Registering CentOS Clients
This section contains information about registering traditional and Salt clients running CentOS operating systems.
CentOS clients are based on CentOS and are unrelated to SUSE Linux Enterprise Server with Expanded Support, RES, Red Hat, or Expanded Support. You are responsible for arranging access to CentOS base media repositories and CentOS installation media, as well as connecting Uyuni Server to the CentOS content delivery network. |
Traditional clients are not available on CentOS 8. CentOS 8 clients are only supported as Salt clients. |
Server Requirements
Before you begin, check that your Uyuni Server meets the requirements at installation:hardware-requirements.adoc.
Taskomatic uses one CPU core, and requires at least 3072 MB of RAM.
To ensure that taskomatic has access to enough memory, open the /etc/rhn/rhn.conf
configuration file, and add this line:
taskomatic.java.maxmemory=3072
Restart Taskomatic:
systemctl restart taskomatic
Channel and Repository Management
Before you register CentOS clients to your Uyuni Server, check that you have the CentOS product enabled, and the required channels are fully synchronized.
For CentOS 8 clients, add both the |
-
At the command prompt on the Uyuni Server, as root, add the CentOS base, updates, and client channels, specifying the CentOS version and architecture:
-
For CentOS 6:
spacewalk-common-channels -a x86_64 centos6 \ centos6-uyuni-client centos6-updates
-
For CentOS 7:
spacewalk-common-channels -a x86_64 centos7 \ centos7-uyuni-client centos7-updates
-
For CentOS 8:
spacewalk-common-channels -a x86_64 centos8 \ centos8-uyuni-client centos8-appstream
-
The client tools channel provided by |
There are two ways to check if a channel has finished synchronizing:
-
In the Uyuni Web UI, navigate to
, then click the channel associated to the repository. Navigate to theRepositories
tab, then clickSync
and checkSync Status
. -
Check the synchronization log file at the command prompt:
tail -f /var/log/rhn/reposync/<channel-label>.log
Each child channel will generate its own log during the synchronization progress. You will need to check all the base and child channel log files to be sure that the synchronization is complete.
Create an Activation Key
You will need to create an activation key that is associated with your CentOS channels.
For more information on activation keys, see client-configuration:clients-and-activation-keys.adoc.
Trust GPG Keys on Clients
By default, CentOS does not trust the GPG key for Uyuni CentOS client tools.
The clients can be successfully bootstrapped without the GPG key being trusted.
However, they will not be able to install new client tool packages or update them.
To fix this, add this key to the ORG_GPG_KEY=
parameter in all CentOS bootstrap scripts:
uyuni-gpg-pubkey-0d20833e.key
You do not need to delete any previously stored keys.
If you are bootstrapping clients from the Uyuni Web UI, you will need to use a Salt state to trust the key. Create the Salt state and assign it to the organization. You can then use an activation key and configuration channels to deploy the key to the clients.
Register Clients
CentOS clients are registered in the same way as all other clients. For more information, see client-configuration:registration-overview.adoc.
To register and use CentOS 6 clients, you need to configure the Uyuni Server to support older types of SSL encryption.
For more information about how to resolve this error, see |
Manage Errata
When you update CentOS clients, the packages do not include metadata about the updates. You can use a third-party errata service to obtain this information.
-
From the command prompt, as root, add the
sle-module-development-tools
module:SUSEConnect --product sle-module-development-tools/15.1/x86_64
-
Install the errata service:
zypper in perl-Text-Unidecode
-
Create a file for your errata script:
touch /usr/local/bin/cent-errata.sh
-
Edit the new file to include this script, editing the repository details as required. This script fetches the errata details from an external errata service, unpacks it, and publishes the details:
#!/bin/bash mkdir -p /usr/local/centos cd /usr/local/centos rm *.xml wget -c http://cefs.steve-meier.de/errata.latest.xml #wget -c https://www.redhat.com/security/data/oval/com.redhat.rhsa-all.xml wget -c https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml wget -c http://cefs.steve-meier.de/errata-import.tar tar xvf errata-import.tar chmod +x /usr/local/centos/errata-import.pl export SPACEWALK_USER='<adminname>';export SPACEWALK_PASS='<password>' /usr/local/centos/errata-import.pl --server '<servername>' \ --errata /usr/local/centos/errata.latest.xml \ --include-channels=centos7-x86_64-updates,centos7-x86_64,centos7-x86_64-extras \ --publish --rhsa-oval /usr/local/centos/com.redhat.rhsa-RHEL7.xml
-
Set up a cron job to run the script daily:
ln -s /usr/local/bin/cent-errata.sh /etc/cron.daily
For more information on this tool, see https://cefs.steve-meier.de/.