Register Clients with a Bootstrap Script
Registering clients with a bootstrap script gives you control over parameters, and can help if you have to register a large number of clients at once. This method works for both Salt and traditional clients.
To register clients using a bootstrap script, we recommend you create a template bootstrap script to begin, which can then be copied and modified. The bootstrap script you create is executed on the client when it is registered, and ensures all the necessary packages are deployed to the client. There are some parameters contained in the bootstrap script, which ensure the client system can be assigned to its base channel, including activation keys and GPG keys.
It is important that you check the repository information carefully, to ensure it matches the base channel repository. If the repository information does not match exactly, the bootstrap script will not be able to download the correct packages.
A bootstrap repository is needed for non-SLE clients in general and for SLE clients before version 15. A bootstrap offers packages for installing Salt on clients and for registering Salt or traditional clients. For information about creating a bootstrap repository, see client-configuration:bootstrap-repository.adoc. |
If you are bootstrapping Salt clients using the Web UI, you will need to ensure that the client system has Python installed before you begin.
For Salt clients running SUSE Linux Enterprise Server 12 or older, you will also require the python-xml
package.
GPG Keys and Uyuni Client Tools
The GPG key used by Uyuni Client Tools is not trusted by default.
When you create your bootstrap script, add a path to the file containing the public key fingerprint with the |
openSUSE Leap 15 and SLES 15 and Python 3
openSUSE Leap 15 and SLE 15 use Python 3 by default. Bootstrap scripts based on Python 2 must be re-created for openSUSE Leap 15 and SLE 15 systems. Attempting to register openSUSE Leap 15 or SLE 15 systems using Python 2 bootstrap scripts will fail. |
Create a Bootstrap Script
You can use the Uyuni Web UI to create an editable bootstrap script.
-
In the Uyuni Web UI, navigate to
. -
In the
SUSE Manager Configuration - Bootstrap
dialog, uncheck theBootstrap using Salt
checkbox if you are installing a traditional client. For Salt clients, leave it checked. -
The required fields are pre-populated with values derived from previous installation steps. For details on each setting, see reference:admin/bootstrap-script.adoc.
-
Click Update create the script.
-
The bootstrap script is generated and stored on the server in the
/srv/www/htdocs/pub/bootstrap
directory. Alternatively, you can access the bootstrap script over HTTPS. Replaceexample.com
with the host name of your Uyuni Server:
https://<example.com>/pub/bootstrap/bootstrap.sh
Do not disable SSL in your bootstrap script.
Ensure that |
To register and use CentOS 6, Oracle Linux 6, Red Hat Enterprise Linux 6, or SUSE Linux Enterprise Server with Expanded Support 6 clients, you need to configure the Uyuni Server to support older types of SSL encryption.
For more information about how to resolve this error, see |
Editing a Bootstrap Script
You can copy and modify the template bootstrap script you created to customize it. A minimal requirement when modifying a bootstrap script for use with Uyuni is the inclusion of an activation key. Most packages are signed with GPG, so you will also need to have trusted GPG keys on your system to install them.
In this procedure, you will need to know the exact name of your activation keys.
Navigate to Tasks
box, click Manage Activation Keys
.
All keys created for channels are listed on this page.
You must enter the full name of the key you wish to use in the bootstrap script exactly as presented in the key field.
For more information about activation keys, see client-configuration:clients-and-activation-keys.adoc.
-
On your Uyuni server, as root at the command line change to the bootstrap directory with:
cd /srv/www/htdocs/pub/bootstrap/
-
Create and rename two copies of the template bootstrap script for use with each of your clients.
cp bootstrap.sh bootstrap-sles12.sh cp bootstrap.sh bootstrap-sles15.sh
-
Open
bootstrap-sles12.sh
for modification. Scroll down until you can see the text shown below. Ifexit 1
exists in the file, comment it out by typing a hash or pound sign (#) at the beginning of the line. This activates the script. Enter the name of the key for this script in theACTIVATION_KEYS=
field:echo "Enable this script: comment (with #'s) this block (or, at least just" echo "the exit below)" echo #exit 1 # can be edited, but probably correct (unless created during initial install): # NOTE: ACTIVATION_KEYS *must* be used to bootstrap a client machine. ACTIVATION_KEYS=1-sles12 ORG_GPG_KEY=
-
When you have finished, save the file, and repeat this procedure for the second bootstrap script.
Connect Clients
When you have finished creating your script, you can use it to register clients.
-
On the Uyuni Server, log in as root. At the command prompt, and change to the bootstrap directory:
cd /srv/www/htdocs/pub/bootstrap/
-
Run this command to execute the bootstrap script on the client; replace
EXAMPLE.COM
with the host name of your client:cat bootstrap-sles12.sh | ssh root@EXAMPLE.COM /bin/bash
The script will execute and proceed to download the required dependencies located in the repositories directory you created earlier.
-
When the script has finished running, you can check that your client is registered correctly by opening the Uyuni Web UI and navigating to
to ensure the new client is listed.
When new packages or updates are installed on the client using Uyuni, any end user license agreements (EULAs) are automatically accepted. To review a package EULA, open the package detail page in the Web UI. |
Package Locks
Package locks can only be used on traditional clients that use the Zypper package manager. The feature is not currently supported on Red Hat Enterprise Linux or Salt clients. |
Package locks are used to prevent unauthorized installation or upgrades to software packages on traditional clients. When a package has been locked, it will show a padlock icon, indicating that it can not be installed. Any attempt to install a locked package will be reported as an error in the event log.
Locked packages can not be installed, upgraded, or removed, either through the Uyuni Web UI, or directly on the client machine using a package manager. Locked packages will also indirectly lock any dependent packages.
-
On the client machine, install the
zypp-plugin-spacewalk
package asroot
:zypper in zypp-plugin-spacewalk
-
Navigate to the
tab on the managed system to see a list of all available packages. -
Select the packages to lock, and click Request Lock. You can also choose to enter a date and time for the lock to activate. Leave the date and time blank if you want the lock to activate as soon as possible. Note that the lock might not activate immediately.
-
To remove a package lock, select the packages to unlock and click Request Unlock. Leave the date and time blank if you want the lock to deactivate as soon as possible. Note that the lock might not deactivate immediately.