Red Hat Satellite

now browsing by category

 

How to automate your RedHat Satellite Channel Cloning

  • In order for the scripts to work without sending your password to “ps” you will need to setup a config for spacecmd

Credential FileEdit section

Spacecmd can be configured with a credentials file so you are not prompted for a username/password each time. This allows for easier scripting.

  1. Create a hidden spacecmd directory in your home. Lock down permissions.
    mkdir ~/.spacecmd
    chmod 700 ~/.spacecmd
    
  1. Create a config file in the directory and give proper permissions.
    touch ~/.spacecmd/config
    chmod 600 ~/.spacecmd/config
    
  1. Edit the config file and fill in the header, Spacewalk server fqdn, username, and password.
    vim ~/.spacecmd/config
    
    [spacecmd]
    server=spacewalk.nicktailor.com
    username=usernamehere
    password=passwordhere

 

Clone scripts
http://www.nicktailor.com/files/clonechannel.redhat7.sh
http://www.nicktailor.com/files/clonechannel.redhat6.sh
http://www.nicktailor.com/files/clonechannel.redhat5.sh

REDHAT 7 (EXAMPLE)
#!/bin/bash
spacewalkServer=spacewalk.nicktailor.com
defaultOrgAdmin=USER

read -p “Enter to Continue”

BASE_CHANNEL=”rhel-x86_64-server-7″
CHILD_CHANNELS=”rhel-x86_64-server-7-thirdparty-oracle-java rhel-x86_64-server-7-rhscl-1 rhel-x86_64-server-optional-7 rhel-x86_64-server-supplementary-7 rhn-tools-rhel-x86_64-server-7 epel_rhel7_x86_64 nginx.org-packages”
SPECIAL=”rhel-tools-rhel-x86_64-server-6″
DATESTRING=`date +20%y-%B-%d`
echo Run on $DATESTRING >> clonechannels-$DATESTRING.log
UNDO_FILE=clonechannels-$DATESTRING.undo
rm -f $UNDO_FILE
rm -f clonechannels-$DATESTRING.log
echo Undo file is $UNDO_FILE
echo DATESTRING = $DATESTRING
BASE_CHANNEL_NAME=$BASE_CHANNEL-$DATESTRING
echo BASE_CHANNEL_NAME = $BASE_CHANNEL_NAME
echo spacecmd -u $defaultOrgAdmin -s $spacewalkServer — softwarechannel_clone -n $BASE_CHANNEL_NAME -l $BASE_CHANNEL_NAME -s $BASE_CHANNEL -g >> clonechannels-$DATESTRING.log
spacecmd -u $defaultOrgAdmin -s $spacewalkServer — softwarechannel_clone -n $BASE_CHANNEL_NAME -l $BASE_CHANNEL_NAME -s $BASE_CHANNEL -g
echo spacecmd -u $defaultOrgAdmin -s $spacewalkServer — softwarechannel_setorgaccess $BASE_CHANNEL_NAME -e >> clonechannels-$DATESTRING.log
spacecmd -u $defaultOrgAdmin -s $spacewalkServer — softwarechannel_setorgaccess $BASE_CHANNEL_NAME -e
for CHILD_CHANNEL in ${CHILD_CHANNELS}
do
CHILD_CHANNEL_NAME=$CHILD_CHANNEL-$DATESTRING
echo CHILD_CHANNEL_NAME = $CHILD_CHANNEL_NAME
echo spacecmd -u $defaultOrgAdmin -s $spacewalkServer — softwarechannel_clone -n $CHILD_CHANNEL_NAME -l $CHILD_CHANNEL_NAME -p $BASE_CHANNEL_NAME -s $CHILD_CHANNEL -g >> clonechannels-$DATESTRING.log
spacecmd -u $defaultOrgAdmin -s $spacewalkServer — softwarechannel_clone -n $CHILD_CHANNEL_NAME -l $CHILD_CHANNEL_NAME -p $BASE_CHANNEL_NAME -s $CHILD_CHANNEL -g
if [ $CHILD_CHANNEL == “rhn-tools-rhel-x86_64-server-7” ]
then spacecmd -u $defaultOrgAdmin -s $spacewalkServer — softwarechannel_clone -n $SPECIAL -l $SPECIAL -p $BASE_CHANNEL_NAME -s $CHILD_CHANNEL -g
fi
echo spacecmd -u $defaultOrgAdmin -s $spacewalkServer — softwarechannel_setorgaccess $CHILD_CHANNEL_NAME -e >> clonechannels-$DATESTRING.log
spacecmd -u $defaultOrgAdmin -s $spacewalkServer — softwarechannel_setorgaccess $CHILD_CHANNEL_NAME -e
echo spacecmd -u $defaultOrgAdmin -s $spacewalkServer -y — softwarechannel_delete $CHILD_CHANNEL_NAME >> $UNDO_FILE
done

How to deploy servers with KickStart

  1. Open up Vcenter and login
  1. Find the folder you wish to create the new vm
    1. Right click on the folder and select create a new vm
    2. Go through and select the VM parameters you require ie(CPU, Memory, HD space, etc)
      NOTE: that you should keep the HD space to 50 gigs and thin provision the vm.
  2. Next you want to edit the VM settings
    1. Select the CD/DVD option and then boot off a redhat linux 6.6 install dvd.
      1. Enable the connect on start and conneted check boxes at the top.
    2. Next you want to select the Network adapter and select the correct Network Label(VLAN) so the server will be able to communicate dependant on which ever ip/network you chose.

Note: You will not be able to kickstart if you do not have the proper vlan for your ip.

  1. Next Login into satellite
    1. Click on kickstart on the left pane and then profiles
    2. Select the button “Advanced options
    3. Scroll down to network and edit the line as needed.
      1. –bootproto=static –ip=10.2.10.13 –netmask=255.255.255.0 –gateway=10.2.10.254  –hostname=server1.nicktailor.com –nameserver=10.20.0.17.

Note: You need to do this if you want the server provisioned with ip and hostname post install.

  1. Scroll down and click update for settings to take effect.
  2. Next click on System Details and then Paritioning.
  3. Edit the partitions to the specification required. You in most cases wont need to update this will be a standard template. However for the purposes of documentation its here.

Example of standard partition scheme

part /boot –fstype=ext4 –size=500
part pv.local –size=1000 –grow
volgroup vg_local pv.local
logvol / –fstype ext4 –name=root –vgname=vg_local –size=2048
logvol swap –fstype swap –name=swap –vgname=vg_local –recommended
logvol /tmp –fstype ext4 –name=tmp –vgname=vg_local –size=1024
logvol /usr –fstype ext4 –name=usr –vgname=vg_local –size=4096
logvol /home –fstype ext4 –name=home –vgname=vg_local –size=2048
logvol /var –fstype ext4 –name=var –vgname=vg_local –size=4096 –grow
logvol /var/log –fstype ext4 –name=log –vgname=vg_local –size=2048 –grow
logvol /var/log/audit –fstype ext4 –name=audit –vgname=vg_local –size 1024
logvol /opt –fstype ext4 –name=opt –vgname=vg_local –size=4096 –grow

  • Once you have the desired setting, select “Update Paritions”

4. Next Select Software
     5. You can add or remove any necessary or un-necessary packages.

By using the (-) before the package name it will remove it from the base install. If you simply type in the package name it will ensure its added to the base install.

The packages indicated below are an example of how you
@ Base
@X Window System
@Desktop
@fonts
python-dmidecode
python-ethtool
rhn-check
rhn-client-tools
rhn-setup
rhncfg-actions
rhncfg-client
yum-rhn-plugin
sssd

6.  Select update packages once you have chosen your base packages

7. Now boot up the vm, once your cd/image is booted you should see a grub line, before it boots into the install, follow the steps below.

8. At the grub line issue the following command. (Update the ip according to above step as needed. If you are using DHCP then you just need the url without the additional parameters.

linux ks=http://satellite.nicktailor.com/ks/cfg/org/5/label/Kickstartname ip=10.0.12.99 netmask=255.255.255.0 gateway=10.0.12.254 nameserver=10.20.0.17

9. Your VM at this point should go through without any user interaction and install and reboot with a functional OS.

Note: Since you have kickstarted your server using satellite, it will automatically be registered to satellite server, saving you the hassel of doing it after the fact.

 

How to Upgrade and Downgrade Packages with RHN Satellite

RHN Satellite Package upgrade and downgrade processes

Listing packages installed or available for upgrading on a host.

  1. Click on systems
    1. Next click on the target hostname
    2. Now click on the software tab
  • · If you click on list/remove Installed packages this will show you the current listed packages for the target host, you can also search by the specific package in the search field above the listed packages
  • · If you click on upgrade packages, this will only list the current available packages the host system is currently subscribed to.

Note: just because you don’t see newer packages available does not mean they are not out there.

 

Package Search on all available channels

 

  1. There are two ways you can do this
    1. Method 1 – Click on Channels at the very top, then package search, next type in the package name
  • · Once you have found the package, click on the package name, and it will take you to a details screen, on that screen it will have available from: in that section it will list out the channels that are subscribed to satellite that have the package you are looking for available from.
  1. Method 2 – This is the way I like to do it – Click on systems, then software tab, and then install new packages
  • · Next search for the package you wish to install, this will the latest available package from all channels available, and if you click on the package it will show the available channels for that specified package.

 

Upgrading  packages

  1. Click on systems, select the host, then software tab, and then upgrade
    1. Search for the packages you wish to upgrade and select them by checking the box to to the left of it

Note: if you are going to do select all, I would recommend against this, as if you select this button, even its not listed on the page it will literally select all the packages available. So select them individually is the way to go.

  1. Once completed check boxing scroll down to the bottom right and select upgrade packages, it will go to another confirmation screen, click on confirm.
  2. This will then be queued.
  3. If you click on Events, you should see it there and shortly within 5 min window it should disappear, if it does not then something is wrong, and you need to get a hold of satellite admin to investigate.

Downgrading  packages

  1. Click on systems, select the host, then software tab, and then profiles
    1. Select the stored profile of the date/time that Under “Compare to Stored Profile” and hit compare.
    2. You should see a list of packages that it is now going to synch back to, select sync package bottom right.
    3. You should see it go the events page, after about 5 mins it should no longer be listed in events, which means the server picked up the process and should begin downgrading shortly.

How to patch using RHN Satellite

Patching an environment with RHN Satellite

Create a roll back tag

  1. 1.       Log into satellite
  2. 2.       Click on Systems
    1. a.       Now select Systems Groups
    2. b.      Next to the group you wish to patch click on “Use in SSM”
    3. c.       Top right of screen click on Manage (you should see the number of machines for that group selected in brackets)
    4. 3.       Under Provisioning
      1. a.       Click on snapshot rollback
      2. b.      Now click on “Tag systems” tab
      3. c.       Type in the name of the Tag as depending on the group ie (DEV1-Sept26-2013)
      4. d.      Click on Tag current snapshots (this will tag the whole group with a rollback tag, should you ever need to.
      5. e.      If you needed to roll back instead of “tagsystems” You would select the “Rollbback” tab
      6. f.        Now Click on Manage again top right
      7. 4.       Under Channels
        1. a.       Click on Channel memberships
        2. b.      Now Select Base Channels
        3. c.       Change the i386 channel to the Latest i386 channel available and do the same x86_64, you may also notice there are RHN5 & RHN6 channels.
        4. d.      Click on confirm subscriptions
        5. e.      Then click on Alter subscriptionsbottom right
        6. f.        Now select child channels and ensure any childs you need are subscribed as well (Ie Clustering storage, Network tools, Vmware etc.
        7. Now click on Manage again, ensuring the correct number of servers is still being managed.
          1. Click on Schedule errata updates
          2. Scroll to bottom of screen and select all
          3. Click on Apply Errata
          4. And now Schedule Updates
          5. If you click on Schedule on the top menu should show you all the updates running
          6. Click on Systems
            1. Click on System Groups
            2. Select the group you wish to view
            3. Click on the “systems” tab inside the systems group
            4. Now if you click on “systems” tab periodically you should see the patching counting down to zero, any server that is not counting down has an issue and you will need to log in as root to figure out what is wrong. (Refer Common problems and fixes)

 

Troubleshooting Guide

Errata does not appear to be counting down in systems group

  • Log into Culprit server
  • confirm that enabled = 1 is set in the file,  ->/etc/yum/pluginconf.d/rhnplugin.conf

type cat /etc/yum/pluginconf.d/rhnplugin.conf

If it isn’t set, the Satellite will try to use the local repos, and not the channels on the Satellite server

  • If the above doesn’t work you may want to ensure the you can connect to the satellite server by running telnet to the satellite on the following ports
    • telnet satellite.nicktailor.com 80
    • telnet satellite.nicktailor.com 443
    • telnet satellite.nicktailor.com 5222
  1. 1.       The response you for all of these should look like

Trying 10.20.0.8…

Connected to satellite.nicktailor.com.

Escape character is ‘^]’.

  • Next run Yum –y update, if you see any of the following errors
    • o   A common error is “cpioopen failed – Permission denied cpioopen failed – Permission denied“ or something similar
  1. This usually means you have a mount point that is read only
  2. Type mount at the command prompt to see if that is the case.

[root@home.nicktailor.com<dev>:~]# mount

/dev/mapper/vg_local-root on / type ext3 (rw)

proc on /proc type proc (rw)

sysfs on /sys type sysfs (rw)

devpts on /dev/pts type devpts (rw,gid=5,mode=620)

/dev/mapper/vg_local-usr on /usr type ext3 (rw,nodev)

/dev/mapper/vg_local-tmp on /tmp type ext3 (rw,noexec,nosuid,nodev)

/dev/mapper/vg_local-home on /home type ext3 (rw,nodev)

  • If you see  (rw,nodev) on the /usr mount

(this mean you the partition is read only and yum can not write updates to the /usr directory)

  • To fix type mount –o remount,rw /usr
  • And yum –y update again.
  • If this still fails then escalate to a Senior Linux System Administrator
  • Upon reboot Server does not come backup
    • This could be the result of many things, however the most common is grub failure, to correct this we need to re-install grub manually from a RHN boot CD
  1. Mount the VM or Server to a redhat disk 1.img file and boot to the prompt
  2. At the prompt type “Linux Rescue” and hit <enter>
  3. Once you reach the boot prompt type “chroot /mnt/sysimage” (you should see a note telling you above the prompt on how to do it.
  4. Now you want to view grub conf “cat /boot/grub/grub.conf” and write down the following lines somewhere in notepad as you will need them
  • kernel /vmlinuz-2.6.18-348.6.1.el5 ro root=/dev/vg_local/root rhgb quiet audit=1
  • initrd /initrd-2.6.18-348.6.1.el5.img
  1. next cd into the /boot directory
  2. type “grub” <enter> this will take you to the grub prompt
  • now you need to tell grub to load the kernel & initrd manually indicated below
    • grub> kernel /boot/ vmlinuz-2.6.18-348.6.1.el5

(result will look something like this)

[Linux-bzImage, setup=0x1400, size=0x15f464]

  • grub> initrd /boot/ initrd-2.6.18-348.6.1.el5.img
  • (result will look something like this )
  • [Linux-initrd @ 0x376000, 0x79e3d bytes]
    • If the initrd gives an error don’t worry, it does that sometimes, proceed to setting up the on boot partition anyway
    • grub> setup (hd0)

(Result –should look like below)

Checking if “/boot/grub/stage1” exists… yes

Checking if “/boot/grub/stage2” exists… yes

Checking if “/boot/grub/e2fs_stage1_5” exists… yes

Running “embed /boot/grub/e2fs_stage1_5 (hd0)”… failed (this is not fatal)

Running “embed /boot/grub/e2fs_stage1_5 (hd0,2)”… failed (this is not fatal)

Running “install /boot/grub/stage1 (hd0) /boot/grub/stage2 p /boot/grub/menu.lst “… succeeded

  • Done.
  • Reboot image
  1. If that does not work escalate to Senior Systems Administrator

 

  • File System Check Fails upon reboot
    • If you see the following message after a reboot

Give root password for maintenance (or type Control-D to continue)

  • You will need to boot into single user mode and run an fsck on the partition that is failing a file system check.
  • To boot into single user mode you edit the boot instructions for the GRUB menu entry you wish to boot and add the kernel parameter/option single. Brief instructions for how to do this are below.
      1. Select (highlight) the GRUB boot menu entry you wish to use.
      2. Press e to edit the GRUB boot commands for the selected boot menu entry.
  1. Look near the bottom of the list of commands for lines similar to

kernel /vmlinuz-2.6.18-348.12.1.el5PAE ro root=LABEL=/

  1. You want to add “init=/bin/sh” to the end of the kernel line and then hit “B” to Boot
  • It should look like so

kernel /vmlinuz-2.6.18-348.12.1.el5PAE ro root=LABEL=/ init=/bin/sh

  1. Next you want to run fsck –y <whatever partition that needs to checked>
  • You will run this on a unmounted partition, never run on a mounted partition as you can corrupt the data if you do.

 

RHN Satellite Package upgrade and downgrade processes

 

Listing packages installed or available for upgrading on a host.

  1. Click on systems
    1. Next click on the target hostname
    2. Now click on the software tab
  • If you click on list/remove Installed packages this will show you the current listed packages for the target host, you can also search by the specific package in the search field above the listed packages
  • If you click on upgrade packages, this will only list the current available packages the host system is currently subscribed to.

Note: just because you don’t see newer packages available does not mean they are not out there.

 

Package Search on all available channels

 

  1. There are two ways you can do this
    1. Method 1 – Click on Channels at the very top, then package search, next type in the package name
  • Once you have found the package, click on the package name, and it will take you to a details screen, on that screen it will have available from: in that section it will list out the channels that are subscribed to satellite that have the package you are looking for available from.
  1. Method 2 – This is the way I like to do it – Click on systems, then software tab, and then install new packages
  • Next search for the package you wish to install, this will the latest available package from all channels available, and if you click on the package it will show the available channels for that specified package.

 

Upgrading  packages

  1. Click on systems, select the host, then software tab, and then upgrade
    1. Search for the packages you wish to upgrade and select them by checking the box to to the left of it

Note: if you are going to do select all, I would recommend against this, as if you select this button, even its not listed on the page it will literally select all the packages available. So select them individually is the way to go.

  1. Once completed check boxing scroll down to the bottom right and select upgrade packages, it will go to another confirmation screen, click on confirm.
  2. This will then be queued.
  3. If you click on Events, you should see it there and shortly within 5 min window it should disappear, if it does not then something is wrong, and you need to get a hold of satellite admin to investigate.

 

Downgrading  packages

  1. Click on systems, select the host, then software tab, and then profiles
    1. Select the stored profile of the date/time that Under “Compare to Stored Profile” and hit compare.
    2. You should see a list of packages that it is now going to synch back to, select sync package bottom right.
    3. You should see it go the events page, after about 5 mins it should no longer be listed in events, which means the server picked up the process and should begin downgrading shortly.