SSL or Monitoring skip to the description of the Install Progress page Figure 4 6 Configure SSL 14 In the Configure SSL page applicable only to a Proxy connecting to an RHN Satellite Server or another RHN Proxy Server with SSL enabled provide the information needed to generate the server certificate The mos...

Страница 23: ...ance Tool using the Browse button It will be named rhn org httpd ssl archive MACHINENAME VERSION tar with the machine name reflecting the Proxy s hostname Once located click continue Figure 4 8 Configure Monitoring 15 In the Configure Monitoring page provide or confirm the hostname and IP address of the parent server connected to by the RHN Proxy Server This must be either an RHN Satellite ...

Страница 24: ...y take place Click the link to any step to go to its Action Details page When a step has been undertaken its status goes from Queued to Picked Up and then finally to Completed Like the earlier package installs you can immediately trigger these steps by running the rhn_check command in a terminal on the system as root When finished the Install Progress page will display the message The installation...

Страница 25: ... Channels option is not present in the left navigation bar ensure this user has channel editing permissions set Do this through the Users category accessible through the top navigation bar 3 In the left navigation bar click Manage Channels and then the create new channel button at the top right corner of the page 4 Select a parent channel and base channel architecture then enter a name label summa...

Страница 26: ...channel Then click the Packages subtab Each RPM should be listed You can also check to see if the local directory is in sync with the RHN Server s image of the channels at the command line rhn_package_manager s c label_of_private_channel This s option will list all the missing packages packages uploaded to the RHN Server not present in the local directory You must be an Organization Administrator ...

Страница 27: ...mpted for it source Upload source package headers dontcopy In the post upload step do not copy the packages to their final location in the package tree test Only print the packages to be pushed nosig Push unsigned packages By default the RHN Package Manager attempts to push only signed packages no ssl Not recommended Turn off SSL X exclude PATTERN Exclude files matching this glob expression can be...

Страница 28: ...24 Chapter 5 RHN Package Manager ...

Страница 29: ...2 Log Files Virtually every troubleshooting step should start with a look at the associated log file or files These provide invaluable information about the activity that has taken place on the device or within the application that can be used to monitor performance and ensure proper configuration See Table 6 1 for the paths to all relevant log files Component Log File Location Apache HTTP Server ...

Страница 30: ... location 4 My configuration does not work Where do I begin troubleshooting it Make sure etc sysconfig rhn systemid is owned by root apache with the permissions 0640 Read the log files A list is available at Section 6 2 Log Files 6 4 General Problems To begin troubleshooting general problems examine the log file or files related to the component exhibiting failures A useful exercise is to tail all...

Страница 31: ... the file such as 127 0 0 1 localhost localdomain com localhost 123 45 67 8 this_machine example com this_machine Replace the value here with the actual IP address of the Proxy This should resolve the problem Keep in mind if the specific IP address is stipulated the file will need to be updated when the machine obtains a new address 6 6 Connection Errors If your are experiencing problems that you ...

Страница 32: ...the following individual commands in this order chkconfig level 2345 rhn_auth_cache off service rhn_auth_cache stop To clear its cache issue rm var up2date rhn_auth_cache If you must retain the RHN Authentication Daemon which Red Hat recommends against and does not support note that its performance can suffer from verbose logging For this reason its logging to var log rhn rhn_auth_cache log is tur...

Страница 33: ...ble timestamping creating tarball may take some time tmp rhn proxy debug tar bz2 removing temporary debug tree Debug dump created stored in tmp rhn proxy debug tar bz2 Deliver the generated tarball to your RHN contact or support channel Once finished email the new file from the tmp directory to your Red Hat representative for imme diate diagnosis ...

Страница 34: ...30 Chapter 6 Troubleshooting ...

Страница 35: ...e to 0 to turn off SSL between the Proxy and the upstream server temporarily Note that this greatly compromises security Return the setting to its default value of 1 to re enable SSL or simply remove the line from the configuration file Automatically generated RHN Management Proxy Server configuration file SSL CA certificate location proxy ca_chain usr share rhn RHNS CA CERT Corporate HTTP proxy f...

Страница 36: ...32 Appendix A Sample RHN Proxy Server Configuration File ...

Страница 37: ... questions and answers 25 R Red Hat Network introduction 1 Red Hat Update Agent 2 3 requirements 5 additional 6 disk space 6 hardware 5 software 5 RHN Authentication Daemon disabling rhn_auth_cache stopping 28 RHN Package Manager 3 21 channels specifying 22 command line options 22 configuration file 21 configuring 21 create private channel 21 installing 21 upload package headers 21 verify local pa...

Страница 38: ......

Результаты поиска

Содержание NETWORK PROXY SERVER 3.6 -

Отзывы:

Похожие инструкции для NETWORK PROXY SERVER 3.6 -

Бренды по названию

Популярные бренды

Red Hat NETWORK PROXY SERVER 3.6 -, Руководство по установке

Результаты поиска

Содержание NETWORK PROXY SERVER 3.6 -

Отзывы:

Похожие инструкции для NETWORK PROXY SERVER 3.6 -

Бренды по названию

Популярные бренды