Registering CentOS Clients
This section contains information about registering traditional and Salt clients running CentOS operating systems.
CentOS clients are based on CentOS and are unrelated to SUSE Linux Enterprise Server with Expanded Support, RES, Red Hat, or Expanded Support. You are responsible for arranging access to CentOS base media repositories and CentOS installation media, as well as connecting Uyuni Server to the CentOS content delivery network. |
Traditional clients are not available on CentOS 8. CentOS 8 clients are only supported as Salt clients. |
Add Software Channels
Before you register CentOS clients to your Uyuni Server, check that you have the CentOS product enabled, and the required channels are fully synchronized.
The channels you need for this procedure are:
OS Version | Base Channel | Client Channel | Updates Channel |
---|---|---|---|
CentOS 6 |
centos6 |
centos6-uyuni-client |
centos6-updates |
CentOS 7 |
centos7 |
centos7-uyuni-client |
centos7-updates |
CentOS 8 |
centos8 |
centos8-uyuni-client |
centos8-appstream |
-
At the command prompt on the Uyuni Server, as root, use the
spacewalk-common-channels
command to add the appropriate channels:spacewalk-common-channels \ <base_channel_name> \ <child_channel_name_1> \ <child_channel_name_2> \ ... <child_channel_name_n>
The client tools channel provided by |
For CentOS 8 clients, add both the Base and Appstream channels. You will require packages from both channels. If you do not add both channels, you will not be able to create the bootstrap repository, due to missing packages. |
Check Synchronization Status
-
In the Uyuni Web UI, navigate to
, then click the channel associated to the repository. -
Navigate to the
Repositories
tab, then clickSync
and checkSync Status
.
-
At the command prompt on the Uyuni Server, as root, use the
tail
command to check the synchronization log file:tail -f /var/log/rhn/reposync/<channel-label>.log
-
Each child channel generates its own log during the synchronization progress. You will need to check all the base and child channel log files to be sure that the synchronization is complete.
Create an Activation Key
You will need to create an activation key that is associated with your CentOS channels.
For more information on activation keys, see Activation Keys.
Trust GPG Keys on Clients
By default, some operating systems do not trust the GPG key for the Uyuni client tools. The clients can be successfully bootstrapped without the GPG key being trusted. However, you will not be able to install new client tool packages or update them until the keys are trusted.
-
On the Uyuni Server, at the command prompt, check the contents of the
/srv/www/htdocs/pub/
directory. This directory contains all available public keys. Take a note of the key that applies to the client you are registering. -
Open the relevant bootstrap script, locate the
ORG_GPG_KEY=
parameter and add the required key. For example:uyuni-gpg-pubkey-0d20833e.key
You do not need to delete any previously stored keys.
-
If you are bootstrapping clients from the Uyuni Web UI, you will need to use a Salt state to trust the key. Create the Salt state and assign it to the organization. You can then use an activation key and configuration channels to deploy the key to the clients.
Register Clients
CentOS clients are registered in the same way as all other clients. For more information, see Client Registration Overview.
To register and use CentOS 6 clients, you need to configure the Uyuni Server to support older types of SSL encryption.
For more information about how to resolve this error, see |
Manage Errata
When you update CentOS clients, the packages do not include metadata about the updates. You can use a third-party errata service to obtain this information.
-
On the Uyuni Server, from the command prompt, as root, add the
sle-module-development-tools
module:SUSEConnect --product sle-module-development-tools/15.2/x86_64
-
Install the errata service:
zypper in perl-Text-Unidecode
-
Create a file for your errata script:
touch /usr/local/bin/cent-errata.sh
-
Edit the new file to include this script, editing the repository details as required. This script fetches the errata details from an external errata service, unpacks it, and publishes the details:
#!/bin/bash mkdir -p /usr/local/centos cd /usr/local/centos rm *.xml wget -c http://cefs.steve-meier.de/errata.latest.xml #wget -c https://www.redhat.com/security/data/oval/com.redhat.rhsa-all.xml wget -c https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml wget -c http://cefs.steve-meier.de/errata-import.tar tar xvf errata-import.tar chmod +x /usr/local/centos/errata-import.pl export SPACEWALK_USER='<adminname>';export SPACEWALK_PASS='<password>' /usr/local/centos/errata-import.pl --server '<servername>' \ --errata /usr/local/centos/errata.latest.xml \ --include-channels=centos7-x86_64-updates,centos7-x86_64,centos7-x86_64-extras \ --publish --rhsa-oval /usr/local/centos/com.redhat.rhsa-RHEL7.xml
-
Set up a cron job to run the script daily:
ln -s /usr/local/bin/cent-errata.sh /etc/cron.daily
For more information on this tool, see https://cefs.steve-meier.de/.