Red Hat Network Satellite 5.3 Proxy Installation Guide Red Hat Network Proxy Edition 5.
Red Hat Network Satellite 5.3 Proxy Installation Guide Red Hat Network Proxy Edition 5.3 Landmann rlandmann@redhat.
Legal Notice Copyright © 2010 Red Hat, Inc. T his document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed.
Table of Contents Table of Contents .Chapter . . . . . . . . 1. . . .Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4. . . . . . . . . . 1.1. Red Hat Network 4 1.2. RHN Proxy Server 4 1.3. T erms to Understand 5 1.4. How it Works 6 .Chapter . . . . . . . . 2. . . .Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Red Hat Network Satellite 5.
Table of Contents 3
Red Hat Network Satellite 5.3 Proxy Installation Guide Chapter 1. Introduction 1.1. Red Hat Network Red Hat Network (RHN) is the environment for system-level support and management of Red Hat systems and networks of systems. Red Hat Network brings together the tools, services, and information repositories needed to maximize the reliability, security, and performance of their systems.
Chapter 1. Introduction Saves bandwidth — packages are downloaded from RHN only once (per local Proxy Server's caching mechanism) instead of downloading each package to each client system. Customized updates — create a truly automated package delivery system for custom software packages, as well as official Red Hat packages required for the client systems. Custom private RHN channels allow an organization to automate delivery of in-house packages.
Red Hat Network Satellite 5.3 Proxy Installation Guide Web user interface. 1.4. How it Works T he Red Hat Update Agent or Package Updater on the client systems does not directly contact a Red Hat Network Server. Instead, the client (or clients) connects in turn to an RHN Proxy Server that connects to the Red Hat Network Servers or to a RHN Satellite Server. T hus, the client systems do not need direct access to the Internet. T hey need access only to the RHN Proxy Server.
Chapter 1. Introduction software dependencies, that allows RHN to automate package installation. T he actual custom RPM packages are stored on the RHN Proxy Server and sent to the client systems from inside the organization's local area network. Configuring a computer network to use RHN Proxy Servers is straightforward. T he Red Hat Network applications on the client systems must be configured to connect to the RHN Proxy Server instead of the Red Hat Network Servers.
Red Hat Network Satellite 5.3 Proxy Installation Guide Chapter 2. Requirements T hese requirements must be met before installation. T he Satellite itself must be of a version greater than or equal to the version of the Proxy that you are trying to install. For example, if you want to install RHN Proxy Server 5.1, the Satellite version should be 5.1 or later, and can not be 5.0 or lower. 2.1.
Chapter 2. Requirements Access to the Red Hat Network T ools channel for the installed version of Red Hat Enterprise Linux. T his channel includes the spacewalk-proxy-installer package that contains the configure-proxy.sh installation program required to install RHN Proxy Server. All rhncfg* packages installed on the Proxy (from the RHN T ools channel).
Red Hat Network Satellite 5.3 Proxy Installation Guide Firewall Rules RHN strongly recommends firewalling the RHN Proxy Server solution from the Internet. However, various T CP ports must be opened on the Proxy, depending on your implementation of RHN Proxy Server: T able 2.1. Ports to open on the Proxy Port Direction Reason 80 Outbound Proxy uses this port to reach rhn.redhat.com, xmlrpc.rhn.redhat.
Chapter 2. Requirements A Red Hat Network Account Customers who will be connecting to the central Red Hat Network Servers to receive incremental updates must have a Red Hat Network account. T he sales representative assists with the setup of this account at the time of purchase. Backups of Login Information It is imperative that customers keep track of all primary login information.
Red Hat Network Satellite 5.3 Proxy Installation Guide Chapter 3. Example Topologies T he RHN Proxy Server can be configured in multiple ways. Select one method depending on the following factors: 1. T he total number of client systems to be served by the RHN Proxy Server 2. T he maximum number of clients expected to connect concurrently to the RHN Proxy Server. 3. T he number of custom packages and channels to be served by the RHN Proxy Server. 4.
Chapter 3. Example Topologies Figure 3.2. Multiple Proxy Horizontally T iered T opology 3.3. Multiple Proxy Vertically Tiered Topology An alternative method for multiple RHN Proxy Servers is to establish a primary Proxy that the others connect to for RPMs from Red Hat Network and custom packages created locally. In essence, the secondary Proxies act as clients of the primary.
Red Hat Network Satellite 5.3 Proxy Installation Guide using RHN Proxy Server in conjunction with RHN Satellite Server. T his works similarly to the vertically tiered Proxy configuration but increases capacity significantly, as Satellites can serve a much greater number of client systems. For a thorough description of this combination, refer to the Example T opologies chapter of the RHN Satellite Server Installation Guide.
Chapter 4. Installation Chapter 4. Installation T his chapter describes the initial installation of the RHN Proxy Server. It presumes the prerequisites listed in Chapter 2, Requirements have been met. However, if you are upgrading to a newer version of RHN Proxy Server, contact your Red Hat representative for assistance. 4.1. Base Install T he RHN Proxy Server is designed to run on the Red Hat Enterprise Linux operating system.
Red Hat Network Satellite 5.3 Proxy Installation Guide Tip If you press Enter at a prompt instead of typing in an entry, the RHN Proxy Server command-line installation program uses the default response enclosed in brackets. Alternatively, if you want to use default answers without any user interaction, use the -non-interactive option, which will use all default responses. 3. T he first series of prompts are site-specific details about the installation. Proxy version to activate [5.
Chapter 4. Installation Regardless of whether you enabled SSL for the connection to the Proxy Parent Server, you will be prompted to generate an SSL certificate. This SSL certificate will allow client systems to connect to this Spacewalk Proxy securely. Refer to the Spacewalk Proxy Installation Guide for more information. Organization: Example Company Organization Unit [proxy1.example.com]: Common Name: proxy1.example.com City: New York State: New York Country code: US Email [admin@example.
Red Hat Network Satellite 5.3 Proxy Installation Guide Create and populate configuration channel rhn_proxy_config_1000010000? [Y]: Using server name satserver.example.com Red Hat Network username: admin Password: Creating config channel rhn_proxy_config_1000010000 Config channel rhn_proxy_config_1000010000 created using server name satserver.example.com Pushing to channel rhn_proxy_config_1000010000: Local file /etc/httpd/conf.d/ssl.conf -> remote file /etc/httpd/conf.d/ssl.conf Local file /etc/rhn/rhn.
Chapter 4. Installation # example of answer file for configure-proxy.sh # for full list of possible option see # man configure-proxy.sh VERSION=5.2 RHN_PARENT=rhn-satellite.example.com TRACEBACK_EMAIL=jsmith@example.com USE_SSL=1 SSL_ORG="Red Hat" SSL_ORGUNIT="Spacewalk" SSL_CITY=Raleigh SSL_STATE=NC SSL_COUNTRY=US INSTALL_MONITORING=N ENABLE_SCOUT=N CA_CHAIN=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT POPULATE_CONFIG_CHANNEL=Y T o use an answer file (called answers.txt for example) with configure-proxy.
Red Hat Network Satellite 5.3 Proxy Installation Guide Chapter 5. RHN Package Manager T he RHN Package Manager is a command line tool that allows an organization to serve local packages associated with a private RHN channel through the RHN Proxy Server. If you want the RHN Proxy Server to update only official Red Hat packages, do not install the RHN Package Manager. T o use the RHN Package Manager, install the rhns-proxy-package-m anager package and its dependencies.
Chapter 5. RHN Package Manager from standard input (using --stdin). T o upload the package headers for the source RPMs: rhn_package_manager -c "label_of_private_channel" --source pkg-list If you have more than one channel specified (using -c or --channel), the uploaded package headers will be linked to all the channels listed. Note If a channel name is not specified, the packages are not added to any channel. T he packages can then be added to a channel using the Red Hat Network web interface.
Red Hat Network Satellite 5.3 Proxy Installation Guide T able 5.1. rhn_package_m anager options Option Description -v, --verbose Increase verbosity. -dDIR, --dir=DIR Process packages from directory DIR. -cCHANNEL, --channel=CHANNEL Manage this channel — may be present multiple times. -nNUMBER, --count=NUMBER Process this number of headers per call — the default is 32. -l, --list List each package name, version number, release number, and architecture in the specified channel(s).
Chapter 6. Troubleshooting Chapter 6. Troubleshooting T his chapter provides tips for determining the cause of and resolving the most common errors associated with RHN Proxy Server. If you need additional help, contact Red Hat Network support at https://rhn.redhat.com/help/contact.pxt. Log in using your Satellite-entitled account to see your full list of options. 6.1.
Red Hat Network Satellite 5.3 Proxy Installation Guide Q: I've changed the DNS name setting of my Proxy Server, and now my client systems can't update. How can I fix this? A: Run the up2date -u command on the client system for the name change to take effect. Q: How can I determine whether the clients are connecting to the Squid server? A: T he /var/log/squid/access.log file logs all connections to the Squid server.
Chapter 6. Troubleshooting have been set for traceback_m ail in /etc/rhn/rhn.conf. 6.5. Host Not Found/Could Not Determine FQDN Because RHN configuration files rely exclusively on fully qualified domain names (FQDN), it is imperative that key applications are able to resolve the name of the RHN Proxy Server into an IP address.
Red Hat Network Satellite 5.3 Proxy Installation Guide If the RHN Proxy Server is connecting through an HT T P Proxy, make sure the URL listed is valid. For instance, the HT T P Proxy URL field should not contain references to protocols, such as http:// or https://. Only the hostname and port should be included in the form hostname:port, such as yourgateway.exam ple.com :8080. Make sure client systems are not using firewalls of their own blocking required ports, as identified in Section 2.
Chapter 6. Troubleshooting professionals, Red Hat recommends that you take advantage of the strong support that comes with RHN Proxy Server. One way to access that expertise is through the Red Hat Knowledgebase, which provides solutions to the most common issues encountered by users and has a robust browse and search interface for finding the right answers to your Proxy issues. You can access the Red Hat Knowledgebase at http://kbase.redhat.com.
Red Hat Network Satellite 5.3 Proxy Installation Guide RHN Proxy Server Installation via Satellite Website In addition to the installation method outlined in Section 4.2, “RHN Proxy Server Installation Process”, you can also install RHN Proxy Server via the RHN Satellite Server website. Warning T his method of installation has been deprecated and may be removed in a future version of RHN Satellite Server. T he recommended installation method is documented at Section 4.
RHN Proxy Server Installation via Satellite Website Warning Please note that the RHN Proxy Server installation may replace the squid.conf and httpd.conf configuration files on the system to ease upgrades later. If you have edited these files and want to preserve them, they are rotated in place and can be retrieved after installation. Figure A.1. System Details => Proxy 9.
Red Hat Network Satellite 5.3 Proxy Installation Guide 10. In the Welcom e page, you will find notification of any requirements not met by the system. When the system is ready, a continue link appears. Click it to go to the T erm s & Conditions page. Figure A.3. T erms & Conditions 11. In the T erm s & Conditions page, click the term s and conditions link to view the licensing agreement of the RHN Proxy Server. When satisfied, click the I agree link.
RHN Proxy Server Installation via Satellite Website identified in Chapter 2, Requirements and must be connected to an RHN Satellite Server (or another Proxy connected to a Satellite). T o enable monitoring on the Proxy, select the checkbox and click continue. T he Configure RHN Proxy Server page appears. Figure A.5. Configure RHN Proxy Server 13. In the Configure RHN Proxy Server page, provide or confirm the entries for all required fields.
Red Hat Network Satellite 5.3 Proxy Installation Guide Finally, you must decide whether to enable SSL using the checkbox at the bottom. Red Hat strongly recommends that you employ this level of encryption for all traffic to and from the RHN Proxy Server. T o select it, however, you must connect to the central RHN Servers (which have SSL enabled by default) or to an RHN Satellite Server or RHN Proxy Server that has SSL enabled.
RHN Proxy Server Installation via Satellite Website Figure A.7. Configure Monitoring 15. In the Configure Monitoring page, provide or confirm the hostname and IP address of the parent server connected to by the RHN Proxy Server. T his must be either an RHN Satellite Server or another Proxy which is in turn connected to a Satellite. You cannot achieve Monitoring through the central RHN Servers. When finished, click continue. T he Install Progress page appears. Figure A.8. Install Progress 16.
Red Hat Network Satellite 5.3 Proxy Installation Guide Sample RHN Proxy Server Configuration File T he /etc/rhn/rhn.conf configuration file for the RHN Proxy Server provides a means for you to establish key settings. Be warned, however, that errors inserted into this file may cause Proxy failures. Make configuration changes with caution. If you are also using an RHN Satellite Server, you should be particularly concerned with the following parameters: traceback_mail and proxy.rhn_parent.
Revision History Revision History Revision 5.3-18.4 00 Rebuild with publican 4.0.0 2013-10-31 Rüdiger Landmann Revision 5.3-18 Rebuild for Publican 3.0 2012-07-18 Anthony T owns Revision 1.
Red Hat Network Satellite 5.
Revision History requirements, Requirements - additional, Additional Requirements - disk space, Disk Space Requirements - hardware, Hardware Requirements - software, Software Requirements RHN Authentication Daemon, disabling - rhn_auth_cache, stopping, Caching Issues RHN Package Manager, How it Works, RHN Package Manager - channels, specifying, Uploading Packages - command line options, Command Line Options - configuration file, RHN Package Manager - configuring, Creating a Private Channel - create priva
