在CentOS 6上设置Spacewalk 2.3
时间:2020-03-21 11:47:10 来源:igfitidea点击:
在CentOS上设置Spacewalk软件内容管理系统。
准备工作
- 最低CentOS 6(x86_64)-确保基础操作系统是最新的,
- 建议在“ /”上有20GB的可用磁盘空间,或者
- “/var/satellite”安装在专用逻辑卷上,每个通道至少有6GB的磁盘空间,
- 如果使用PostgreSQL数据库后端,将'/var/lib/pgsql'安装在具有5GB磁盘空间的专用逻辑卷上,
- 建议使用SELinux强制模式,
- iptables已打开,而在WebUI的iptables上打开了入站TCP端口80和443,
- 一个完全限定的域名(FQDN),我们在本文中使用puppetm.vb.local。
设置Spacewalk服务器
$cat /etc/redhat-release CentOS release 6.6 (Final)
配置存储库
配置Spacewalk所需的存储库。
依赖项(jabberd,dojo等)需要EPEL。
在撰写本文时,最新的Spacewalk版本是2.3.
# rpm -Uvh http://yum.spacewalkproject.org/latest/RHEL/6/x86_64/spacewalk-repo-2.3-4.el6.noarch.rpm # rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
jpackage需要其他依赖项。
# cat << EOL >/etc/yum.repos.d/jpackage-generic.repo [jpackage-generic] name=JPackage generic mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=generic&type=free&release=5.0 enabled=1 gpgcheck=1 gpgkey=http://www.jpackage.org/jpackage.asc EOL
Yum存储库列表如下所示:
# yum clean all && yum repolist Loaded plugins: fastestmirror, presto Loading mirror speeds from cached hostfile * base: mirrors.clouvider.net * epel: mirrors.coreix.net * extras: centos.serverspace.co.uk * jpackage-generic: ftp.heanet.ie * updates: centos.serverspace.co.uk repo id repo name status base CentOS-6 - Base 6,518 epel Extra Packages for Enterprise Linux 6 - x86_64 11,750 extras CentOS-6 - Extras 38 jpackage-generic JPackage generic 3,307 spacewalk Spacewalk 115 updates CentOS-6 - Updates 1,370
安装和设置Spacewalk
让Spacewalk无需任何人工干预即可在我们的计算机上设置PostgreSQL服务器,并安装使Spacewalk运行所需的RPM集:
# yum install spacewalk-setup-postgresql spacewalk-postgresql
# spacewalk-setup --disconnected * Setting up SELinux.. ** Database: Setting up database connection for PostgreSQL backend. ** Database: Installing the database: ** Database: This is a long process that is logged in: ** Database: /var/log/rhn/install_db.log *** Progress: # ** Database: Installation complete. ** Database: Populating database. *** Progress: ############################# * Configuring tomcat. * Setting up users and groups. ** GPG: Initializing GPG and importing key. ** GPG: Creating /root/.gnupg directory You must enter an email address. Admin Email Address? Hyman@theitroad * Performing initial configuration. * Activating Spacewalk. ** Loading Spacewalk Certificate. ** Verifying certificate locally. ** Activating Spacewalk. * Configuring apache SSL virtual host. Should setup configure apache's default ssl server for you (saves original ssl.conf) [Y]? Setup was unable to locate VirtualHost section in existing mod_ssl configuration. * Configuring jabberd. * Creating SSL certificates. CA certificate password? ** Re-enter CA certificate password? ** Organization? CentOS6 Organization Unit [puppetm.vb.local]? Spacewalk Email Address [Hyman@theitroad]? City? Birmingham State? West Midlands Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? GB ** SSL: Generating CA certificate. ** SSL: Deploying CA certificate. ** SSL: Generating server certificate. ** SSL: Storing SSL certificates. * Deploying configuration files. * Update configuration in database. * Setting up Cobbler.. Cobbler requires tftp and xinetd services be turned on for PXE provisioning functionality. Enable these services [Y]? * Restarting services. Installation complete. Visit https://puppetm.vb.local to create the Spacewalk administrator account.
如果我们需要删除数据库(例如我们破坏了某些内容):
# /usr/bin/spacewalk-setup-postgresql remove --db rhnschema --user rhnuser
启用并启动服务:
# /usr/sbin/spacewalk-service enable ;/ /usr/sbin/spacewalk-service start
# /usr/sbin/spacewalk-service status postmaster (pid 3101) is running... router (pid 3126) is running... sm (pid 3134) is running... c2s (pid 3142) is running... s2s (pid 3150) is running... tomcat6 (pid 3212) is running... [ OK ] httpd (pid 3355) is running... osa-dispatcher (pid 3379) is running... rhn-search is running (3399). cobblerd (pid 3430) is running... RHN Taskomatic is running (3454).
创建频道和存储库
转到频道–>管理软件频道–>管理存储库–>创建新存储库
转到频道–>管理软件频道–>创建新频道
转到频道–>管理软件频道–>选择创建的频道–>存储库–>选择先前创建的存储库–>更新存储库
更新后,单击“同步”,然后单击“立即同步”以从上游服务器开始包同步。
包同步完成后,我们可以检查包:
转到系统–>激活密钥–>创建新密钥
将RPM软件包上传到Spacewalk
在某些情况下,我们可能需要将一两个自定义的RPM推送到Spacewalk。
可以使用rhnpush来完成此操作,方法是指定软件包需要进入的频道,例如:
# rhnpush -v --channel=checkinstall-el6 --server=http://localhost/APP --dir=packages Connecting to http://localhost/APP Username: admin Password: Package /root/packages/checkinstall-1.6.2-20.2.x86_64.rpm Not Found on RHN Server -- Uploading Uploading package /root/packages/checkinstall-1.6.2-20.2.x86_64.rpm Using POST request
设置Spacewalk客户端
安装Spacewalk yum存储库和匹配的EPEL存储库。
# rpm -Uvh http://yum.spacewalkproject.org/2.3-client/RHEL/6/x86_64/spacewalk-client-repo-2.3-2.el6.noarch.rpm # rpm -Uvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
安装客户端软件包:
# yum install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto yum-rhn-plugin
在服务器上安装Spacewalk的CA证书以启用SSL通信:
# wget -O /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT http://puppetm.vb.local/pub/RHN-ORG-TRUSTED-SSL-CERT
使用先前创建的激活密钥将系统注册到Spacewalk:
# cat /usr/local/bin/spacewalk-register.sh
#!/bin/bash
if [[ $# -gt 0 ]]; then
reg_opts="$*"
fi
if [[ $reg_opts =~ --(activationkey|profilename) ]]; then
echo "usage: # yum repolist
Loaded plugins: fastestmirror, rhnplugin, security
This system is receiving updates from RHN Classic or Red Hat Satellite.
Loading mirror speeds from cached hostfile
repo id repo name status
centos-6.6-parent-x86_64 centos-6.6-parent-x86_64 6,518
repolist: 6,518
"
echo " are passed as is to rhnreg_ks"
echo " do not use profile name or activationkey opts these are"
echo " hardcoded into the script"
exit 1
fi
read -p "Enter profile name: " profile
echo "Registering system as: ${profile}"
rhnreg_ks --force --activationkey="1-centos6-custom-spacewalk-key" \
--serverUrl=https://puppetm.vb.local/XMLRPC \
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT \
--profilename=${profile} ${reg_opts}
##代码##
