Redhat NETWORK SATELLITE SERVER User Manual

RHN Satellite Server 3.6

Installation Guide

RHN Satellite Server 3.6: Installation Guide

RHNsatellite(EN)-3.6-RHI (2004-12-07T20:06)

Red Hat, Red Hat Network, the Red Hat "ShadowMan" logo, RPM, Maximum RPM, the RPM logo, Linux Library,

PowerTools, Linux Undercover, RHmember, RHmember More, Rough Cuts, Rawhide and all Red Hat-basedtrademarks and

logos are trademarks or registered trademarks of Red Hat, Inc. in the United States and other countries.

Linux is a registered trademark of Linus Torvalds.

All other trademarks and copyrights referred to are the property of their respectiveowners.

Table of Contents

1. Introduction.....................................................................................................................................1

1.1. Red Hat Network ............................................................................................................... 1

1.2. RHN Satellite Server.......................................................................................................... 1

1.3. Terms to Understand .......................................................................................................... 2

1.4. How it Works ..................................................................................................................... 2

1.5. Summary of Steps..............................................................................................................4

2. Requirements................................................................................................................................... 7

2.1. Software Requirements...................................................................................................... 7

2.2. Hardware Requirements.....................................................................................................8

2.3. Database Requirements...................................................................................................... 9

2.4. Additional Requirements ................................................................................................. 10

3. Example Topologies ......................................................................................................................13

3.1. Single Satellite Topology................................................................................................. 13

3.2. Multiple Satellite Horizontally Tiered Topology............................................................. 13

3.3. Satellite-Proxy Vertically Tiered Topology .....................................................................14

4. Installation..................................................................................................................................... 15

4.1. Base Install.......................................................................................................................15

4.2. RHN Satellite Server Installation Program .................................................................15

4.3. Sendmail Conﬁguration ...................................................................................................26

5. Entitlements...................................................................................................................................29

5.1. Receiving the Certiﬁcate..................................................................................................29

5.2. Uploading the RHN Entitlement Certiﬁcate ....................................................................29

5.3. Managing the RHN Certiﬁcate with RHN Satellite Activate ........................................ 30

5.3.1. Command Line Entitlement Options ................................................................ 30

5.3.2. Activating the Satellite...................................................................................... 30

6. Importing and Synchronizing...................................................................................................... 33

6.1. RHN Satellite Synchronization Tool ............................................................................ 33

6.1.1. Import/Sync Steps .............................................................................................33

6.1.2. Import/Sync Options ......................................................................................... 33

6.1.3. Import/Sync Cache Refresh .............................................................................. 35

6.2. Importing..........................................................................................................................35

6.2.1. Prerequisites. ..................................................................................................... 36

6.2.2. Preparing for Import .........................................................................................36

6.2.3. Running the Import ........................................................................................... 37

6.3. Synchronizing ..................................................................................................................38

6.3.1. Synchronizing Errata and Packages Directly via RHN ....................................38

6.3.2. Synchronizing Errata and Packages via Local Media.......................................39

7. Troubleshooting............................................................................................................................. 41

7.1. Log Files .......................................................................................................................... 41

7.2. General Problems............................................................................................................. 41

7.3. Host Not Found/Could Not Determine FQDN ................................................................ 42

7.4. Connection Errors ............................................................................................................43

7.5. Caching Issues ................................................................................................................. 44

7.6. Satellite Debugging by Red Hat ......................................................................................44

8. Maintenance ..................................................................................................................................45

8.1. Managing the Satellite Service ........................................................................................45

8.2. Updating the Satellite. ...................................................................................................... 45

8.3. Backing Up the Satellite ..................................................................................................46

8.4. Using RHN DB Control .................................................................................................46

8.4.1. DB Control Options ..........................................................................................46

8.4.2. Backing up the Database................................................................................... 47

8.4.3. Verifying the Backup ........................................................................................48

8.4.4. Restoring the Database .....................................................................................48

8.5. Cloning the Satellite with Embedded DB ........................................................................ 48

8.6. Establishing Redundant Satellites with Stand-Alone DB................................................ 49

8.7. Conducting Satellite-Speciﬁc Tasks ................................................................................50

8.7.1. Using the Tools menu ....................................................................................... 50

8.7.2. Deleting Users...................................................................................................51

8.8. Automating Synchronization ...........................................................................................52

8.9. Implementing PAM Authentication. ................................................................................53

8.10. Enabling Push to Clients ................................................................................................54

A. Sample RHN Satellite Server Conﬁguration File...................................................................... 55

Index...................................................................................................................................................57

Chapter 1.

Introduction

RHN Satellite Server provides a solution to organizations requiring absolute control over and privacy of the maintenance and package deployment of their servers. It allows Red Hat Network customers the greatest exibility and power in keeping servers secure and updated.

Two types of RHN Satellite Server are available: One with a stand-alone database on a separate machine and one with an embedded database installed on the same machine as the Satellite. This guide describes the installation of both types of Satellite.

Although the two types of RHN Satellite Server are functionally similar, some differences do exist. These variations are primarily isolated to hardware requirements, installation steps, and maintenance activities, but may also crop up during troubleshooting. This guide identiﬁes distinctions between the Satellite types by marking the differing instructions as either Embedded Database or Stand-Alone Database.

1.1. Red Hat Network

Red Hat Network (RHN) is the environment for system-level support and management of Red Hat systems and networks of systems. Red Hat Network brings together the tools, services, and information repositories needed to maximize the reliability, security, and performance of their systems. To use RHN, system administrators register the software and hardware proﬁles, known as System Proﬁles, of their client systems with Red Hat Network. When a client system requests package updates, only the applicable packages for the client are returned (based upon the software proﬁle stored on the RHN Servers).

Advantages of using Red Hat Network include:

• Scalability — with Red Hat Network, a single system administrator can set up and maintain hun-

dreds or thousands of Red Hat systems more easily, accurately, and quickly than that same administrator could maintain a single system without Red Hat Network.

• Standard Protocols — standard protocols are used to maintain security and increase capability. For

example, XML-RPC gives Red Hat Network the ability to do much more than merely download ﬁles.

• Security — all communication between registered systems and Red Hat Network takes place over

secure Internet connections.

• View Errata Alerts — easily view Errata Alerts for all your client systems through one website.

• Scheduled Actions — use the website to schedule actions, including Errata Updates, package in-

stalls, and software proﬁle updates.

• Simpliﬁcation — maintaining Red Hat systems becomes a simple, automated process.

1.2. RHN Satellite Server

RHN Satellite Server allows organizations to utilize the beneﬁts of Red Hat Network without having to provide public Internet access to their servers or other client systems. System Proﬁles are stored locally. The Red Hat Network website is served from a local Web server and is not accessible from the Internet. All package management tasks, including Errata Updates, are performed through the local area network.

Advantages of using RHN Satellite Server include:

2 Chapter 1. Introduction

• Security — an end-to-end secure connection is maintained from the client systems to the RHN

Satellite Server without connecting to the public Internet.

• Efﬁciency — packages are delivered signiﬁcantly faster over a local area network.

• Control — clients’ System Proﬁles are stored on the local RHN Satellite Server, not on the central

Red Hat Network Servers.

• Customized updates — create a truly automated package delivery system for custom software pack-

ages required by client systems, as well as ofﬁcial Red Hat packages. Custom channels allow ﬁnegrained control of the delivery of custom packages.

• Access control — system administrators can be restricted to access only those systems within their

maintenance responsibilities.

• Bandwidth management — the bandwidth used for transactions between the clients and the RHN

Satellite Server is controlled by the organization on the local area network; RHN Satellite Server clients do not have to compete with other clients accessing the central Red Hat Network ﬁle servers.

• Scalability — RHN Satellite Server may oversee an entire organization’s servers in combination

with RHN Proxy Server.

1.3. Terms to Understand

Before understanding RHN Satellite Server, it is important to become familiar with the following Red Hat Network terms:

• Channel — A channel is a list of software packages. There are two types of channels: base channels

and child channels. A base channel consists of a list of packages based on a speciﬁc architecture and Red Hat release. A child channel is a channel associated with a base channel but contains extra packages.

• Organization Administrator — An Organization Administrator is a user role with the highest level

of control over an organization’s Red Hat Network account. Members of this role can add other users, systems, and system groups to the organization as well as remove them. A Red Hat Network organization must have at least one Organization Administrator.

• Channel Administrator — A Channel Administrator is a user role with full access to channel man-

agement capabilities. Users with this role are capable of creating channels, assigning packages to channels, cloning channels, and deleting channels. This role can be assigned by an Organization Administrator through the Users tab of the RHN website.

• Red Hat Update Agent — The Red Hat Update Agent is the Red Hat Network client application

(up2date) that allows users to retrieve and install new or updated packages for the client system on which the application is run.

• Traceback — A traceback is a detailed description of "what went wrong" that is useful for trou-

bleshooting the RHN Satellite Server. Tracebacks are automatically generated when a critical error occurs and are mailed to the individual(s) designated in the RHN Satellite Server’s conﬁguration ﬁle.

For more detailed explanations of these terms and others, refer to the Red Hat Network Reference Guide.

1.4. How it Works

RHN Satellite Server consists of the following components:

Chapter 1. Introduction 3

• Database — for the Stand-Alone Database, this may be the organization’s existing database or,

preferably, a separate machine. RHN Satellite Server 3.6 supports Oracle 9i R2. For the Embedded Database, the database comes bundled with RHN Satellite Server and is installed on the same machine as the Satellite during the installation process.

• RHN Satellite Server — core "business logic" and entry point for Red Hat Update Agent running

on client systems. The RHN Satellite Server also includes an Apache HTTP Server (serving XMLRPC requests).

• RHN Satellite Server Web interface — advanced system, system group, user, and channel manage-

ment interface.

• RPM Repository — package repository for ofﬁcial Red Hat RPM packages and custom RPM pack-

ages identiﬁed by the organization.

• Management Tools:

• Database and ﬁlesystem synchronization tools

• RPM importing tools

• Channel maintenance tools (Web-based)

• Errata management tools (Web-based)

• User management tools (Web-based)

• Client system and system grouping tools (Web-based)

• Red Hat Update Agent on the client systems

The Red Hat Update Agent on the client systems must be reconﬁgured to retrieve updates from the organization’s internal RHN Satellite Server instead of the central Red Hat Network Servers. After this one-time reconﬁguration, client systems may retrieve updates locally using the Red Hat Update Agent, or system administrators may schedule actions through the RHN Satellite Server website.

Important

Red Hat strongly recommends that clients connected to RHN Satellite Server be running the latest update of Red Hat Enterprise Linux to ensure proper connectivity.

When a client requests updates, the organization’s internal RHN Satellite Server queries its database, authenticates the client system, identiﬁes the updated packages available for the client system, and sends the requested RPMs back to the client system. Depending upon the client’s preferences, the package may also be installed. If the packages are installed, the client system sends an updated package proﬁle to the database on the RHN Satellite Server; those packages are removed from the list of outdated packages for the client.

The organization can conﬁgure the website for the RHN Satellite Server to be accessible from the local area network only or from both the local area network and the Internet. The Satellite’s version of the RHN website allows full control over client systems, system groups, and users.

The RHN Satellite Server management tools are used to synchronize the RHN Satellite Server database and package repository with Red Hat Network. The RHN Satellite Server import tool allows the system administrator to include custom RPM packages in the package repository.

RHN Satellite Server can be used in conjunction with RHN Proxy Server to deliver a distributed, self-contained Red Hat Network deployment for the organization. For example, an organization can maintain one RHN Satellite Server in a secure location. Red Hat systems with local network access to the RHN Satellite Server can connect to it. Other remote ofﬁces can maintain RHN Proxy Server installations that connect to the RHN Satellite Server. The different locations inside the organization

4 Chapter 1. Introduction

must be networked, but this can be a private network; an Internet connection is not required for any of the systems. Refer to the RHN Proxy Server Installation Guide for more information.

Figure 1-1. Using RHN Satellite Server and RHN Proxy Server Together

1.5. Summary of Steps

Implementing a fully functional RHN Satellite Server requires more than installing software and a database. Client systems must be conﬁgured to use the Satellite. Custom packages and channels should be created for optimal use. Since these tasks extend beyond the basic installation, they are covered in detail in other guides, as well as this RHN Satellite Server Installation Guide. For a full list of the necessary technical documents, refer to Chapter 2 Requirements.

For this reason, this section seeks to provide a deﬁnitive list of all required and recommended steps, from evaluation through custom package deployment. They should take place in roughly this order:

1. After an evaluation, you contact your Red Hat sales representative to purchase RHN Satellite Server.

2. Your Red Hat contact sends you an RHN Entitlement Certiﬁcate via email.

3. Your Red Hat contact creates a Satellite-entitled account on the RHN website and sends you the login information.

4. You log into the RHN website (rhn.redhat.com) and download the distribution ISOs for Red Hat Enterprise Linux AS and RHN Satellite Server 3.6. Remember, Monitoring requires Red Hat Enterprise Linux AS 3. These can be found within the Downloads tab of the respective Channel Details pages. Refer to the RHN Reference Guide for instructions.

5. While still logged into the RHN website, you download the Channel Content ISOs to be served by your Satellite, also available through the Downloads tab of your Satellite’s Channel Details

Chapter 1. Introduction 5

page. These Channel Content ISOs differ from the distribution ISOs previously mentioned in that they contain metadata necessary for parsing and serving packages by Satellite.

6. If installing a Stand-Alone Database, you prepare your database instance using the formula provided in Chapter 2 Requirements.

7. You install Red Hat Enterprise Linux AS and then RHN Satellite Server 3.6 on the Satellite machine.

8. You create the ﬁrst user account on the Satellite by opening the Satellite’s hostname in a Web browser and clicking Create Account. This will be the Satellite Administrator’s account.

9. You use the RHN Satellite Synchronization Tool to import the channels and associated packages into the Satellite.

10. You register a representative machine for each distribution type, or channel (Red Hat Enterprise Linux AS 2.1, 3), to the Satellite.

11. You copy (using SCP) the rhn_register and up2date conﬁguration ﬁles from the

/etc/sysconfig/rhn/ directory of each machine individually to the /pub directory on the

Satellite. The rhn-org-trusted-ssl-cert-*.noarch.rpm will already be there.

12. You download and install from the Satellite the conﬁguration ﬁles and

rhn-org-trusted-ssl-cert-*.noarch.rpm on the remaining client systems of the same

distribution type. Repeat this and the previous step until all distribution types are complete.

13. Through the Satellite’s website, you create an Activation Key for each distribution aligned to the appropriate base channel. At this point, system groups and child channels may also be predeﬁned.

14. You then run the Activation Key from the command line (rhnreg_ks) of each client system. Note that this step can be scripted to batch register and reconﬁgure all remaining client systems in a distribution.

15. You should record all relevant usernames, passwords and other login information and store in multiple secure places.

16. Now that the Satellite is populated with standard Red Hat channels and packages and all clients are connected to it, you may begin creating and serving custom channels and packages. Once the custom RPMs are developed, you can import them into the Satellite using the RHN Push and add custom channels to store them through the Satellite’s website. Refer to the RHN Channel Management Guide for details.

6 Chapter 1. Introduction

Chapter 2.

Requirements

These requirements must be met before installation.

2.1. Software Requirements

To perform an installation, the following software components must be available:

• Base operating system — RHN Satellite Server is supported with Red Hat Enterprise Linux AS 2.1

Update 5 or later and Red Hat Enterprise Linux AS 3 Update 3 or later only. The operating system can be installed from disc, local ISO image, kickstart, or any of the methods supported by Red Hat but must contain certain packages not included in a standard installation.

Important

If you plan to obtain Monitoring-level service, you must install your RHN Satellite Server on Red Hat Enterprise Linux AS3 Update 3. This is the only supported base operating system for Satellites serving Monitoring-entitled systems.

Each version of Red Hat Enterprise Linux AS requires additional packages to support RHN Satellite Server. Although these requirements may be met by conducting an Everything install, Red Hat this installs packages that if not properly managed could pose security hazards. For this reason, Red Hat recommends obtaining the desired package set in the following ways:

For kickstarting Red Hat Enterprise Linux AS 3 Update 3, specify the following packages and groups:

• @ Base

• @ Server

• @ Development Tools

• @ Legacy Software Development

• perl-CGI

• perl-Time-HiRes

For installing Red Hat Enterprise Linux AS 3 Update 3 via CD or ISO image, select the following package groups:

• Web Server

• Mail Server

• Development Tools

• Legacy Software Development

Then after operating system installation, register the system with RHN and use the Red Hat Update Agent to install the outstanding packages with the following command:

up2date perl-CGI perl-libwww-perl perl-URI perl-XML-Parser perl-DateManip /

perl-XML-Dumper perl-libxml-enno perl-Parse-Yapp perl-XML-Encoding

Once updated, delete the Red Hat Enterprise Linux AS 3 Update 3 system proﬁle from RHN, as it will be reregistered during Satellite installation.

For kickstarting Red Hat Enterprise Linux AS 2.1 Update 5, specify the following package groups:

8 Chapter 2. Requirements

• @ Advanced Server

• @ Base

• @ Messaging and Web Tools

• @ Software Development

• @ Utilities

• @ Web Server

For installing Red Hat Enterprise Linux AS 2.1 Update 5 via CD or ISO image, select the following package groups:

• Network Support

• Web Server

• Software Development

• Advanced Server

• Messaging and Web Tools

• Utilities

This satisﬁes the base operating system requirements. Unlike Red Hat Enterprise Linux AS 3 Update 3, you do not have to run up2date to install additional packages.

• Satellite installation disc or ISO — this contains the RHN Satellite Server Installation Program.

• Channel content — All software packages and data exported for all entitled Red Hat channels. This

content may be loaded directly on the Satellite after installation using the RHN Satellite Synchronization Tool or obtained from your Red Hat representative if synchronization isn’t possible, such

as in a disconnected environment.

2.2. Hardware Requirements

The following hardware conﬁguration is required for the two types of RHN Satellite Server:

Stand-Alone Database Embedded Database

Dell PowerEdge 1750 or equivalent Dell PowerEdge 2650 or equivalent

Two processors Two 2.4 GHz processors

Required - 512 MB of memory Required - 2 GB of memory

Recommended - 1 GB of memory Strongly recommended - 4 GB of memory

3 GB storage for base install of Red Hat Enterprise Linux AS

5 GB storage per channel, in the

/var/satellite directory by default but

conﬁgurable at install

Recommended - an external SAN for more reliable backups

3 GB storage for base install of Red Hat Enterprise Linux AS

5 GB storage per channel, in the

/var/satellite directory by default but

conﬁgurable at install

Recommended - an external SAN for more reliable backups

36 GB storage for the database repository, in the

/rhnsat partition (local storage only)

Chapter 2. Requirements 9

Stand-Alone Database Embedded Database

Strongly recommended - a SCSI drive connected to a level 5 RAID

Separate partition (or better, a separate set of physical disks) for storing backups. This can be any directory speciﬁable at backup time.

Table 2-1. Stand-Alone Database and Embedded Database Satellite Hardware Requirements

The following hardware conﬁguration is required for the Stand-Alone Database:

• Dell PowerEdge 2650 or equivalent

• Two processors

• 2 GB of memory

See Section 2.3 Database Requirements for instructions on estimating the tablespace of the database and setting its environment variables.

Keep in mind, the frequency in which client systems connect to the Satellite is directly related to load on the Apache HTTP Server and the database. If you do reduce the default interval of four hours (or 240 minutes), as set in the /etc/sysconfig/rhn/rhnsd conﬁguration ﬁle of the client systems, you will increase the load on those components signiﬁcantly.

Additional hardware requirements include:

• The Stand-Alone Database must not run on the same server as the RHN Satellite Server.

• The package repository may be any large storage device easily and securely accessed by the other

components. The space requirements depend on the number of packages that will be stored. Default Red Hat channels contain approximately 3 GB of packages each, and that size grows with each synchronization; customers must also account for the space requirements of packages in their own private channels. Whatever storage solution the customer chooses, its mount point may be deﬁned during the installation process.

If you are installing RHN Satellite Server with Embedded Database, skip to Section 2.4 Additional Requirements.

2.3. Database Requirements

This section applies only to RHN Satellite Server with Stand-Alone Database as the requirements for the Embedded Database are included in the Satellite machine’s hardware requirements. Red Hat supports RHN Satellite Server 3.6 installations in conjunction with Oracle 9i R2. The Stand-Alone Database must not run on the same server as the RHN Satellite Server.

A single 4 GB tablespace is recommended as more than sufﬁcient for most installations. It is possible for many customers to function with a smaller tablespace. An experienced Oracle database administrator (DBA) will be necessary to assess sizing issues. The following formula should be used to determine the required size of your database:

• 192 KB per client system

• 64 MB per channel

For instance, an RHN Satellite Server containing 10 channels serving 10,000 systems would require

1.92 GB for its clients and 640 MB for its channels. If custom channels are to be established for testing and staging of packages, they must be included in this formula.

10 Chapter 2. Requirements

Keep in mind, the database storage needs may grow rapidly, depending upon the variance of the following factors:

• The number of public Red Hat packages imported (typical: 5000)

• The number of private packages to be managed (typical: 500)

• The number of systems to be managed (typical: 1000)

• The number of packages installed on the average system (typical: 500)

Although you should be generous in your database sizing estimates, you need to consider that size does affect the time to conduct backups and adds load to other system resources. If the database is being shared, its hardware and spacing is entirely dependent on what else is using it.

The Oracle database should have a user assigned to RHN Satellite Server with full DDL and DML access to that user’s default tablespace. The user will need standard connection information for the database at the time of installation.

The precise access levels required by the Oracle user are as follows:

• ALTER SESSION

• CREATE SEQUENCE

• CREATE SYNONYM

• CREATE TABLE

• CREATE VIEW

• CREATE PROCEDURE

• CREATE TRIGGER

• CREATE TYPE

• CREATE SESSION

Additional database requirements include:

• Security Identiﬁer (SID)

• Listener Port

• Username

• Uniform Extent Size

• Auto Segment Space Management

• UTF-8 character set

The disk layout on the database machine is independent of the RHN Satellite Server and entirely up to the customer.

2.4. Additional Requirements

The following additional requirements must be met before the RHN Satellite Server installation:

• Full Access

Client systems need full network access to the RHN Satellite Server solution’s services and ports.

• Firewall Rules

Chapter 2. Requirements 11

The RHN Satellite Server solution can be ﬁrewalled from the Internet, but it must be able to issue outbound connections to rhn.redhat.com and xmlrpc.rhn.redhat.com on ports 80 and 443.

• Synchronized System Times

There is great time sensitivity when connecting to a Web server running SSL (Secure Sockets Layer); it is imperative the time settings on the clients and server be reasonably close together so the SSL certiﬁcate does not expire before or during use. For this reason, Red Hat requires the Satellite and all client systems to use Network Time Protocol (NTP). This also applies to the separate database machine in RHN Satellite Server with Stand-Alone Database, which must also be set to the same time zone as the Satellite.

• Fully Qualiﬁed Domain Name (FQDN)

The system upon which the RHN Satellite Server will be installed must resolve its own FQDN properly. If this is not the case, cookies will not work properly on the website.

• Functioning Domain Name Service (DNS)

For the RHN Satellite Server’s domain name to be resolved by its clients, it and they must all be linked to a working DNS server in the customer environment.

• An Entitlement Certiﬁcate

The customer will receive, via email from the sales representative, a signed Entitlement Certiﬁcate explaining the services provided by Red Hat through RHN Satellite Server. This certiﬁcate will be required during the installation process.

• A Red Hat Network Account

Customers who will be connecting to the central Red Hat Network Servers to receive incremental updates will need an external account with Red Hat Network. This account should be set up at the time of purchase with the sales representative.

• Backups of Login Information

It is imperative customers keep track of all primary login information. For RHN Satellite Server, this includes usernames and passwords for the Organization Administrator account on rhn.redhat.com, the primary administrator account on the Satellite itself, SSL certiﬁcate generation, and database connection (which also requires a SID, or net service name). Red Hat strongly recommends this information be copied onto two separate ﬂoppy disks, printed out on paper, and stored in a ﬁreproof safe.

In addition to these requirements, it is recommended the RHN Satellite Server be conﬁgured in the following manner:

• The entire RHN Satellite Server solution should be protected by a ﬁrewall if the Satellite will be

accessing, or be accessed via the Internet. An Internet connection is not required for RHN Satellite Servers running in completely disconnected environments as this feature instead uses update CDs to synchronize the Satellite with the central Red Hat Network. All other RHN Satellite Servers should be synchronized directly over the Internet.

• All unnecessary ports should be ﬁrewalled off. Client systems connect to RHN Satellite Server over

ports 80 and 443 only. In addition, if you plan to enable the pushing of actions from the Satellite to client systems, as described in Section 8.10 Enabling Push to Clients, you must allow inbound connections on port 5222. Finally, if the Satellite will also push to an RHN Proxy Server, you must also allow inbound connections on port 5269.

• No system components should be directly, publicly available. No user other than the system admin-

istrators should have shell access to these machines.

• All unnecessary services should be disabled using ntsysv or chkconfig.

• The httpd service should be enabled.

12 Chapter 2. Requirements

• If the Satellite will serve Monitoring-entitled systems and you wish to acknowledge via email the

alert notiﬁcations you receive, you must conﬁgure sendmail to properly handle incoming mail as described in Section 4.3 Sendmail Conﬁguration.

Finally, you should have the following technical documents in hand for use in roughly this order:

1. The RHN Satellite Server Installation Guide — This guide, which you are now reading, provides the essential steps necessary to get an RHN Satellite Server up and running.

2. The RHN Client Conﬁguration Guide — This guide explains how to conﬁgure the systems to be served by an RHN Proxy Server or RHN Satellite Server. (This will also likely require referencing The RHN Reference Guide, which contains steps for registering and updating systems.)

3. The RHN Channel Management Guide — This guide identiﬁes in great detail the recommended methods for building custom packages, creating custom channels, and managing private Errata.

4. The RHN Reference Guide — This guide describes how to create RHN accounts, register and update systems, and use the RHN website to its utmost potential. This guide will probably come in handy throughout the installation and conﬁguration process.

Chapter 3.

Example Topologies

The RHN Satellite Server can be conﬁgured in multiple ways. Select one method depending on the following factors:

• The total number of client systems to be served by the RHN Satellite Server.

• The maximum number of clients expected to connect concurrently to the RHN Satellite Server.

• The number of custom packages and channels to be served by the RHN Satellite Server.

• The number of RHN Satellite Servers being used in the customer environment.

• The number of RHN Proxy Servers being used in the customer environment.

The rest of this chapter describes possible conﬁgurations and explains their beneﬁts.

3.1. Single Satellite Topology

The simplest conﬁguration is to use a single RHN Satellite Server to serve your entire network. This conﬁguration is adequate to service a medium-size group of clients and network.

The disadvantage of using one RHN Satellite Server is that performance will be compromised as the number of clients requesting packages grows.

Figure 3-1. Single Satellite Topology

3.2. Multiple Satellite Horizontally Tiered Topology

For very large networks, a more distributed method may be needed, such as having multiple RHN Satellite Servers horizontally tiered conﬁguration and balancing the load of client requests.

Additional maintenance is the biggest disadvantage of this horizontal structure.

14 Chapter 3. Example Topologies

Figure 3-2. Multiple Satellite Horizontally Tiered Topology

3.3. Satellite-Proxy Vertically Tiered Topology

An alternative method to balance load is to install RHN Proxy Servers below a RHN Satellite Server that connect to the Satellite for RPMs from Red Hat Network and custom packages created locally. In essence, the Proxies act as clients of the Satelllite.

This vertically tiered conﬁguration requires that channels and RPMs be created only on the RHN Satellite Server. In this manner, the Proxies inherit and then serve packages from a central location. For details, refer to the RHN Channel Management Guide.

Similarly, you should make the Proxies’ SSL certiﬁcates clients of the Satellite while also setting them to serve the actual client systems. This process is described in the RHN Client Conﬁguration Guide.

Figure 3-3. Satellite-Proxy Vertically Tiered Topology

Chapter 4.

Installation

This chapter describes the initial installation of the RHN Satellite Server. It presumes the prerequisites listed in Chapter 2 Requirements have been met. If you are instead upgrading to a newer version of RHN Satellite Server, contact your Red Hat representative for assistance.

4.1. Base Install

The RHN Satellite Server is designed to run on the Red Hat Enterprise Linux AS operating system. Therefore, the ﬁrst phase is to install the base operating system, either from disc, ISO image, or kickstart. During and after operating system installation, make sure you:

• Allocate plenty of space to the partitions storing data. The default location for channel packages

is /var/satellite. For RHN Satellite Server with Embedded Database, remember the database RPMs go in the /opt partition, while the database itself is built in /rhnsat. Refer to Section 2.2 Hardware Requirements for precise speciﬁcations.

• Install all packages required by RHN Satellite Server. Refer to Section 2.1 Software Requirements

for packages and package groups needed for each version of Red Hat Enterprise Linux AS.

Important

If you plan to obtain Monitoring-level service, you must install your RHN Satellite Server on Red Hat Enterprise Linux AS 3. This is the only supported base operating system for Satellites serving Monitoring-entitled systems. Do not install Satellite on Red Hat Enterprise Linux AS 2.1.

• Enable Network Time Protocol (NTP) on the Satellite and separate database, if it exists, and select

the appropriate time zone. All client systems should already be running the ntpd daemon and be set to the correct time zone.

• Disable the ipchains and iptables services after installation.

4.2. RHN Satellite Server Installation Program

The following instructions describe how to run the RHN Satellite Server Installation Program:

1. Log into the machine as root.

2. Insert the RHN Satellite Server CD containing the installation ﬁles or download the ISO image from the RHN website.

3. Create a directory in /mnt to store the ﬁles with the command:

mkdir /mnt/cdrom

4. If you are installing from CD and it is not mounted automatically, mount it using the command:

mount /dev/cdrom /mnt/cdrom

If you are installing from download, mount the ﬁle from within the directory containing it using the command:

mount iso_filename /mnt/cdrom -o loop

The rest of the instructions assume it is mounted in /mnt/cdrom.

+ 43 hidden pages