Using Red Hat Network Satellite Server to Manage Dell PowerEdge

Using Red Hat Network
Satellite Server to
Manage Dell PowerEdge
Servers
Enterprise Product Group (EPG)
Dell White Paper
By Todd Muirhead and Peter Lillian
July 2004
Contents
Executive Summary.................................................................................................................... 3
Introduction................................................................................................................................. 4
Red Hat Satellite Server Setup................................................................................................. 6
The Hardware ....................................................................................................................... 6
The Software ......................................................................................................................... 7
Satellite Server Install................................................................................7
Satellite Server Configuration..................................................................7
Updating and Managing Servers............................................................................................. 9
Custom Channels.....................................................................................10
Conclusions ............................................................................................................................... 12
Appendix A.
Satellite Sync Script .................................................................................... 13
Tables
Table 1: Red Hat Network Satellite Server: Minimum Requirements for any deployment and
configuration of PowerEdge 2650 used as Satellite Server for testing. ........................................ 6
Figures
Figure 1: Two Methods for updating servers from the Red Hat Network: The hosted model
(right) and the Satellite Server model (left)...................................................................................... 4
Figure 2 : Managing Systems with the RHN Satellite Server GUI...................................................... 10
July 2004
Page 2
Dell Enterprise Product Group
Section
1
Executive Summary
Red Hat Network provides a simple systems solution for updating, deploying, and
managing Red Hat Enterprise Linux systems. A subscription to Red Hat Enterprise Linux
includes access to the Red Hat Network update module via the Internet. Through the use
of a Red Hat Network Satellite server, customers can set up the Red Hat Network on their
local network, giving them additional features and functionality. This gives the customer
the ability to provide updates to their internal Red Hat Enterprise Linux systems without
having to use the Internet. Additionally, using the Red Hat Network Satellite model allows
customers to add their own custom content to be distributed and updated.
July 2004
Page 3
Dell Enterprise Product Group
Section
2
Introduction
Updating enterprise systems with the latest security, enhancements, and bug fixes is critical
in today’s IT environment. The Red Hat® Network provides the ability to deploy, manage,
and update packages for the Red Hat Enterprise Linux® operating system (OS)—
potentially saving time and support costs while keeping systems secure and up to date.
Internet access to the Red Hat Network is included as part of a subscription to Red Hat
Enterprise Linux software, enabling organizations to manage their enterprise systems
regularly with scheduled updates or automatically as updates become available. By
obtaining updates directly from Red Hat, administrators can procure patches, security
fixes, and enhancements that have been tested and authenticated by Red Hat engineers.
For a large number of servers, updates can consume a significant amount of bandwidth.
Additionally, some administrators need to distribute their own unique packages across
their infrastructure. To address these requirements, Red Hat offers the Satellite Server
model, which allows all subscribed Red Hat Network content and functionality to be
available locally (see Figure 1). Content can be downloaded from the Internet as updates
become available, or CD-ROM images of the updated content can be downloaded
separately and then loaded locally. Once the updates have been loaded, the Satellite Server
can be completely disconnected from the Internet, allowing Red Hat OS–based systems to
be updated through the Satellite Server while isolated or disconnected from the Internet.
.
Figure 1: Two Methods for updating servers from the Red Hat Network: The hosted model
(right) and the Satellite Server model (left)
l
July 2004
Page 4
Dell Enterprise Product Group
In many data centers, the number of Internet connections is minimized to maintain a high
level of security. The Satellite Server model allows for a completely disconnected
environment. However, administrators must determine how to transport the updates to an
isolated Satellite Server. The options are to connect the Satellite Server to the Internet, or to
load all the updates onto CD-ROMs and load the update content onto the local systems.
The Satellite Server model generally allows updates to occur faster than with Red Hat’s
hosted servers. Because the Satellite Server and the servers that are being updated through
the Satellite Server are on an internal network, the available bandwidth between them is
usually much greater than a connection over the Internet to Red Hat’s hosted servers. If
many systems must be updated and managed, then the increased speed of the Satellite
Server updates can be a deciding factor in determining which Red Hat Network model to
use.
Red Hat Network provides all of its software content in the form of channels. There is a
separate channel for each version of Red Hat Enterprise Linux. The channels that we chose
to provide on our Satellite server were the three Red Hat Enterprise Linux v.2.1 channels
for the AS, ES, and WS versions and also the three Red Hat Enterprise Linux v.3.0 channels
for the same three types.
Using a Red Hat Network Satellite Server also allows for the creation of custom channels
and the distribution of custom software packages. By creating a custom channel and
loading RPM™ (Red Hat Package Manager) software packages into that channel,
administrators can use the Satellite Server to distribute and later provide updates to those
packages.
The Red Hat Network offers three modules: Update, Management, and Provisioning. In the
Dell™ lab discussed in this article, only the Update and Management modules are used.
The Provisioning module adds the abilities to deploy, configure, manage, update, and
redeploy systems as well as the ability to take snapshots of systems for future rollback, if
needed. This article examines how the Dell lab uses the Red Hat Network Satellite Server
model to manage its Dell PowerEdge™ servers—including the installation and
configuration of the Satellite Server, updating of systems, and deployment of custom
updates and packages using the Update and Management modules.
July 2004
Page 5
Dell Enterprise Product Group
Section
3
Red Hat Satellite Server Setup
Administrators can install the Red Hat Network Satellite Server themselves or have it
installed as part of a services engagement. Red Hat offers a five-day service that includes
architecture assessment, installation, configuration, training, deployment, and
troubleshooting.
The Hardware
In March 2004 the Dell lab installed and configured a Satellite Server for its Dell
PowerEdge servers. Dell recommends using a Dell PowerEdge 2650 server for the Red Hat
Network Satellite Server. Figure 2 shows the configuration details for the PowerEdge 2650
used in the Dell lab as well as the minimum requirements for any Satellite Server.
RHN Satellite Minimum
Requirements
Dell PowerEdge 2650
Operating System
Red Hat Linux Advanced
Server 2.1
Red Hat Linux Advanced
Server 2.1
CPU
2x 2.4 GHz Intel® Xeon™
Processors DP
2x 2.8 GHz Intel Xeon
Processors DP
Memory
2 GB
4 GB
Internal Disks
3x 36 GB
5x 36 GB
NICs
Not Specified
2x 10/100/10001 Mb/s
(internal)
2x Intel Pro 1000XT Gb
Disk Controller
SCSI recommended
PERC/3di Dual Channel
Table 1: Red Hat Network Satellite Server: Minimum Requirements for any deployment
and configuration of PowerEdge 2650 used as Satellite Server for testing.
In the Dell lab, the five internal disks of the PowerEdge 2650 were configured as RAID-5 to
provide the maximum amount of storage. One network interface card (NIC) is connected to
the internal network and the other is connected to a network that has Internet access. Only
one NIC at a time is used, and the firewall is always running to keep security at a high
level.
July 2004
Page 6
Dell Enterprise Product Group
The Software
The first step for the team at the Dell lab was to install Red Hat Enterprise Linux AS 2.1 on
the Dell PowerEdge 2650. Using the latest version of Dell OpenManage™ Server Assistant,
the team quickly installed the OS on the PowerEdge 2650, finishing in about 30 minutes.
The firewall was configured on the server with only ports 23 (ssh), 80 (http), and 443 (https)
open.
Satellite Server Install
A Satellite Server installation can be completed using the graphical user interface (GUI) or
command-line interface (CLI)—both provide the same options. Using the GUI allows
administrators to quickly and easily provide the correct information for all options. The
Red Hat Network entitlement certificate, which is included as part of the Satellite Server
purchase, must be provided during installation. The location of the entitlement certificate
file can be specified, or the information can be entered in the provided spaces.
Administrators also have the option of using an embedded database server or a separate
database server. A database is required as part of the Satellite Server model to manage
channel content as well as the package content of each internal server. In the Dell lab, the
local embedded database option was selected for ease of installation.
The option to create a Secure Sockets Layer (SSL) certificate is also presented during
installation. To help maintain the highest level of security for the system, administrators
should complete this step.
A final option in the setup is to create a bootstrap script. This script can greatly simplify the
client systems’ configuration and connection to the Satellite Server. The required fields
should be prepopulated with the necessary information based on information entered in
previous steps. In the Dell lab, the bootstrap file was saved in the
/var/www/html/pub/bootstrap directory.
During the installation process, the Red Hat Network Satellite Server will update itself to
all the proper patch levels. Best practices strongly recommend that administrators reboot
this server after completing the installation process. If a kernel update was included, then
administrators must reboot so that the system can boot with the new kernel.
Satellite Server Configuration
In the Dell lab, the two NICs in the Satellite Server were connected and configured so that
one NIC had access to the Internet and the other NIC was connected to the isolated lab
network. The NIC with access to the Internet was disabled by default at boot and only
enabled during downloads of Red Hat Network content from the Red Hat hosted servers
on the Internet. To ensure this, the Dell team created a simple script for calling the Red Hat
Network update that includes the enablement and disablement of the NIC as part of the
update download process. Complete script is listed in appendix A.
July 2004
Page 7
Dell Enterprise Product Group
Script execution includes downloading all entitled channels. The initial download of
channel packages can take several hours, depending on the connection speed, because
there are up to 3 GB of packages per channel. Subsequent channel updates download only
the incremental changes and usually complete in less than an hour, depending on
connection speed.
For the initial channel synchronization, loading the channel content through Red Hat
Network CD-ROMs is recommended. The Red Hat Network Web site provides CD-ROM
ISO image files that can be used to create the CD-ROMs. Using the CD-ROMs can greatly
reduce the time required for the initial channel synchronization. The Satellite Server can
still download incremental updates from the Internet if the initial process is performed
using CD-ROMs.
Once the channel content has been loaded onto the Satellite Server, the server is ready for
use. Administrators should enter the fully qualified host name of the Satellite Server into a
Web browser to launch the administration tool. A Satellite Server administrator account
must be created the first time the server is used; this account information will be required
for entry on subsequent visits.
July 2004
Page 8
Dell Enterprise Product Group
Section
5
Updating and Managing Servers
New clients can be added to the Red Hat Network Satellite Server by using the bootstrap
script that was created during the Satellite Server installation. The bootstrap script for Red
Hat Enterprise Linux 2.1 is bootstrap-AS-2.1.sh, and the script for Red Hat Enterprise Linux
3.0 is bootstrap.sh. The following command should be executed on the client with the
appropriate script name:
wget –O – https://<Satellite Server Name>/pub/bootstrap/<bootstrap script> | /bin/bash
This command will download the script and then execute it in a bash shell. When this
command is executed on each client, the bootstrap script updates the necessary Red Hat
Network components, registers each system with the Satellite Server, and performs the
initial update with the channel content to which the system has been subscribed. Any
configuration files for already installed packages will be saved with .rpmsave or .rpmnew
added to the end of the filename. In the Dell lab, the update of a system that was running
the initial version of Red Hat Enterprise Linux AS 2.1 was completed in less than 5
minutes, even though the server required more than 100 updates.
If the bootstrap script is not used to accomplish all these tasks, administrators can perform
them individually. The Red Hat Network Client Configuration Guide and the Red Hat Network
Satellite Server 3.2 with Embedded Database Installation Guide provide detailed instructions on
the specific steps that must be taken to perform these tasks individually. Guides are
available from https://rhn.redhat.com once a login and entitlement has been obtained by
going to the “help” section.
Clients that have been added to the Red Hat Network Satellite Server will now appear in
the management console where their current update status can be viewed See Figure 2.
July 2004
Page 9
Dell Enterprise Product Group
Figure 2 : Managing Systems with the RHN Satellite Server GUI
Custom Channels
In addition to the default channels, custom channels can be added to the Satellite Server.
Custom channels can contain packages that are not standard Red Hat packages, but they
must be in the RPM format. If the software to be distributed and managed is not currently
an RPM, then the rpmbuild command can be used to create an RPM. Several third-party
software packages are already offered as RPMs, so in many cases administrators will not be
required to build one.
In the Dell lab, many of the servers are connected to a Dell/EMC storage area network
(SAN). Every system attached to the SAN must have EMC® Navisphere® Agent software
installed. This agent allows for communication between the Dell/EMC storage arrays and
the server. A custom channel was created to provide the Navisphere Agent to the SANconnected servers.
The default channels are known as parent channels; any custom channels that are created
must be a child channel of one of the parent channels. In the Dell lab, a child channel called
naviagent was created for the Red Hat Enterprise Linux AS 2.1 channel through the
Manage Software Channels page of the Satellite Server administration tool. After clicking
the Create New Channel button, the Dell team selected the parent channel name.
Navisphere Agent was specified as the channel name and Naviagent as the channel label.
To upload an RPM into a custom channel, administrators must use the rhnpush
command. The Dell team downloaded the most recent Navisphere Agent RPM from EMC
to the Satellite Server and used the following command to upload it into the Naviagent
channel:
rhnpush –c naviagent –nosig –server http://<satelite_server_name>/APP naviagent6.4.0.5.0-1.i386.rpm
The –nosig option was used because this RPM was not signed with a security key.
Multiple packages can be uploaded simultaneously simply by listing them at the end of the
July 2004
Page 10
Dell Enterprise Product Group
command. Administrators can create a digital signature for customer-created channels to
ensure that packages did in fact come from the Satellite Server.
The Dell team added the Naviagent channel for the SAN-connected servers. The next time
the servers connected to the Satellite Server for updates, they received the new Navisphere
Agent as well as any new Red Hat updates.
.
July 2004
Page 11
Dell Enterprise Product Group
Section
6
Conclusions
The Red Hat Network Satellite Server model can provide an excellent way to manage
updates and software deployments for Red Hat Enterprise Linux systems. Using the
Satellite Server model, the Dell lab was able to completely automate the deployment of the
latest Red Hat patches and updates to its Red Hat Linux-based servers. Additionally, the
ability to add custom channels to the Satellite Server allowed the lab to deploy and update
other software needed on the servers. Besides providing an efficient method for updating
the lab’s Red Hat Enterprise Linux–based servers, the Satellite Server model can potentially
save numerous hours of effort each time a new update is required compared to traditional
manual methods.
For more information on Red Hat Network, please visit http://www.redhat.com/rhn
1This term indicates compliance with IEEE standard 802.3ab for Gigabit Ethernet, and does not connote actual operating speed of 1
Gb/sec. For high speed transmission, connection to a Gigabit Ethernet server and network infrastructure is required.
THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND
TECHNICAL INACCURACIES. THE CONTENT IS PROVIDED AS IS, WITHOUT EXPRESS OR IMPLIED WARRANTIES OF ANY
KIND.
Dell, PowerEdge, and PowerConnect are trademarks of Dell Inc. Intel and Xeon are registered trademarks of Intel Corp. Red Hat and
Red Hat Linux are trademarks of Red Hat, Inc. Other trademarks and trade names may be used in this document to refer to either the
entities claiming the marks and names or their products. Dell disclaims proprietary interest in the marks and names of others.
©Copyright 2004 Dell Inc. All rights reserved. Reproduction in any manner whatsoever without the express written permission of
Dell Inc. is strictly forbidden. For more information, contact Dell.
Information in this document is subject to change without notice.
July 2004
Page 12
Dell Enterprise Product Group
Appendix A. Satellite Sync Script
ifdown eth1
sleep 10
ifup eth0
sleep 120
satellite-sync -c redhat-advanced-server-i386 -c redhat-ent-linux- i386-es-2.1 -c redhat-entlinux-i386-ws-2.1 -c rhel-i386-as-3 –c rhel-i386-es-3 -c rhel-i386-ws-3
ifdown eth0
sleep 10
ifup eth1
July 2004
Page 13
Dell Enterprise Product Group