manualshive.com logo in svg

Red Hat NETWORK PROXY SERVER 3.7 -, Руководство по установке

"Red Hat NETWORK PROXY SERVER 3.7 - это программа для обеспечения безопасности и управления сетевым трафиком. Вы можете скачать Installation Manual бесплатно на нашем сайте, чтобы узнать больше о настройке и использовании этого решения." Не забудьте загрузить его с manualshive.com.

Поделиться
Скачать
background image

Chapter 1. Introduction

3

1.4. How it Works

The

Red Hat Update Agent

on the client systems does not directly contact a Red Hat Network Server.

Instead, the client (or clients) connects to an RHN Proxy Server that connects to the Red Hat Network

Servers. Thus, the client systems do not need direct access to the Internet. They need access only to

the RHN Proxy Server.

Important

Red Hat strongly recommends that clients connected to RHN Proxy Server be running the latest

update of Red Hat Enterprise Linux to ensure proper connectivity.

By default, a client is authenticated directly by Red Hat Network Servers. Using an RHN Proxy Server,

authentication works similarly except that the RHN Proxy Server provides route information as well.

After a successful authentication, the Red Hat Network Server informs the RHN Proxy Server that it

is permitted to execute a specific action for the client. The RHN Proxy Server downloads all of the

updated packages (if they are not already present in its cache) and delivers them to the client system.
Requests from the

Red Hat Update Agent

on the client systems are still authenticated on the server

side, but package delivery is significantly faster since the packages are cached in the HTTP proxy

caching server or the RHN Proxy Server (for local packages); the RHN Proxy Server and client system

are connected via the LAN and are limited only by the speed of the local network.
Authentication is done in the following order:

1. The client performs a login action at the beginning of a client session. This login is passed

through one or more RHN Proxy Servers until it reaches a Red Hat Network Server.

2. The Red Hat Network Server attempts to authenticate the client. If authentication is successful,

the server then passes back a session token via the chain of RHN Proxy Servers. This token,

which has a signature and expiration, contains user information, including subscribe-to chan-

nels, username, etc.

3. Each RHN Proxy Server caches this token on its local file system in

/var/cache/rhn/

.

Caching reduces some of the overhead of authenticating with Red Hat Network Servers and

greatly improves the performance of Red Hat Network.

4. This session token is passed back to the client machine and is used in subsequent actions on Red

Hat Network.

From the client’s point of view, there is no difference between an RHN Proxy Server and a Red Hat

Network Server. From the Red Hat Network Server’s point of view, an RHN Proxy Server is a special

kind of client. Thus, clients are not affected by the route a request takes to reach a Red Hat Network

Server. All the logic is implemented in the RHN Proxy Servers and Red Hat Network Servers.
Optionally the RHN Package Manager can be installed and configured to serve custom packages writ-

ten specifically for the organization. These are not official Red Hat packages. After creating a private

RHN channel, the custom RPM packages are associated with the private channel by uploading the

package headers to the RHN Servers. Only the headers are uploaded, not the actual package files. The

headers are required because they contain crucial RPM information, such as software dependencies,

that allows RHN to automate package installation. The actual custom RPM packages are stored on the

RHN Proxy Server and sent to the client systems from inside the organization’s private area network.
Configuring a computer network to use RHN Proxy Servers is straightforward. The Red Hat Network

applications on the client systems must be configured to connect to the RHN Proxy Server instead

of the Red Hat Network Servers. Refer to the

RHN Client Configuration Guide

for details. On the

proxy side, one has to specify the next proxy in the chain (which will eventually end with a Red Hat

Содержание NETWORK PROXY SERVER 3.7 -

Страница 1: ...RHN Proxy Server 3 7 Installation Guide ...

Страница 2: ...ble at http www opencontent org openpub Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder Distribution of the work or derivative of the work in any standard paper book form for commercial purposes is prohibited unless prior permission is obtained from the copyright holder Red Hat and the Red Hat Shadow Man logo ar...

Страница 3: ...y Vertically Tiered Topology 10 3 4 Proxies with RHN Satellite Server 11 4 Installation 13 4 1 Base Install 13 4 2 RHN Proxy Server Installation Process 13 5 RHN Package Manager 21 5 1 Creating a Private Channel 21 5 2 Uploading Packages 21 5 3 Command Line Options 22 6 Troubleshooting 25 6 1 Managing the Proxy Service 25 6 2 Log Files 25 6 3 Questions and Answers 25 6 4 General Problems 26 6 5 Ho...

Страница 4: ......

Страница 5: ...ebsite to schedule actions including Errata Updates package in stalls and software profile updates Simplification maintaining Red Hat systems becomes a simple automated process 1 2 RHN Proxy Server An RHN Proxy Server is a service deployed within a corporate network with advanced Red Hat Network functionality such as a package caching mechanism for reduced bandwidth usage and cus tomizable channel...

Страница 6: ...RHN Proxy Server it is important to become familiar with the following Red Hat Network terms Channel A channel is a list of software packages There are two types of channels base channels and child channels A base channel consists of a list of packages based on a specific architecture and Red Hat release A child channel is a channel associated with a base channel but contains extra packages Organi...

Страница 7: ...ion token via the chain of RHN Proxy Servers This token which has a signature and expiration contains user information including subscribe to chan nels username etc 3 Each RHN Proxy Server caches this token on its local file system in var cache rhn Caching reduces some of the overhead of authenticating with Red Hat Network Servers and greatly improves the performance of Red Hat Network 4 This sess...

Страница 8: ...4 Chapter 1 Introduction Network Server If the RHN Package Manager is used the client systems must be subscribed to the private RHN channel ...

Страница 9: ...ate 3 or Red Hat Enterprise Linux AS 2 1 Update 5 specify the following package group Base For installing Red Hat Enterprise Linux AS 4 or Red Hat Enterprise Linux AS 3 Update 3 via CD or ISO image select the following package group Minimal Warning Security enhanced Linux SELinux must be disabled in Red Hat Enterprise Linux AS 4 prior to installation of RHN Proxy Server To do this during CD or ISO...

Страница 10: ...ribute custom or local packages make sure that the var mount point on the system storing local packages has sufficient disk space to hold all of the custom packages which are stored in var spool rhn proxy The required disk space for local packages depends on the number of custom packages served 2 4 Additional Requirements The following additional requirements must be met before the RHN Proxy Serve...

Страница 11: ...lishing installation trees for kickstarts In addition Red Hat recommends the system running the code not be publicly available No users but the system administrators should have shell access to these machines All unnecessary services should be disabled You can use ntsysv or chkconfig to disable services Finally you should have the following technical documents in hand for use in roughly this order...

Страница 12: ...8 Chapter 2 Requirements ...

Страница 13: ... clients and a network that would benefit from caching Red Hat RPMs and storing custom packages on a local server The disadvantage of using one RHN Proxy Server is that performance will be compromised as the number of clients requesting packages grows Figure 3 1 Single Proxy Topology 3 2 Multiple Proxy Horizontally Tiered Topology For larger networks a more distributed method may be needed such as...

Страница 14: ...ents of the primary This alleviates the need to establish synchronization between the RHN Proxy Servers as they use the up2date functionality inherent with the product Like the horizontally tiered configuration this vertical method allows any client of any RHN Proxy Servers to have all custom packages delivered to them The Proxy merely looks in its repository to see if it can find the package on i...

Страница 15: ... works similarly to the vertically tiered Proxy configuration but increases capacity significantly as Satellites can serve a much greater number of client systems For a thorough description of this combination refer to the Example Topologies chapter of the RHN Satellite Server Installation Guide Linking the two products SSL certificates is described in the RHN Client Configuration Guide To find ou...

Страница 16: ...12 Chapter 3 Example Topologies ...

Страница 17: ...ll your RHN Proxy Server on Red Hat Enterprise Linux AS 3 Update 3 or Red Hat Enterprise Linux AS 4 These are the only supported base operating systems for Proxies serving Monitoring entitled systems Do not install Proxy on Red Hat Enterprise Linux AS 2 1 Enable Network Time Protocol NTP on the Proxy and select the appropriate time zone All client systems should already be running the ntpd daemon ...

Страница 18: ... package installation 7 Once the packages have been installed as confirmed through the System Details Events tab prepare the system to accept remote commands and configuration management with the following commands mkdir m 0770 p etc sysconfig rhn allowed actions configfiles touch etc sysconfig rhn allowed actions configfiles all mkdir m 0770 p etc sysconfig rhn allowed actions script touch etc sy...

Страница 19: ...t met by the system When the system is ready a continue link appears Click it to go to the Terms Conditions page Figure 4 3 Terms Conditions 11 In the Terms Conditions page click the terms and conditions link to view the licensing agreement of the RHN Proxy Server When satisfied click the I agree link The Enable Moni ...

Страница 20: ...l be used to monitor systems served by it For this to take place the RHN Proxy Server must meet the requirements identified in Chapter 2 Requirements and be connected to an RHN Satellite Server or another Proxy connected to a Satellite To enable monitoring on the Proxy select the checkbox and click continue The Configure RHN Proxy Server page appears ...

Страница 21: ...l RHN Servers include the value xmlrpc rhn redhat com To connect to a Satellite or another Proxy enter the parent system s FQDN If the RHN Proxy Server will connect through an HTTP proxy configure it using the associated fields Note that references to protocol such as http or https should not be included in the HTTP Proxy Server field Insert only the hostname and port in the form hostname port suc...

Страница 22: ...e Monitoring skip to the description of the Configure Monitoring page If you did not enable SSL or Monitoring skip to the description of the Install Progress page Figure 4 6 Configure SSL 14 In the Configure SSL page applicable only to a Proxy connecting to an RHN Satellite Server or another RHN Proxy Server with SSL enabled provide the information needed to generate the server certificate The mos...

Страница 23: ...ance Tool using the Browse button It will be named rhn org httpd ssl archive MACHINENAME VERSION tar with the machine name reflecting the Proxy s hostname Once located click continue Figure 4 8 Configure Monitoring 15 In the Configure Monitoring page provide or confirm the hostname and IP address of the parent server connected to by the RHN Proxy Server This must be either an RHN Satellite ...

Страница 24: ...y take place Click the link to any step to go to its Action Details page When a step has been undertaken its status goes from Queued to Picked Up and then finally to Completed Like the earlier package installs you can immediately trigger these steps by running the rhn_check command in a terminal on the system as root When finished the Install Progress page will display the message The installation...

Страница 25: ... Channels option is not present in the left navigation bar ensure this user has channel editing permissions set Do this through the Users category accessible through the top navigation bar 3 In the left navigation bar click Manage Channels and then the create new channel button at the top right corner of the page 4 Select a parent channel and base channel architecture then enter a name label summa...

Страница 26: ...channel Then click the Packages subtab Each RPM should be listed You can also check to see if the local directory is in sync with the RHN Server s image of the channels at the command line rhn_package_manager s c label_of_private_channel This s option will list all the missing packages packages uploaded to the RHN Server not present in the local directory You must be an Organization Administrator ...

Страница 27: ...mpted for it source Upload source package headers dontcopy In the post upload step do not copy the packages to their final location in the package tree test Only print the packages to be pushed nosig Push unsigned packages By default the RHN Package Manager attempts to push only signed packages no ssl Not recommended Turn off SSL X exclude PATTERN Exclude files matching this glob expression can be...

Страница 28: ...24 Chapter 5 RHN Package Manager ...

Страница 29: ...2 Log Files Virtually every troubleshooting step should start with a look at the associated log file or files These provide invaluable information about the activity that has taken place on the device or within the application that can be used to monitor performance and ensure proper configuration See Table 6 1 for the paths to all relevant log files Component Log File Location Apache HTTP Server ...

Страница 30: ...cation 4 My RHN Proxy Server configuration does not work Where do I begin troubleshooting it Make sure etc sysconfig rhn systemid is owned by root apache with the permissions 0640 Read the log files A list is available at Table 6 1 6 4 General Problems To begin troubleshooting general problems examine the log file or files related to the component exhibiting failures A useful exercise is to tail a...

Страница 31: ...ch as 127 0 0 1 localhost localdomain com localhost 123 45 67 8 this_machine example com this_machine Replace the value here with the actual IP address of the Proxy This should resolve the problem Keep in mind if the specific IP address is stipulated the file will need to be updated when the machine obtains a new address 6 6 Connection Errors If your are experiencing problems that you believe to b...

Страница 32: ...the following individual commands in this order chkconfig level 2345 rhn_auth_cache off service rhn_auth_cache stop To clear its cache issue rm var up2date rhn_auth_cache If you must retain the RHN Authentication Daemon which Red Hat recommends against and does not support note that its performance can suffer from verbose logging For this reason its logging to var log rhn rhn_auth_cache log is tur...

Страница 33: ...ble timestamping creating tarball may take some time tmp rhn proxy debug tar bz2 removing temporary debug tree Debug dump created stored in tmp rhn proxy debug tar bz2 Deliver the generated tarball to your RHN contact or support channel Once finished email the new file from the tmp directory to your Red Hat representative for imme diate diagnosis ...

Страница 34: ...30 Chapter 6 Troubleshooting ...

Страница 35: ...e to 0 to turn off SSL between the Proxy and the upstream server temporarily Note that this greatly compromises security Return the setting to its default value of 1 to re enable SSL or simply remove the line from the configuration file Automatically generated RHN Management Proxy Server configuration file SSL CA certificate location proxy ca_chain usr share rhn RHNS CA CERT Corporate HTTP proxy f...

Страница 36: ...32 Appendix A Sample RHN Proxy Server Configuration File ...

Страница 37: ... questions and answers 25 R Red Hat Network introduction 1 Red Hat Update Agent 2 3 requirements 5 additional 6 disk space 6 hardware 6 software 5 RHN Authentication Daemon disabling rhn_auth_cache stopping 28 RHN Package Manager 3 21 channels specifying 22 command line options 22 configuration file 21 configuring 21 create private channel 21 installing 21 upload package headers 21 verify local pa...

Страница 38: ......

Отзывы:

Нет отзывов

Похожие инструкции для NETWORK PROXY SERVER 3.7 -

IBM 5887 Manual preview
5887
Бренд: IBM Страницы: 92
IBM eServer BladeCenter HS20Type 8832 Maintenance And Troubleshooting Manual preview
eServer BladeCenter HS20Type 8832
Бренд: IBM Страницы: 158
i3 International SRX-Pro Server Quick Start Manual preview
SRX-Pro Server
Бренд: i3 International Страницы: 2
Thecus N12000 series User Manual preview
N12000 series
Бренд: Thecus Страницы: 120
Santec SVS-3001 User Manual preview
SVS-3001
Бренд: Santec Страницы: 40
Supermicro SuperServer E300-9C User Manual preview
SuperServer E300-9C
Бренд: Supermicro Страницы: 113
dallmeier SMAVIA DMS 2400 II Manual preview
SMAVIA DMS 2400 II
Бренд: dallmeier Страницы: 36
QNAP TVS- 72XU Series User Manual preview
TVS- 72XU Series
Бренд: QNAP Страницы: 56
Monoprice 12186 User Manual preview
12186
Бренд: Monoprice Страницы: 5
ClearCube CD7424SFPST Quick Start Manual preview
CD7424SFPST
Бренд: ClearCube Страницы: 3
NEC Express5800/140Hf User Manual preview
Express5800/140Hf
Бренд: NEC Страницы: 482
SSS Siedle AS 670-0 S Product Information preview
AS 670-0 S
Бренд: SSS Siedle Страницы: 12
AMX MAX-HT-04T Datasheet preview
MAX-HT-04T
Бренд: AMX Страницы: 2
Oracle StorageTek LTO User Manual preview
StorageTek LTO
Бренд: Oracle Страницы: 34
ClearCube R3040S Quick Start Manual preview
R3040S
Бренд: ClearCube Страницы: 2
Gigabyte GS-ST590V System Installation Manual preview
GS-ST590V
Бренд: Gigabyte Страницы: 68
Inspur SA5212M4 Manual preview
SA5212M4
Бренд: Inspur Страницы: 107
Inspur NF5180M6 User Manual preview
NF5180M6
Бренд: Inspur Страницы: 103

Бренды по названию

Популярные бренды

Загрузить еще бренды