background image

Chapter 2.

Requirements

These requirements must be met before installation. To install RHN Proxy Server version 3.6 or later

from RHN Satellite Server, the Satellite itself must be version 3.6 or later.

2.1. Software Requirements

To perform an installation, the following software components must be available:

Base operating system — RHN Proxy Server is supported with Red Hat Enterprise Linux AS 2.1

Update 5 or later and Red Hat Enterprise Linux AS 3 Update 3 or later only. The operating system

can be installed from disc, local ISO image, kickstart, or any of the methods supported by Red Hat.

Important

If you plan to obtain Monitoring-level service, you

must

install your RHN Proxy Server on Red Hat

Enterprise Linux AS 3 Update 3. This is the only supported base operating system for Proxies

serving Monitoring-entitled systems.

Each version of Red Hat Enterprise Linux AS requires a certain package set to support RHN Proxy

Server. Anything more can cause errors during installation. Therefore, Red Hat recommends ob-

taining the desired package set in the following ways:
For kickstarting either Red Hat Enterprise Linux AS 3 Update 3 or Red Hat Enterprise Linux AS

2.1 Update 5, specify the following package group:

@ Base

For installing Red Hat Enterprise Linux AS 3 Update 3 via CD or ISO image, select the following

package group:

Minimal

For installing Red Hat Enterprise Linux AS 2.1 Update 5 via CD or ISO image, select the following

package group:

Advanced Server

An available RHN Proxy Server entitlement within your Red Hat Network account.

An available Provisioning entitlement within your Red Hat Network account (which should come

packaged with your RHN Proxy Server entitlement).

Access to the Red Hat Network Tools channel for the installed version of Red Hat Enterprise Linux

AS.

All

rhncfg*

packages installed on the Proxy (from the RHN Tools channel).

Either the

rhns-certs-tools

package installed on the Proxy (from the RHN Tools channel) or

the secure sockets layer (SSL) CA certificate password used to generate the parent server certificate

(such as on an RHN Satellite Server).

Configuration of the system to accept remote commands and configuration management through

Red Hat Network. Refer to Section 4.2

RHN Proxy Server Installation Process

for instructions.

2.2. Hardware Requirements

The following hardware configuration is required for the RHN Proxy Server:

Dell PowerEdge 1750 or equivalent

Содержание NETWORK PROXY SERVER 3.6 -

Страница 1: ...RHN Proxy Server 3 6 Installation Guide ...

Страница 2: ...ogo RPM Maximum RPM the RPM logo Linux Library PowerTools Linux Undercover RHmember RHmember More Rough Cuts Rawhide and all Red Hat based trademarks and logos are trademarks or registered trademarks of Red Hat Inc in the United States and other countries Linux is a registered trademark of Linus Torvalds All other trademarks and copyrights referred to are the property of their respective owners ...

Страница 3: ...y Vertically Tiered Topology 10 3 4 Proxies with RHN Satellite Server 11 4 Installation 13 4 1 Base Install 13 4 2 RHN Proxy Server Installation Process 13 5 RHN Package Manager 21 5 1 Creating a Private Channel 21 5 2 Uploading Packages 21 5 3 Command Line Options 22 6 Troubleshooting 25 6 1 Managing the Proxy Service 25 6 2 Log Files 25 6 3 Questions and Answers 25 6 4 General Problems 26 6 5 Ho...

Страница 4: ......

Страница 5: ...ebsite to schedule actions including Errata Updates package in stalls and software profile updates Simplification maintaining Red Hat systems becomes a simple automated process 1 2 RHN Proxy Server An RHN Proxy Server is a service deployed within a corporate network with advanced Red Hat Network functionality such as a package caching mechanism for reduced bandwidth usage and cus tomizable channel...

Страница 6: ...RHN Proxy Server it is important to become familiar with the following Red Hat Network terms Channel A channel is a list of software packages There are two types of channels base channels and child channels A base channel consists of a list of packages based on a specific architecture and Red Hat release A child channel is a channel associated with a base channel but contains extra packages Organi...

Страница 7: ...ion token via the chain of RHN Proxy Servers This token which has a signature and expiration contains user information including subscribe to chan nels username etc 3 Each RHN Proxy Server caches this token on its local file system in var cache rhn Caching reduces some of the overhead of authenticating with Red Hat Network Servers and greatly improves the performance of Red Hat Network 4 This sess...

Страница 8: ...4 Chapter 1 Introduction Network Server If the RHN Package Manager is used the client systems must be subscribed to the private RHN channel ...

Страница 9: ...t Enterprise Linux AS 3 Update 3 or Red Hat Enterprise Linux AS 2 1 Update 5 specify the following package group Base For installing Red Hat Enterprise Linux AS 3 Update 3 via CD or ISO image select the following package group Minimal For installing Red Hat Enterprise Linux AS 2 1 Update 5 via CD or ISO image select the following package group Advanced Server An available RHN Proxy Server entitlem...

Страница 10: ...llowing additional requirements must be met before the RHN Proxy Server installation can be considered complete Full Access Client systems need full network access to the RHN Proxy Server solution s services and ports Firewall Rules The RHN Proxy Server solution can be firewalled from the Internet but it must be able to issue outbound connections to the Internet on ports 80 and 443 In addition if ...

Страница 11: ...ble No users but the system administrators should have shell access to these machines All unnecessary services should be disabled You can use ntsysv or chkconfig to disable services Finally you should have the following technical documents in hand for use in roughly this order 1 The RHN Proxy Server Installation Guide This guide which you are now reading provides the essential steps necessary to g...

Страница 12: ...8 Chapter 2 Requirements ...

Страница 13: ... clients and a network that would benefit from caching Red Hat RPMs and storing custom packages on a local server The disadvantage of using one RHN Proxy Server is that performance will be compromised as the number of clients requesting packages grows Figure 3 1 Single Proxy Topology 3 2 Multiple Proxy Horizontally Tiered Topology For larger networks a more distributed method may be needed such as...

Страница 14: ...e primary This alleviates the need to establish synchronization between the RHN Proxy Servers as they use the up2date functionality inherent with the product Like the horizontally tiered configuration this vertical method allows any client of any RHN Proxy Servers to have all custom packages delivered to them The Proxy merely looks in its repository to see if it can find the package on its filesys...

Страница 15: ... works similarly to the vertically tiered Proxy configuration but increases capacity significantly as Satellites can serve a much greater number of client systems For a thorough description of this combination refer to the Example Topologies chapter of the RHN Satellite Server Installation Guide Linking the two products SSL certificates is described in the RHN Client Configuration Guide To find ou...

Страница 16: ...12 Chapter 3 Example Topologies ...

Страница 17: ... Linux AS 3 This is the only supported base operating system for Proxies serving Monitoring entitled systems Do not install Proxy on Red Hat Enterprise Linux AS 2 1 Enable Network Time Protocol NTP on the Proxy and select the appropriate time zone All client systems should already be running the ntpd daemon and be set to the correct time zone Disable the ipchains and iptables services after instal...

Страница 18: ...e System Details Events tab prepare the system to accept remote commands and configuration management with the following commands mkdir p etc sysconfig rhn allowed actions mkdir p etc sysconfig rhn allowed actions script touch etc sysconfig rhn allowed actions script run mkdir p etc sysconfig rhn allowed actions configfiles touch etc sysconfig rhn allowed actions configfiles deploy 8 Within the RH...

Страница 19: ...t met by the system When the system is ready a continue link appears Click it to go to the Terms Conditions page Figure 4 3 Terms Conditions 11 In the Terms Conditions page click the terms and conditions link to view the licensing agreement of the RHN Proxy Server When satisfied click the I agree link The Enable Moni ...

Страница 20: ...l be used to monitor systems served by it For this to take place the RHN Proxy Server must meet the requirements identified in Chapter 2 Requirements and be connected to an RHN Satellite Server or another Proxy connected to a Satellite To enable monitoring on the Proxy select the checkbox and click continue The Configure RHN Proxy Server page appears ...

Страница 21: ...l RHN Servers include the value xmlrpc rhn redhat com To connect to a Satellite or another Proxy enter the parent system s FQDN If the RHN Proxy Server will connect through an HTTP proxy configure it using the associated fields Note that references to protocol such as http or https should not be included in the HTTP Proxy Server field Insert only the hostname and port in the form hostname port suc...

Страница 22: ...e Monitoring skip to the description of the Configure Monitoring page If you did not enable SSL or Monitoring skip to the description of the Install Progress page Figure 4 6 Configure SSL 14 In the Configure SSL page applicable only to a Proxy connecting to an RHN Satellite Server or another RHN Proxy Server with SSL enabled provide the information needed to generate the server certificate The mos...

Страница 23: ...ance Tool using the Browse button It will be named rhn org httpd ssl archive MACHINENAME VERSION tar with the machine name reflecting the Proxy s hostname Once located click continue Figure 4 8 Configure Monitoring 15 In the Configure Monitoring page provide or confirm the hostname and IP address of the parent server connected to by the RHN Proxy Server This must be either an RHN Satellite ...

Страница 24: ...y take place Click the link to any step to go to its Action Details page When a step has been undertaken its status goes from Queued to Picked Up and then finally to Completed Like the earlier package installs you can immediately trigger these steps by running the rhn_check command in a terminal on the system as root When finished the Install Progress page will display the message The installation...

Страница 25: ... Channels option is not present in the left navigation bar ensure this user has channel editing permissions set Do this through the Users category accessible through the top navigation bar 3 In the left navigation bar click Manage Channels and then the create new channel button at the top right corner of the page 4 Select a parent channel and base channel architecture then enter a name label summa...

Страница 26: ...channel Then click the Packages subtab Each RPM should be listed You can also check to see if the local directory is in sync with the RHN Server s image of the channels at the command line rhn_package_manager s c label_of_private_channel This s option will list all the missing packages packages uploaded to the RHN Server not present in the local directory You must be an Organization Administrator ...

Страница 27: ...mpted for it source Upload source package headers dontcopy In the post upload step do not copy the packages to their final location in the package tree test Only print the packages to be pushed nosig Push unsigned packages By default the RHN Package Manager attempts to push only signed packages no ssl Not recommended Turn off SSL X exclude PATTERN Exclude files matching this glob expression can be...

Страница 28: ...24 Chapter 5 RHN Package Manager ...

Страница 29: ...2 Log Files Virtually every troubleshooting step should start with a look at the associated log file or files These provide invaluable information about the activity that has taken place on the device or within the application that can be used to monitor performance and ensure proper configuration See Table 6 1 for the paths to all relevant log files Component Log File Location Apache HTTP Server ...

Страница 30: ... location 4 My configuration does not work Where do I begin troubleshooting it Make sure etc sysconfig rhn systemid is owned by root apache with the permissions 0640 Read the log files A list is available at Section 6 2 Log Files 6 4 General Problems To begin troubleshooting general problems examine the log file or files related to the component exhibiting failures A useful exercise is to tail all...

Страница 31: ... the file such as 127 0 0 1 localhost localdomain com localhost 123 45 67 8 this_machine example com this_machine Replace the value here with the actual IP address of the Proxy This should resolve the problem Keep in mind if the specific IP address is stipulated the file will need to be updated when the machine obtains a new address 6 6 Connection Errors If your are experiencing problems that you ...

Страница 32: ...the following individual commands in this order chkconfig level 2345 rhn_auth_cache off service rhn_auth_cache stop To clear its cache issue rm var up2date rhn_auth_cache If you must retain the RHN Authentication Daemon which Red Hat recommends against and does not support note that its performance can suffer from verbose logging For this reason its logging to var log rhn rhn_auth_cache log is tur...

Страница 33: ...ble timestamping creating tarball may take some time tmp rhn proxy debug tar bz2 removing temporary debug tree Debug dump created stored in tmp rhn proxy debug tar bz2 Deliver the generated tarball to your RHN contact or support channel Once finished email the new file from the tmp directory to your Red Hat representative for imme diate diagnosis ...

Страница 34: ...30 Chapter 6 Troubleshooting ...

Страница 35: ...e to 0 to turn off SSL between the Proxy and the upstream server temporarily Note that this greatly compromises security Return the setting to its default value of 1 to re enable SSL or simply remove the line from the configuration file Automatically generated RHN Management Proxy Server configuration file SSL CA certificate location proxy ca_chain usr share rhn RHNS CA CERT Corporate HTTP proxy f...

Страница 36: ...32 Appendix A Sample RHN Proxy Server Configuration File ...

Страница 37: ... questions and answers 25 R Red Hat Network introduction 1 Red Hat Update Agent 2 3 requirements 5 additional 6 disk space 6 hardware 5 software 5 RHN Authentication Daemon disabling rhn_auth_cache stopping 28 RHN Package Manager 3 21 channels specifying 22 command line options 22 configuration file 21 configuring 21 create private channel 21 installing 21 upload package headers 21 verify local pa...

Страница 38: ......

Отзывы: