Novell SUSE Linux Enterprise Point of Service Guide
SUSE Linux Enterprise
www.novell.com11
October02,2009 SUSE Linux Enterprise Point of Service Guide
Point of Service
SUSE Linux Enterprise Point of Service Guide
All content is copyright © 2006- 2009 Novell, Inc.
Legal Notice
This manual is protected under Novell intellectual property rights. By reproducing, duplicating or
distributing this manual you explicitly agree to conform to the terms and conditions of this license
agreement.
This manual may be freely reproduced, duplicated and distributed either as such or as part of a bundled
package in electronic and/or printed format, provided however that the following conditions are fullled:
That this copyright notice and the names of authors and contributors appear clearly and distinctively
on all reproduced, duplicated and distributed copies. That this manual, specically for the printed
format, is reproduced and/or distributed for noncommercial use only. The express authorization of
Novell, Inc must be obtained prior to any other use of any manual or part thereof.
For Novell trademarks, see the Novell Trademark and Service Mark list http://www.novell
.com/company/legal/trademarks/tmlist.html. * Linux is a registered trademark of
Linus Torvalds. All other third party trademarks are the property of their respective owners. A trademark
symbol (®, ™ etc.) denotes a Novell trademark; an asterisk (*) denotes a third party trademark.
All information found in this book has been compiled with utmost attention to detail. However, this
does not guarantee completeaccuracy. Neither Novell, Inc.,SUSE LINUX Products GmbH, the authors,
nor the translators shall be held liable for possible errors or the consequences thereof.
Contents
About This Guide vii
1 Product Overview 1
1.1 Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 System Requirements . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3 Server Types . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.4 Images . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
1.5 SUSE Linux Enterprise Point of Service Deployment . . . . . . . . . . 16
2 SUSE Linux Enterprise Point of Service Installation 21
2.1 Installation During the Initial Installation Process . . . . . . . . . . . . 21
2.2 Installation On Top of an Already Installed System . . . . . . . . . . . 22
3 Basic Conguration 25
3.1 Setting Up the Administration Server . . . . . . . . . . . . . . . . . 25
3.2 Setting Up the Branch Server . . . . . . . . . . . . . . . . . . . . 27
3.3 Adding a Point of Service Terminal . . . . . . . . . . . . . . . . . . 30
4 Setting Up the Administration Server 35
4.1 Administration Server Conguration . . . . . . . . . . . . . . . . . 36
4.2 Initializing the LDAP Directory . . . . . . . . . . . . . . . . . . . 38
4.3 Creating An Ofine Installation Package . . . . . . . . . . . . . . . 40
4.4 Creating Point of Service Images . . . . . . . . . . . . . . . . . . 40
4.5 Copying the Boot Image Files . . . . . . . . . . . . . . . . . . . . 41
4.6 Copying the System Image Files . . . . . . . . . . . . . . . . . . . 43
4.7 What's Next . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
5 Setting Up a Dedicated Image Building Server 47
6 Setting Up a Branch Server 49
6.1 Conditions to Congure a Branch Server . . . . . . . . . . . . . . . 50
6.2 Online Branch Server Conguration . . . . . . . . . . . . . . . . . 51
6.3 Ofine Branch Server Conguration . . . . . . . . . . . . . . . . . 53
6.4 Creating Branch Server Objects in LDAP . . . . . . . . . . . . . . . 55
6.5 Downloading Images from the Administration Server . . . . . . . . . . 64
6.6 Starting the Core Script . . . . . . . . . . . . . . . . . . . . . . 65
7 Deploying Point of Service Terminals 67
7.1 Operating System . . . . . . . . . . . . . . . . . . . . . . . . . 67
7.2 Conditions to Add a Point of Service Terminal . . . . . . . . . . . . . 68
7.3 Creating Point of Service Images . . . . . . . . . . . . . . . . . . 72
7.4 Creating the Required LDAP Objects . . . . . . . . . . . . . . . . . 72
7.5 Distributing Images to Point of Service Terminals . . . . . . . . . . . . 89
7.6 Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
7.7 Point of Service Conguration Files . . . . . . . . . . . . . . . . . 94
7.8 Booting the Point of Service Terminal . . . . . . . . . . . . . . . . 102
8 Securing Your Setup 111
8.1 Physical Server Security . . . . . . . . . . . . . . . . . . . . . . 112
8.2 Network Security . . . . . . . . . . . . . . . . . . . . . . . . 112
8.3 Data Security . . . . . . . . . . . . . . . . . . . . . . . . . . 113
8.4 Application Security . . . . . . . . . . . . . . . . . . . . . . . 115
9 Testing Your SUSE Linux Enterprise Point of Service Environment 117
9.1 Monitoring the Terminal Bootup . . . . . . . . . . . . . . . . . . 117
9.2 Troubleshooting Terminal Bootup Problems . . . . . . . . . . . . . 120
10 The SUSE Linux Enterprise Point of Service LDAP Directory 121
10.1 Logical Structure of the LDAP Directory . . . . . . . . . . . . . . . 122
10.2 Using posAdmin to Manage the LDAP Directory . . . . . . . . . . . 128
10.3 LDAP Objects Reference . . . . . . . . . . . . . . . . . . . . . 136
11 Managing Image Source Files 151
11.1 POSCDTool Command Line Options . . . . . . . . . . . . . . . . . 151
11.2 POSCopyTool Command Line Options . . . . . . . . . . . . . . . . 156
11.3 Managing the Image Source Files . . . . . . . . . . . . . . . . . . 158
12 Building Images with the Image Creator Tool 163
12.1 Creating an Image Based on Template . . . . . . . . . . . . . . . . 165
12.2 Building Network Boot Images . . . . . . . . . . . . . . . . . . . 166
12.3 Building Bootable CD Images with a System Image . . . . . . . . . . 167
12.4 Building Bootable CD Images without a System Image . . . . . . . . . 168
12.5 Building USB Stick Images with a System Image . . . . . . . . . . . . 168
12.6 Adding Installable Documentation in RPM Format . . . . . . . . . . . 169
12.7 Image Conguration Settings . . . . . . . . . . . . . . . . . . . 170
13 Building Images with KIWI 173
13.1 Understanding the KIWI Conguration . . . . . . . . . . . . . . . 174
13.2 Preparing the Image Conguration . . . . . . . . . . . . . . . . . 178
13.3 Creating the KIWI Image . . . . . . . . . . . . . . . . . . . . . 180
13.4 Building Customized SUSE Linux Enterprise Point of Service Images . . . 181
13.5 Deploying KIWI Images . . . . . . . . . . . . . . . . . . . . . . 183
14 Remotely Managing Point of Service Terminals with admind and adminc
185
14.1 admind . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
14.2 adminc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
14.3 posGetIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
14.4 Installing admind on a Point of Service Terminal . . . . . . . . . . . 189
14.5 Installing the admind Client on Administration and Branch Servers . . . 191
15 Backup and Restore 193
15.1 Ofine Physical Backup . . . . . . . . . . . . . . . . . . . . . . 193
15.2 Ofine Logical Backup . . . . . . . . . . . . . . . . . . . . . . 194
15.3 Online Backup . . . . . . . . . . . . . . . . . . . . . . . . . . 194
15.4 Restoring Data . . . . . . . . . . . . . . . . . . . . . . . . . . 195
16 Troubleshooting 197
16.1 Server Infrastructure . . . . . . . . . . . . . . . . . . . . . . . 197
16.2 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
A Changing the Server Language 203
A.1 Changing the Language Selection . . . . . . . . . . . . . . . . . . 203
A.2 Installing a Language RPMs . . . . . . . . . . . . . . . . . . . . 203
B Point of Service Scripts 205
B.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
B.2 Core Script Process . . . . . . . . . . . . . . . . . . . . . . . . 206
B.3 Script Quick Reference . . . . . . . . . . . . . . . . . . . . . . 208
C SUSE Linux Enterprise Point of Service Files and Directory Structure
219
C.1 Administration Server Directory Structure . . . . . . . . . . . . . . 219
C.2 Branch Server Directory Structure . . . . . . . . . . . . . . . . . 223
C.3 KIWI Files and Directory Structure . . . . . . . . . . . . . . . . . 226
About This Guide
This guide contains instructions on how to install, manage and deploy SUSE® Linux
Enterprise Point of Service. Learn which components constitute a SUSE Linux Enterprise
Point of Service environment and how to congure the individual servers and terminals.
The guide is intended mainly for system administrators.
Many chapters in this manual contain links to additional documentation resources.
These include additional documentation that is available on the system, as well as
documentation available on the Internet.
For an overview of the documentation available for your product (and the latest documentation updates), refer to http://www.novell.com/documentation or to
the following section.
1 Available Documentation
We provide HTML and PDF versions of our books in different languages.
Find HTML versions of most product manuals in your installed system under /usr/
share/doc/manual or in the help centers of your desktop. Find the latest documentation updates at http://www.novell.com/documentation where you can
download PDF or HTML versions of the manuals for your product.
For more information on the underlying operating system, refer to the SUSE Linux
Enterprise Server documentation, available from http://www.novell.com/
documentation/sles11/.
For information on securing your applications using AppArmor, refer to the Security
Guide, available from http://www.novell.com/documentation/sles11/.
For an introduction to setting up High Availability environments with SUSE Linux
Enterprise, refer to the High Availability Guide, available from http://www.novell
.com/documentation/sles11/.
2 Feedback
Several feedback channels are available:
• To report bugs for a product component or to submit enhancement requests, please
use https://bugzilla.novell.com/. If you are new to Bugzilla, you
might nd the Bug Writing FAQs helpful, available from the Novell Bugzilla home
page.
• We want to hear your comments and suggestions about this manual and the other
documentation included with this product. Please use the User Comments feature
at the bottom of each page of the online documentation and enter your comments
there.
3 Documentation Conventions
The following typographical conventions are used in this manual:
•
/etc/passwd: directory names and lenames
•
placeholder: replace placeholder with the actual value
•
PATH: the environment variable PATH
•
ls, --help: commands, options, and parameters
•
user: users or groups
•
Alt, Alt + F1: a key to press or a key combination; keys are shown in uppercase as
on a keyboard
•
File, File > Save As: menu items, buttons
•
Dancing Penguins (Chapter Penguins, ↑Another Manual): This is a reference to a
chapter in another manual.
viii SUSE Linux Enterprise Point of Service Guide
Product Overview
SUSE® Linux Enterprise Point of Service is a secure and reliable Linux platform optimized for enterprise retail organizations. Built on the solid foundation of SUSE® Linux
Enterprise, it is the only enterprise-class Linux operating system tailored specically
for retail Point of Service terminals, kiosks, self-service systems, and reverse-vending
systems.
This section provides an architectural overview of the SUSE Linux Enterprise Point of
Service product, along with an overview of server types, images, and the deployment
process.
1.1 Architecture
The SUSE Linux Enterprise Point of Service architecture consists of one centralized
Administration Server, one or more Branch Servers, and Point of Service terminals.
These can be standard PCs running retail check-out applications or specialized pointof-sale machines such as cash registers and customer kiosks (see Figure 1.1, “SUSE
Linux Enterprise Point of Service System Architecture” (page 2)). Find a list of system
requirements for the individual components in Section 1.2, “System Requirements”
(page 3) and an overview of the different server types and their functions in Section 1.3,
“Server Types” (page 5).
1
Product Overview 1
Figure 1.1
All system information (system structure, image information, the conguration and
deployment method for each Branch Server and Point of Service terminal, etc.) is stored
in an LDAP database on the Administration Server (which may be replicated onBranch
Servers). The Administration Server usually also holds the master repository for the
images required to boot and congure Point of Service terminals and provides the
utilities required to build those images.
SUSE Linux Enterprise Point of Service System Architecture
NOTE: Creating a Dedicated Image Building Server
However, if you have a large system and want to ofoad the image building
function from the Administration Server, you can also set up a dedicated Image
Building Server. For more information, see Chapter 4, Setting Up the Adminis-
tration Server (page 35) or Chapter 5, Setting Up a Dedicated Image Building
Server (page 47).
Triggered by the possyncimages.pl script (see Section B.3.9, “possyncimages.pl”
(page 217), each Branch Server downloads the system information and images required
for its local Point of Service terminals from the Administration Server. The Point of
Service terminals, in turn, download their respective images from the Branch Server
when they boot.
2 SUSE Linux Enterprise Point of Service Guide
WARNING: Protecting the Branch Servers
Because Branch Servers contain sensitive information, they must be secured
against unauthorized access. Close unused ports and allow only the root user
to have access to the server console. Refer to Chapter 8, Securing Your Setup
(page 111) for more details on how to protect your SUSE Linux Enterprise Point
of Service setup.
SUSE Linux Enterprise Point of Service is broadly scalable so that a small shop with
ve Point of Service terminals can be managed just as well as a large chain with a
thousand branches. For organizations with several Branch Servers, the link between
the branch and administrative servers is maintained over WAN. During execution of
administrative tasks, such as the installation of new Point of Service terminals in a
branch, steps must be taken to ensure that the WAN link to the Administration Server
is available.
The SUSE Linux Enterprise Point of Service architecture is highly centralized. However,
administrative tasks can also be performed on subunits for role-based administration.
The Branch Server provides all the services necessary for the operation and management
of the Point of Service terminals and the LDAP database can be replicated on the Branch
Server. Consequently, the Branch Server and Point of Service terminals can function
independently of the Administration Server in the event of server failure or downed
connection.
1.2 System Requirements
This section provides a list of minimal hardware requirements for SUSE Linux Enterprise
Point of Service 11.
1.2.1 Administration Server
The following list identies the system requirements for an Administration Server:
• One server with an x86 or x86-64 processor
• A minimum of 4 GB hard disk space; recommended 15 GB
Product Overview 3
The required space depends on the size of your images.
• A minimum of 512 MB RAM; recommended 512 MB - 3 GB (at least 512 MB per
CPU)
• One network card
1.2.2 Image Building Server
The following list identies the system requirements for a dedicated image building
server:
• One server with an x86 or x86-64 processor
• A minimum of 4 GB hard disk space; recommended 25 GB
The required space is dependent on the size of your images.
• A minimum of 512 MB RAM; recommended 512 MB - 3 GB (at least 512 MB per
CPU)
• One network card
1.2.3 Branch Server
The following list identies the system requirements for a Branch Server:
• One server with an x86 or x86-64 processor
• A minimum of 4 GB hard disk space; recommended 10 GB
The required space is dependent on the size of the images you distribute to your
Point of Service terminals.
• A minimum of 512 MB RAM; recommended 512 MB - 3 GB (at least 512 MB per
CPU)
• At least two network cards per server:
• One network card for the Administration Server's public network
4 SUSE Linux Enterprise Point of Service Guide
• One network card for the Branch Server's private network
1.2.4 Administration/Branch Server
Combination
The following list identies the system requirements for an Administration/Branch
Server combination:
• One server with an x86 or x86-64 processor
• A minimum of 4 GB hard disk space; recommended 25 GB
The required space is dependent on the size of your images.
• A minimum of 512 MB RAM; recommended 512 MB - 3 GB (at least 512 MB per
CPU)
• One network card
1.3 Server Types
SUSE® Linux Enterprise Point of Service is based upon SUSE Linux Enterprise and
is installed as an add-on product. After installation and setup, your SUSE Linux Enterprise Point of Service system includes one centralized Administration Server, one or
more Branch Servers, and Point of Service terminals. This section focuses on the server
types used in SUSE Linux Enterprise Point of Service and gives an overview of the
tasks they run and the services they provide.
1.3.1 Administration Server
The Administration Server is the central administration point for SUSE® Linux Enterprise Point of Service. It is usually located in the main ofce and is used to manage the
Point of Service infrastructure, to host the LDAP database and to create images to send
to the Branch Servers. Whereas the LDAP server running on the Administration Server
stores the conguration of the Point of Service clients, the conguration of new Point
Product Overview 5
of Service terminals (and which images to deploy to the Point of Service terminal)
needs to be accepted in a YaST module.
The Administration Server provides the following functions:
• Maintains the master LDAP directory for the Branch Server systems. For more information on the LDAP directory, see Chapter 10, The SUSE Linux Enterprise
Point of Service LDAP Directory (page 121).
• Unless your SUSE Linux Enterprise Point of Service system includes a dedicated
Image Building Server, the Administration Server usually provides the tools to
create and customize system images and stores the system images for distribution
to the Branch Servers and Point of Service terminals. For more information, see
Chapter 12, Building Images with the Image Creator Tool (page 163) and Chapter 13,
Building Images with KIWI (page 173).
• Stores the conguration parameters for the Branch Servers.
• Provides an RSYNC server to distribute the system images and software updates
to the Branch Server systems.
• Supports NTP time synchronization for the Branch Servers.
• Consolidates the syslog output from the Branch Servers (optional).
For information on installing and conguring the Administration Server, see Chapter 4,
Setting Up the Administration Server (page 35). Find out more about the Administration
Server structure and functions in the following sections.
Services
The Administration Server provides two important services in your SUSE Linux Enterprise Point of Service system:
• LDAP is the protocol for accessing the SUSE Linux Enterprise Point of Service
directory, which stores all system information.
• RSYNC is a remote data synchronization service that is used to transfer images
from the Administration Server to the Branch Servers.
6 SUSE Linux Enterprise Point of Service Guide
In order to provide services of the Administration Server, the rewall running on the
Administration Server needs to allow trafc on the ldap or ldaps ports (389 TCP/UDP
and 636 TCP/UDP, respectively) and the rsync port ((TCP/UDP 873). For more information, refer to Section 4.2, “Initializing the LDAP Directory” (page 38).
1.3.2 Branch Server
The Branch Server provides the network boot and system management infrastructure
for the Point of Service terminals. It can also serve as a generic system platform for instore applications such as database systems and back-ends for Point of Service applications.
In your system, the Branch Server provides the following functions:
• Runs DNS services for the local network.
• May run DHCP to control the network boot process. Conversely, instead of setting
up the DHCP service on the Branch Server, an external DHCP server can be used.
For more information, refer to the list of attributes for scLocation elements in
Section 10.3.8, “scLocation” (page 142).
• Provides a multicast boot infrastructure for Point of Service terminals.
• Transfers system images from the Administration Server to the Point of Service
terminals.
The Branch Server uses a software distribution mechanism based on RSYNC to
pull new system images from the Administration Server. It then uses TFTP to
download system images and conguration les to the Point of Service terminals.
• Manages diskless and disk-based Point of Service terminals. Conguration data is
taken from the LDAP directory on the Administration Server.
• Provides system redundancy and failover. A pair of Branch Servers can be congured as a two-node high availability cluster with replicated data.
• Supports NTP for time synchronization from the Administration Server.
• Supports SNMP. Standard MIB2 monitoring is set up with net-snmp (optional).
Product Overview 7
• Logs syslog output from the Point of Service terminals (optional).
For information on installing and conguring the Branch Server, see Chapter 6, Setting
Up a Branch Server (page 49). Find out more about the Branch Server structure and
functions in the following sections.
LDAP Branch Server Object
Each Branch Server has a corresponding Branch Server object (scBranchServer)
in the LDAP directory. This object stores conguration information that is specic to
each Branch Server.
For more information on the scBranchServer object, see Chapter 10, The SUSE
Linux Enterprise Point of Service LDAP Directory (page 121).
LDAP Access
To complete its initial conguration and perform basic functions (such as registering
Point of Service terminals and downloading system images and conguration les),
the Branch Server must have administrator level access to the LDAP directory. This
admin account and password are created by the posInitAdminserver.sh script
during the initial conguration of the Administration Server. Once created, this account
is not accessible in the LDAP tree.
LDAP communications can be secured with SSL. When you run the
posInitAdminserver.sh script, you can enable or disable SSL communication.
Note that the rewall running on the Administration Server must allow trafc on the
ldap and ldaps ports, 389 TCP/UDP and 636 TCP/UDP, respectively. For more information, refer to Section 4.2, “Initializing the LDAP Directory” (page 38).
Administrative Tasks
Other than emergency handling, no system administration is necessary on the Branch
Server. All administrative tasks are controlled from the central Administration Server
or are regularly executed by daemons running on the Branch Server. For emergencies
and debugging, all administrative functions can be triggered locally or via SSH login
by calling scripts with few or no command line parameters.
8 SUSE Linux Enterprise Point of Service Guide
If you need to update the Point of Service images stored on the Branch Server, you can
run possyncimages.pl to manually trigger the RSYNC update process and
download new image les from the Administration Server. For more information, see
Section B.3.9, “possyncimages.pl” (page 217).
Similarly, if you need to update the Point of Service hardware conguration information
stored on the Branch Server, run either posldap2crconfig.pl --dumpall or
posAdmin --updateconfig. These commands regenerate the hardware conguration and config.MAC les for all Point of Service terminals found in LDAP.
For more information on the posldap2crconfig.pl script, see Section B.3.4,
“posldap2crcong.pl” (page 212).
Services
In SUSE Linux Enterprise Point of Service, Branch Servers provide the services listed
in Table 1.1, “Branch Server Services” (page 9).
Table 1.1
DNS
DHCP
NTP
TFTP
Branch Server Services
DescriptionService
Every Branch Server runs a DNS master for that branch. The
posldap2dns script generates the zone les for the BIND name server
from the data in the LDAP directory and then reloads the zone les
on each Branch Server.
A DHCP server can be installed on the Branch Server. The
posldap2dhcp script generates the dhcpd.conf le from branch
data in the LDAP directory.
The NTP service for the Branch Servers synchronizes with the Administration Server NTP, which must be congured to get the time from
a reliable source.
The TFTP service on the Branch Server is structured with boot, image,
Point of Service, and upload directories. There is a PXE default conguration with which all the Point of Service terminals rst load the
Product Overview 9
DescriptionService
same initial initrd and the same kernel. For more information, see
Section “TFTP Server Directory Structure” (page 10).
If there is an error with a TFTP action, the service waits 60 seconds,
then restarts.
Syslog
The Branch Server can dene syslog logging services for Point of
Service terminals. This service must be manually dened; the con-
guration information is stored in the /etc/syslog-ng.conf le,
not in LDAP.
High Availability Conguration
For high availability, Branch Servers can be congured in two-node pairs. The primary
node runs all of the scripts and services required to download Branch Server conguration information, synchronize time, and download system images from the Administration Server. The secondary node stays synchronized with the primary, ready to take
over and run the scripts and services if the primary fails.
For information on installing a high availability environment, refer to the general High
AvailabilityGuide, available from http://www.novell.com/documentation/
sles11/.
TFTP Server Directory Structure
SUSE Linux Enterprise Point of Service uses /srv/tftpboot as the tftp_root
path for the TFTP server on the Branch Server. Table 1.2, “TFTP Directory Structure
on the Branch Server” (page 11) outlines the main areas into which the directory
structure is divided under the TFTP root directory.
10 SUSE Linux Enterprise Point of Service Guide
Table 1.2
TFTP Directory Structure on the Branch Server
ContentsDirectory
/tftpboot/CR/
/tftpboot/
CR/MAC/
/tftpboot/
boot/
/tftpboot/
image/
/tftpboot/
upload/
Contains config.MAC image conguration les for every
registered Point of Service terminal on the current Branch
Server.
Contains system conguration les, such as xorg.conf, for
the individual Point of Service terminals.
Contains the following boot images and conguration les
for Point of Service terminals: initrd.gz, linux, the PXE
loader (pxelinux.0), and the PXE conguration folder
(pxelinux.cfg).
Contains system image les and their checksums.
Serves as the destination directory to upload hwtype.MAC
les for newly registered Point of Service terminals. These
les are used to create the Point of Service terminal's workstation object in LDAP.
This directory also stores the bootversion.MAC les that
the posleases2ldap daemon uses to provide image install notication. When an image is successfully installed on a Point
of Service terminal, the linuxrc script creates a bootversion
.MAC le in the /tftpboot/upload directory on the
Branch Server. posleases2ldap then transfers the information
to the scNotifiedimage attribute in the
scWorkstation object in LDAP and deletes the
bootversion.MAC le.
An example of a Branch Server TFTP structure is shown below:
/tftpboot/CR
00:02:55:E8:FA:C9 config.00:02:55:E8:FA:C9
00:03:56:01:D5:5F config.00:03:56:01:D5:5F
Product Overview 11
00:09:6B:3B:01:07 config.00:09:6B:3B:01:07
00:02:55:23:F3:93 config.00:02:55:23:F3:93
/tftpboot/CR/00:02:55:E8:FA:C9
XF86Config
/tftpboot/CR/00:03:56:01:D5:5F
XF86Config
/tftpboot/CR/00:09:6B:3B:01:07
/tftpboot/boot
initrd.gz
linux
pxelinux.0
pxelinux.cfg
/tftpboot/boot/pxelinux.cfg
default
/tftpboot/image
minimal-2.0.4 minimal-2.0.4.md5
graphical-2.0.4 graphical-2.0.4.md5
/tftpboot/upload
hwtype.00:02:55:E8:FA:C9
NOTE: Deletion of Point of Service Control File
The Point of Service control le hwtype.00:02:55:E8:FA:C9 is deleted
after successful registration in LDAP. For more information, see Section 7.7.3,
“The hwtype.MAC File” (page 100).
1.3.3 Special Server Types
Apart from the default implementation shown in Figure 1.1, “SUSE Linux Enterprise
Point of Service System Architecture” (page 2), SUSE Linux Enterprise Point of
Service allows for a variety of different setups to match your individual requirements.
You can create special types of servers, like a dedicated Image Building Server taking
load from the Administration Server, or implement POSBranch Servers instead of fullyedged Branch Servers as described in the following sections.
12 SUSE Linux Enterprise Point of Service Guide
Image Building Server
If your system needs to manage a large number of Point of Service images, you can
outsource the image building task to a dedicated Image Building Server. This ofoads
the processor and memory load required to generate images from the Administration
Server, and protects the Administration Server and LDAP directory from any possible
corruption or user errors that might occur while building Point of Service images.
For information on installing and conguring the Image Building Server, see Chapter 5,
Setting Up a Dedicated Image Building Server (page 47).
POSBranch Server
For small stores where the Branch Server runs only the Point of Service infrastructure,
the Branch Server can be deployed as a control terminal running on Point of Service
hardware. This POSBranch Server conguration is designed for systems that do not
run Point of Service applications. However, if the terminal has sufcient memory and
disk space, it can run some applications, if required.
In the NLPOS9, the POSBranch Server installation required a special POSBranch image.
There is no need for such a specialized POSBranch image any more. Branch servers
on Point of Service hardware can be installed as a standard Branch Server, by installing
SUSE Linux Enterprise Server 11 and the SUSE Linux Enterprise Point of Service 11
add-on directly on a Point of Service Machine.
NOTE: Access Rights
This implementation of the POSBranch Server allows the Point of Service applications to run under a non-root account.
1.4 Images
SUSE Linux Enterprise Point of Service is designed to automate the rollout of Point of
Service terminals as much as possible. To assist this automation, the product makes
extensive use of image building technology. For each type of terminal, whether it is a
non-graphical system or a graphical environment, you can create customized images
to be downloaded automatically from the Branch Server when the terminal boots.
Product Overview 13
1.4.1 Types of Images
To help get you started, SUSE Linux Enterprise Point of Service comes with a set of
pre-built image les that you can customize to set up your own system. Every Point of
Service terminal requires two images: a boot image and a system image. You can also
create your own images using Image Creator or KIWI. For more information, refer to
Chapter 12, Building Images with the Image Creator Tool (page 163) and Chapter 13,
Building Images with KIWI (page 173).
The boot images contain the kernel and a bootstrap image (initrd), providing the
minimum your Point of Service terminals need to initially start up from a bootable CD
or USB stick, or from the network (via remote boot technology). The following boot
images templates are available for SUSE Linux Enterprise Point of Service 10:
isoboot
This boot image template creates all the les and directories required to boot
diskless and preinstalled disk-equipped systems from CD. This boot image must
be combined with a system image to create a CD that can be used to boot the Point
of Service terminal.
usbboot
This boot image template creates all the les and directories required to boot
diskless and pre-installed disk-equipped systems from a USB stick.
netboot
This boot image template creates all the les and directories (including partitioning
and boot loader installation) required to boot diskful and diskless terminals from
the network over Preboot Execution Environment (PXE) and DHCP. The kernel
and the initrd are stored at the Branch Servers and they are downloaded to the
terminals using TFTP.
The following system image templates are specially designed for the most common
types of retail Point of Service terminals:
Minimal
The Minimal image contains only the runtime environment for native-code applications (C and C++) and the ncurses library for non-graphical user interface support.
The Minimal image supports only console-based applications.
14 SUSE Linux Enterprise Point of Service Guide
Maximum image size: 128 MB (compressed), minimum size of RAM required to
boot the image: 64 MB
Graphical
The Graphical image includes the features of the Minimal image and essential
graphical interface capabilities (the X Window System and a lightweight Window
Manager), as well as the ability to run Java programs. It supports console-based
C/C++ applications, Java programs in a Java2 runtime environment, X11 applications, and basic browser-based applications.
Maximum size: 120 MB (compressed), minimum size of RAM required to boot
the image: 256 MB
All system images are based on SUSE Linux Enterprise Server. You can extend Point
of Service system images to include add-on features such as:
• Advanced Linux Sound Architecture (ALSA) library for audio support
• additional device drivers
• GNOME or KDE desktop environments
• IBM™ Java technology support
• Firefox and other Web browsers
• Samba 3 Client for SMB/CIFS connectivity to Microsoft™ Windows™ servers
• VNC 4 Remote Control Client to allow other computers to remotely control the
terminal
System images that you create are initially stored on the Administration Server (or on
the Image Building Server, if you have chosen to set up a dedicated Image Building
Server). Before you deploy your Point of Service terminals, you run a script to transmit
the system images via the RSYNC to specic directories on the Branch Server where,
in turn, they can be downloaded to Point of Service terminals at boot time.
When a Point of Service terminal is started for the rst time, it performs a PXE boot
(or boots from CD or USB stick) and then registers with the Branch Server to obtain
the information it needs to download its system image. The TFTP service on the Branch
Server automatically delivers the matching system image to the Point of Service terminal.
Product Overview 15
To make this work as designed, you must create reference objects in the LDAP directory
for the types of Point of Service terminals you intend to deploy in your system. For
detailed information, refer to Section 7.4, “Creating the Required LDAP Objects”
(page 72). Taking the time to correctly create and congure these objects on install of
the Branch Servers saves you from separately managing the startup of each Point of
Service terminal.
1.4.2 KIWI and Image Creator
To create the images for the Point of Service terminals, SUSE Linux Enterprise Point
of Service includes both a command line tool (KIWI) and a graphical front-end for
KIWI: Image Creator. Install the image building tools by selecting the SLEPOS Image
Server and the SLEPOS Images software patterns in YaST.
When you build images for the Point of Service terminals, all the information required
to run a Point of Service terminal—the Linux operating system, drivers, conguration
settings, application les, and so forth—can be compiled into a single image le. This
le can then be electronically distributed to Point of Service terminals over the network.
Additionally, you can generate an ISO version of the image le that can be burned to
a CD or copied to a USB stick for manual distribution.
For detailed information on KIWI and Image Creator, refer to Chapter 13, Building
Images with KIWI (page 173) and Chapter 12, Building Images with the Image Creator
Tool (page 163).
1.5 SUSE Linux Enterprise Point of Service Deployment
SUSE Linux Enterprise Point of Service requires the following components for a
functional system:
• Administration Server
• Image Building Server
• Branch Servers
16 SUSE Linux Enterprise Point of Service Guide
• Point of Service terminals
The way in which these components are deployed depends on your system requirements.
For example, systems that maintain hundreds of system images might require a dedicated
Image Building Server, whereas smaller systems can have the image building utilities
installed on the Administration Server. Similarly, some customers might install the
Administration and Branch Servers on a single box, while others deploy the Branch
Server on a Point of Service terminal.
The exibility of the architecture provides broad saleability so that in large environments
components can be distributed to improve system performance, while in smaller environments components can be consolidated to maximize the use of system resources.
1.5.1 Design Guidelines for Large
Environments
Every retail environment is different in terms of network speed, server hardware, Point
of Service terminal hardware, size of images, frequency of updates, etc. This section
presents some design guidelines for large environments.
The recommended maximum number of Point of Service terminals being serviced by
a single Branch Server is 100. You can adjust this number up or down depending on
how frequently the Point of Service terminals are reimaged and whether you can control
when the terminals come online.
NOTE: Time for Booting
For every 100 terminals coming online at the same time, it can take up to 10
minutes for the terminals to download larger graphical images. If the terminals
are simply booting from an existing image, it can take 2-3 minutes per 100
terminals.
1.5.2 Installation and Setup
The following summary outlines the general steps required to deploy a SUSE Linux
Enterprise Point of Service system. It also identies the conguration options for each
system component and notes where you can go to nd detailed instructions.
Product Overview 17
Install the Administration Server using one of the following congurations:
1
• Install an Administration Server that includes the image building utilities
(KIWI and Image Creator) and all the les and directories required to create
Point of Service images. For detailed instructions, see Chapter 4, Setting Up
the Administration Server (page 35).
• Install an Administration Server and a dedicated Image Building Server. For
detailed instructions, see Chapter 5, Setting Up a Dedicated Image Building
Server (page 47).
• Install an Admin/Branch Server combination.
Create the LDAP directory on your Administration Server. For detailed instruc-
2
tions, see Section 4.2, “Initializing the LDAP Directory” (page 38).
Create the Point of Service images required to deploy your Point of Service ter-
3
minals.
Copy the image les you have created to the appropriate directories on the Ad-
4
ministration Server so they will be ready for the Branch Servers to download.
IMPORTANT: Location of the System Images
System images must be located in /srv/SLEPOS/image/ and boot
images must be located in /srv/SLEPOS/boot/ on the Administration
Server before the rsync can transmit the images to the Branch Server.
Create the required LDAP objects for each Branch Server and its Point of Service
5
terminals in the LDAP tree. For detailed instructions, see Section 6.4, “Creating
Branch Server Objects in LDAP” (page 55).
Install the Branch Servers using one of the following congurations:
6
NOTE: Conguring Admin/Branch Server Combinations
If you install an Admin/Branch Server combination, this step is already
completed.
18 SUSE Linux Enterprise Point of Service Guide
• Install a standard Branch Server. For detailed instructions, see Chapter 6,
Setting Up a Branch Server (page 49).
• Install a high availability Branch Server cluster of two nodes in an active/passive setup. For general information on how to set up a high availability envi-
ronment, refer to the High Availability Guide, available from http://www
.novell.com/documentation/sles11/.
• For stores where the Branch Server is only running the Point of Service infrastructure (i.e. the Branch Server is running no additional applications),
the Branch Server can be installed as a control terminal running on Point of
Service hardware.
After a Branch Server is installed, you must complete the following steps to ini-
7
tialize the Branch Server, before attempting to boot its Point of Service terminals:
7a
Run the posInitBranchserver.sh script to initialize and congure
the Branch Server.
7b
Run possyncimages.pl to download the Point of Service images from
the Administration Server to the /srv/tftpboot directories on the Branch
Server. For detailed instructions, see Section 6.5, “Downloading Images
from the Administration Server” (page 64).
7c
Start the core script (posleases2ldap) as a daemon process on the Branch
Server. This script controls all other scripts. For more information, see Section 6.6, “Starting the Core Script” (page 65).
Deploy the Point of Service terminals, following the general instructions in
8
Chapter 7, Deploying Point of Service Terminals (page 67).
Depending on your network conguration and terminal hardware, you must
prepare the Point of Service terminals to boot using one of the following procedures:
• If the Point of Service terminals have access to the network, the terminals
can PXE boot and download their image les from the Branch Server. This
method is typically used for workstations that aren't equipped with a hard
Product Overview 19
disk. For more information on this process, see Section 7.8.1, “Network PXE
Boot” (page 103).
• If the Point of Service terminals do not have access to the network, create
an isoboot or a usbboot image and deploy the image at the terminal. This
method can be used for workstations that either are or aren't equipped with
a hard disk, and have a CD drive or a USB port. For information on the isoboot process, see Section 7.8.2, “Booting from CD (isoboot)” (page 108) .
• If a Point of Service terminal cannot boot from the network or from a CD,
it attempts to boot from the hard drive. For more information, see Section 7.8,
“Booting the Point of Service Terminal” (page 102).
Test your SUSE Linux Enterprise Point of Service installation to ensure that it
9
is functioning correctly. For detailed instructions, see Chapter 9, Testing Your
SUSE Linux Enterprise Point of Service Environment (page 117).
20 SUSE Linux Enterprise Point of Service Guide
SUSE Linux Enterprise Point of Service Installation
SUSE Linux Enterprise Point of Service is distributed as an add-on product for SUSE
Linux Enterprise Server 11 system. To install SUSE Linux Enterprise Point of Service
11 server, install the SUSE Linux Enterprise Server 11 base system rst. You can
choose to install the SUSE Linux Enterprise Point of Service add-on together with your
base system during the initial installation process, or you can install the SUSE Linux
Enterprise Point of Service add-on on top of an already-installed base system at any
later time.
2.1 Installation During the Initial Installation Process
To install SUSE Linux Enterprise Point of Service add-on together with your base
system during the initial installation process, follow these steps:
Start SUSE Linux Enterprise Server 11 installation as usual. For more information,
1
see the SUSE Linux Enterprise Server documentation.
To include the SUSE Linux Enterprise Point of Service add-on product, check
2
the Include Add-On Products from Separate Media option in the Installation
Mode dialog in the System Analysis step and click Next.
2
Click Add and, if you are installing SUSE Linux EnterprisePoint of Service from
3
a CD medium, select CD as the source type. If you are installing from a different
source, such as NFS or HTTP, choose the appropriate source type. Click Next.
SUSE Linux Enterprise Point of Service Installation 21
If you are installing from CD, insert the SUSE Linux Enterprise Point of Service
4
add-on product CD. If you are installing from a different source, provide the
necessary source. Click Continue.
Conrm the SUSE Linux Enterprise Point of Service license agreement and click
5
Next.
The SUSE Linux Enterprise Point of Service add-on product is displayed in the
6
overview. Click Next and continue with the installation as usual.
In the Software Selection and System Tasks dialog, select the SUSE Linux Enter-
7
prise Point of Service patterns appropriate for the type of server you are installing.
For Administration Server, select the SLEPOS Admin Server pattern. For Image
Building Server, select the SLEPOS Image Server and SLEPOS Image Descrip-
tions patterns. For Branch Server, select the SLEPOS Branch Server pattern. You
can combine the patterns to install a server with multiple functions (for example
an Administration Server with image building capabilities).
Continue with installation as usual. Make sure to uncheck the Clone This System
8
for AutoYaST option before clicking Finish at the end of the installation procedure.
WARNING: Cloning the System for AutoYaST Must Be Disabled
When installing SUSE Linux Enterprise Point of Service, cloning the system
for AutoYaST at the end of the installation procedure must be disabled.
2.2 Installation On Top of an Already Installed System
To install SUSE Linux Enterprise Point of Service on top of an already installed base
system, follow these steps:
Start YaST and select Software > Add-On Products > Add.
1
Select media type to be used for installation. If you are installing SUSE Linux
2
Enterprise Point of Service from a CD medium, select CD as the source type. If
you are installing from a different source, such as NFS or HTTP, choose the appropriate source type. Click Next.
22 SUSE Linux Enterprise Point of Service Guide
Loading...