Spacewalk is an open-source package & system management solution developed by the spacewalk community for RedHat derivative distributions like CentOS, Scientific Linux and Fedora.
We’ll cover the Installation of Spacewalk on our CentOS Server to manage & view the updates for the system that are registered with Spacewalk.
Features of Spacewalk:
- Systems Inventory
- Installtion & Updating of System Packages
- Kick-start Installation
- Deploy and Manage the Configuration files from a single location
- Start / Stop / Disable / Configure the guests.
- Distribute the content using proxy across multiple Geographical location.
Requirements:
- Outbound open ports 80,443
- Inbound open ports 80,443,5222 (for pushing actions to client machines), 5269 (only for push actions to a Spacewalk proxy), 69 udp if you want to use tftp
- Storage for DB: 250 KB per client + 500 KB per channel + 230 KB per package
- Storage for packages (default /var/satellite): Depends upon the data you want to store. Red Hat recommend 6 GB per channel.
- 2GB RAM minimum, 4GB recommended
- Underlying (Spacewalk Server) OS is fully up-to-date.
Environment:
Hostname: server.osradar.local
IP Address: 192.168.1.10
OS: CenOS Linux release 7.4.1708 (Core)
Note:Make sure the system is Configured with static IP Address.
Pre-Requisite
Add repositories and Install the latest Spacewalk version:
yum install -y yum-plugin-tmprepo
yum install -y spacewalk-repo --tmprepo=https://copr-be.cloud.fedoraproject.org/results/%40spacewalkproject/spacewalk-2.9/epel-7-x86_64/repodata/repomd.xml --nogpg
You can set up EPEL repo in CentOS 7 by
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
Subscribe to Optional channels
subscription-manager repos --enable rhel-7-server-optional-rpms
Your Spacewalk server should have a resolvable fully-qualified domain name (FQDN) like hostname.domain.com
edit /etc/hosts file.
vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Your Spacewalk Server
192.168.1.10 server.osradar.local server
Modify it according to your own environment
Allow Firewall to access ports as we mentioned in Pre-Requisites:
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
Now, add port 5222 for client machines & 5269 for push actions to a Spacewalk Proxy, 69 udp if you want to use tftp.
firewall-cmd --permanent --add-port=5222/tcp --add-port=5269/tcp --add-port=69/udp
Restart firewall services.
firewall-cmd --reload
SpaceWalk Database
Spacewalk uses PostgreSQL as a database for storing its data.
It provides easy installation and runs the Spacewalk in no time. Here, we will use the embedded database for the Spacewalk installation.
yum -y install spacewalk-setup-postgresql
You have the option to add an external database.
Install Spacewalk
Run the below command for postgresql
yum install -y spacewalk -y spacewalk-postgresql
Configure Spacewalk
After Installing the embedded database, run the below command. It’ll ask to enter the admin mail & organization details to generate the self-signed certificate for secure access.
spacewalk-setup
Output:
Setting up SELinux..
** Database: Setting up database connection for PostgreSQL backend.
Database "rhnschema" does not exist
** Database: Installing the database:
** Database: This is a long process that is logged in:
** Database: /var/log/rhn/install_db.log
*** Progress: ###
** Database: Installation complete.
** Database: Populating database.
*** Progress: ##########################
Configuring tomcat.
Setting up users and groups.
** GPG: Initializing GPG and importing key.
** GPG: Creating /root/.gnupg directory
You must enter an email address.
Admin Email Address? [email protected]
Performing initial configuration.
Configuring apache SSL virtual host.
Should setup configure apache's default ssl server for you (saves original ssl.conf) [Y]? Y << Press Y
** /etc/httpd/conf.d/ssl.conf has been backed up to ssl.conf-swsave
Configuring jabberd.
Creating SSL certificates.
CA certificate password? << Enter Certificate Password
Re-enter CA certificate password? << Re Enter Certificate Password
Cname alias of the machine (comma seperated)? server.osradar.local,server << Certificate Subject Name (Your Domain Name)
Organization? OSRADAR << Your Organization Name
Organization Unit [server.osradar.local]? IT << Your Organization Unit
Email Address [[email protected]]? << Email Address
City? Albany << Your City
State? NY << Your State #
Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? US << Your Country
** SSL: Generating CA certificate.
** SSL: Deploying CA certificate.
** SSL: Generating server certificate.
** SSL: Storing SSL certificates.
Deploying configuration files.
Update configuration in database.
Setting up Cobbler..
Cobbler requires tftp and xinetd services be turned on for PXE provisioning functionality. Enable these services [Y]? Y << Press Y
Restarting services.
Installation complete.
Visit https://server.osradar.local to create the Spacewalk administrator account.
See the status of spacewalk by running
/usr/sbin/spacewalk-service status
Run the given command to set up by yourself.
/usr/sbin/spacewalk-service start
Access Spacewalk.
Open your browser & navigate it to the below URL.
https://your-domain-name
You’ll require to add exceptions for the self-signed certificate.
Now, you’ll ask to create an Administrator account for spacewalk, set it & click on Create organization.
After creating account you’ll be redirected to admin panel where you can perform all the tasks allowed to administrator.
Congratulations! You’ve finished up installing Spacewalk on CentOS 7.
