RHN Proxy Server 4.
RHN Proxy Server 4.0: Installation Guide Copyright © 2001 - 2005 by Red Hat, Inc. Red Hat, Inc. 1801 Varsity Drive Raleigh NC 27606-2072 USA Phone: +1 919 754 3700 Phone: 888 733 4281 Fax: +1 919 754 3701 PO Box 13588 Research Triangle Park NC 27709 USA RHNproxy(EN)-4.0-RHI (2005-04-20T13:40) Copyright © 2005 by Red Hat, Inc. This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, V1.
Table of Contents 1. Introduction..................................................................................................................................... 1 1.1. Red Hat Network ............................................................................................................... 1 1.2. RHN Proxy Server ............................................................................................................. 1 1.3. Terms to Understand .................................................
Chapter 1. Introduction 1.1. Red Hat Network Red Hat Network (RHN) is the environment for system-level support and management of Red Hat systems and networks of systems. Red Hat Network brings together the tools, services, and information repositories needed to maximize the reliability, security, and performance of their systems. To use RHN, system administrators register the software and hardware profiles, known as System Profiles, of their client systems with Red Hat Network.
2 Chapter 1. Introduction For instance, an organization could develop its own software, package it in an RPM, sign it with its own GPG signature, and have the local RHN Proxy Server update all the individual systems in the network with the latest versions of the custom software. Advantages of using RHN Proxy Server include: • Scalability — there can be multiple local RHN Proxy Servers within one organization.
Chapter 1. Introduction 3 Red Hat Update Agent — The Red Hat Update Agent is the Red Hat Network client application (up2date) that allows users to retrieve and install new or updated packages for the client system on which the application is run. • Traceback — A traceback is a detailed description of "what went wrong" that is useful for troubleshooting the RHN Proxy Server.
4 Chapter 1. Introduction Hat Network Server. All the logic is implemented in the RHN Proxy Servers and Red Hat Network Servers. Optionally the RHN Package Manager can be installed and configured to serve custom packages written specifically for the organization. These are not official Red Hat packages. After creating a private RHN channel, the custom RPM packages are associated with the private channel by uploading the package headers to the RHN Servers.
Chapter 2. Requirements These requirements must be met before installation. To install RHN Proxy Server version 3.6 or later from RHN Satellite Server, the Satellite itself must be version 3.6 or later. 2.1. Software Requirements To perform an installation, the following software-related components must be available: • Base operating system — RHN Proxy Server is supported with Red Hat Enterprise Linux AS 3 Update 5 or later, or Red Hat Enterprise Linux AS 4 only.
6 Chapter 2. Requirements • Configuration of the system to accept remote commands and configuration management through Red Hat Network. Refer to Section 4.2 RHN Proxy Server Installation Process for instructions. 2.2. Hardware Requirements The following hardware configuration is required for the RHN Proxy Server: • Pentium III processor, 1.
Chapter 2. Requirements • 7 A Red Hat Network Account Customers who will be connecting to the central Red Hat Network Servers to receive incremental updates will need an account with Red Hat Network. This account should be set up at the time of purchase with the sales representative. • Backups of Login Information It is imperative customers keep track of all primary login information.
8 Chapter 2.
Chapter 3. Example Topologies The RHN Proxy Server can be configured in multiple ways. Select one method depending on the following factors: 1. The total number of client systems to be served by the 2. The maximum number of clients expected to connect concurrently to the RHN Proxy Server. 3. The number of custom packages and channels to be served by the RHN Proxy Server. 4. The number of RHN Proxy Servers being used in the customer environment.
10 Chapter 3. Example Topologies • Either, the rsync file transfer program can be used to synchronize packages between the Proxies, or • a Network File System (NFS) share can be established between the Proxies and the custom channel repository. Either of these solutions will allow any client of any RHN Proxy Servers to have all custom packages delivered to them. Figure 3-2. Multiple Proxy Horizontally Tiered Topology 3.3.
Chapter 3. Example Topologies 11 Figure 3-3. Multiple Proxy Vertically Tiered Topology 3.4. Proxies with RHN Satellite Server In addition to the methods described in detail within this chapter, customers also have the option of using RHN Proxy Server in conjunction with RHN Satellite Server. This works similarly to the vertically tiered Proxy configuration but increases capacity significantly, as Satellites can serve a much greater number of client systems.
12 Chapter 3.
Chapter 4. Installation This chapter describes the initial installation of the RHN Proxy Server. It presumes the prerequisites listed in Chapter 2 Requirements have been met. However, if you are upgrading to a newer version of RHN Proxy Server, contact your Red Hat representative for assistance. 4.1. Base Install The RHN Proxy Server is designed to run on the Red Hat Enterprise Linux AS operating system.
14 Chapter 4. Installation 4. Install all the rhncfg packages by navigating to the System System Details Packages Install subtab and searching for rhncfg using the Filter by Package Name text search box. In the resulting list, select all the packages and install them. 5.
Chapter 4. Installation 15 Figure 4-2. Welcome 10. In the Welcome page, you will find notification of any requirements not met by the system. When the system is ready, a continue link appears. Click it to go to the Terms & Conditions page. Figure 4-3. Terms & Conditions 11. In the Terms & Conditions page, click the terms and conditions link to view the licensing agreement of the RHN Proxy Server. When satisfied, click the I agree link. The Enable Monitoring page appears next.
16 Chapter 4. Installation Figure 4-4. Enable Monitoring 12. In the Enable Monitoring page, you must decide whether the Proxy will be used to monitor systems served by it. For this to take place, the RHN Proxy Server must meet the requirements identified in Chapter 2 Requirements and be connected to an RHN Satellite Server (or another Proxy connected to a Satellite). To enable monitoring on the Proxy, select the checkbox and click continue. The Configure RHN Proxy Server page appears.
Chapter 4. Installation 17 Figure 4-5. Configure RHN Proxy Server 13. In the Configure RHN Proxy Server page, provide or confirm the entries for all required fields. The Administrator Email Address will receive all mail generated by the Proxy, including sometimes large quantities of error-related tracebacks. To stem this flow, consider establishing mail filters that capture messages with a subject of "RHN TRACEBACK from hostname".
18 Chapter 4. Installation Finally, you must decide whether to enable SSL using the checkbox at the bottom. Red Hat strongly recommends you employ this level of encryption for all traffic to and from the RHN Proxy Server. To select it, however, you must be connecting to the central RHN Servers (which have SSL enabled by default) or to an RHN Satellite Server or RHN Proxy Server that has SSL enabled. Connection to the central RHN Servers requires upload of the certificate tar file mentioned earlier.
Chapter 4. Installation 19 Figure 4-7. Upload SSL In the Upload SSL page applicable only to a Proxy connecting to the central RHN Servers, locate the tar file created using the RHN SSL Maintenance Tool using the Browse button. It will be named rhn-org-httpd-ssl-archive-MACHINENAME-VERSION .tar with the machine name reflecting the Proxy’s hostname. Once located, click continue. Note Since you must be root to generate the SSL key, the resulting SSL tar file will be located in /root/ssl-build/HOSTNAME/.
20 Chapter 4. Installation Figure 4-9. Install Progress 16. In the Install Progress page, you may monitor the steps of the installation as they take place. Click the link to any step to go to its Action Details page. When a step has been undertaken, its status goes from Queued to Picked Up and then finally to Completed. Like the earlier package installs, you can immediately trigger these steps by running the rhn_check command in a terminal on the system as root.
Chapter 5. RHN Package Manager The RHN Package Manager is a command line tool that allows an organization to serve local packages associated with a private RHN channel through the RHN Proxy Server. If you want the RHN Proxy Server to update only official Red Hat packages, you do not need to install the RHN Package Manager. To use the RHN Package Manager, install the rhns-proxy-package-manager package and its dependencies. Only the header information for packages is uploaded to the RHN Servers.
22 Chapter 5. RHN Package Manager rhn_package_manager -c "label_of_private_channel" pkg-list pkg-list is the list of packages to be uploaded. Alternatively, use the -d option to specify the local directory that contains the packages to add to the channel. Ensure the directory contains only the packages to be included and no other files. RHN Package Manager can also read the list of packages from standard input (using --stdin).
Chapter 5. RHN Package Manager 23 Option Description -l, --list List each package name, version number, release number, and architecture in the specified channel(s). -s, --sync Check if local directory is in sync with the server. -p, --printconf Print the current configuration and exit. -XPATTERN , --exclude=PATTERN Exclude files matching this glob expression — can be present multiple times.
24 Chapter 5.
Chapter 6. Troubleshooting This chapter provides tips for determining the cause of and resolving the most common errors associated with RHN Proxy Server. If you need additional help, contact Red Hat Network support at https://rhn.redhat.com/help/contact.pxt. Log in using your Satellite-entitled account to see your full list of options. 6.1.
26 Chapter 6. Troubleshooting vate channel packages known to the RHN Servers. Or visit the RHN Web interface. After subscribing a registered system to the private channel, you can also execute the command up2date -l --showall on the registered system and look for the packages from the private RHN channel. 2. How can I determine whether the clients are connecting to the Squid server? The /var/log/squid/access.log file logs all connections to the Squid server. 3.
Chapter 6. Troubleshooting 27 6.5. Host Not Found/Could Not Determine FQDN Because RHN configuration files rely exclusively on fully qualified domain names (FQDN), it is imperative key applications are able to resolve the name of the RHN Proxy Server into an IP address.
28 Chapter 6. Troubleshooting 6.7. Caching Issues If package delivery fails or an object appears to be corrupt, and it isn’t related to connection errors, you should consider clearing the caches. The RHN Proxy Server has two caches you should be concerned with: one for Squid and the other for authentication. The Squid cache is located in /var/spool/squid/. To clear it, stop the Apache HTTP Server and Squid, delete the contents of that directory, and restart both services.
Chapter 6. Troubleshooting * * * * * * * 29 copying configuration information copying logs querying RPM database (versioning of RHN Proxy, etc.) get diskspace available timestamping creating tarball (may take some time): /tmp/rhn-proxy-debug.tar.bz2 removing temporary debug tree Debug dump created, stored in /tmp/rhn-proxy-debug.tar.bz2 Deliver the generated tarball to your RHN contact or support channel.
30 Chapter 6.
Appendix A. Sample RHN Proxy Server Configuration File The /etc/rhn/rhn.conf configuration file for the RHN Proxy Server provides a means for you to establish key settings. Be warned, however, that errors inserted into this file may cause Proxy failures. Make configuration changes with caution. If you are also using an RHN Satellite Server, you should be particularly concerned with the following parameters: traceback_mail and proxy.rhn_parent.
32 Appendix A.
Index P private channel, 21 A additional requirements, 6 advantages, 2 authentication, 3 authentication caching clearing, 28 C caching issues, 28 channel, 2 creating a private channel, 21 channel administrator, 2 client configuration subscribe to private channel, 22 connection errors, 27 D disk space requirements, 6 G general problems, 26 H hardware requirements, 6 host now found error could not determine FQDN, 27 how it works, 3 HTTP Proxy Caching Server disk space requirements, 6 I installation bas