6.4. Systems

If you click the Systems tab on the top navigation bar, the Systems category and links appear. The pages in the Systems category allow you to select systems so that you can perform actions on them and create System Profiles.

6.4.1. Overview —

As shown in Figure 6-3, the Overview page provides a summary of your systems, including their status, number of associated Errata and packages, and entitlement level. Clicking on the name of a system takes you to its System Details page. Refer to Section 6.4.2.6 System Details for more information.

Figure 6-3. Systems Overview

Clicking the View System Groups link at the top of the Overview page takes you to a similar summary of your system groups. It identifies group status and displays the number of systems contained. Clicking on the number of systems takes you to the Systems tab of the System Group Details page, while clicking on the system name takes you to the Details tab. Refer to Section 6.4.3.3 System Group Details — for more information.

You can also click the Use Group button in the System Groups section of the Overview page to go directly to the System Set Manager. Refer to Section 6.4.4 System Set Manager — for more information.

6.4.2. Systems

The Systems page displays a list of all your registered systems. The Systems list contains several columns of information for each system:

Links in the left navigation bar below Systems enable you to select and view predefined sets of your systems. All of the options described above can be applied within these pages.

6.4.2.1. All

The All page contains the default set of your systems. It displays every system you have permission to manage. A user has permission to manage a system if he is the only user in his organization, if he is an Organization Administrator, or if the system is a member of a group to which he has admin rights.

6.4.2.2. Out of Date

The Out of Date page displays the systems that have applicable Errata Alerts that have not been applied.

6.4.2.3. Unentitled —

The Unentitled page displays the systems that have not yet been entitled for Red Hat Network service.

6.4.2.4. Ungrouped

The Ungrouped page displays the systems that have not yet been assigned to a specific system group.

6.4.2.5. Inactive

The Inactive page displays the systems that have not checked into RHN for 24 hours or more. When the Red Hat Update Agent connects to RHN to see if there are any updates available or if any actions have been scheduled, this is considered a checkin. If you are seeing a message indicating checkins are not taking place, the RHN client on your system is not successfully reaching Red Hat Network for some reason. This indicates:

  • The system is not entitled to any RHN service. System Profiles that remain unentitled for 180 days (6 months) are removed.

  • The system is entitled, but the Red Hat Network Daemon has been disabled on the system. Refer to Chapter 3 Red Hat Network Daemon for instructions on restarting and troubleshooting.

  • The system is behind a firewall that does not allow connections over https (port 443).

  • The system is behind an HTTP proxy server that has not been properly configured.

  • The system is connected to an RHN Proxy Server or RHN Satellite Server that has not been properly configured.

  • The system itself has not been properly configured, perhaps pointing at the wrong RHN Server.

  • The system is not on the network.

  • Some other barrier exists between the system and the RHN Servers.

6.4.2.6. System Details

If you click on the name of a system on any page, it will display the System Details page for the system. From here, you may modify this information or remove the system altogether by clicking the delete system link on the top-right corner.

The System Details page is further divided into tabs:

6.4.2.6.1. System Details ⇒ Details

Displays information about the system. This is the first tab you see when you click on a system. It offers direct access to some of the functionality provided in subsequent tabs. For instance, under the System Info heading, a message should appear describing the status of this machine. If it states "Critical updates available" you may click the update now link to apply all relevant Errata Updates to the individual system, as you would under the Errata tab.

In addition, some Management-level functions can be accessed only on this tab. Most importantly, a system may be locked by clicking the Lock system link near the bottom-left corner of the page. This prohibits the scheduling of any action through RHN that would affect the system, including package updates and system reboots. To undo this, click the Unlock system link in the same location.

The Details tab contains the following subsets of information:

6.4.2.6.1.1. System Details ⇒ Details ⇒ Overview

A summary of the system's details. In addition to the system status message, the Overview subtab contains basic System Info, Subscribed Channels, and System Properties. Clicking the Alter Channel Subscriptions link takes you to the Channels tab, while clicking the Edit these properties link takes you to the Properties subtab. See the following sections for more information.

6.4.2.6.1.2. System Details ⇒ Details ⇒ Properties

The profile name, entitlement level, notification choice, daily summary, auto-Errata update, and physical location of the system, including street address, city, state, country, building, room, and rack. To modify this information, make your changes and click the Update Properties button. Note that many of these properties can be set for multiple systems at once through the System Set Manager interface. Refer to Section 6.4.4 System Set Manager — for details. The following properties deserve additional explanation:

  • Receive Notifications of Updates/Errata — This setting keeps you abreast of all advisories pertaining to the system. Anytime an update is produced and released for the system, a notification is sent via email.

  • Include system in daily summary report calculations — This setting includes the system in a daily summary of system events. (By default, all Management and Provisioning systems are included in the summary.) These are actions affecting packages, such as scheduled Errata Updates, and system reboots or failures to check in. In addition to including the system here, you must choose to receive email notifications in the Your Preferences page of the Your RHN category. Refer to Section 6.3.2 Your Preferences for instructions. Note that RHN will send these summaries only to verified email addresses.

  • Automatic application of relevant errata — This setting allows you have all Errata Updates automatically applied to a system. This means packages associated with Errata will be updated without any user intervention. Customers should note that Red Hat does not recommend the use of the auto-update feature for production systems because conflicts between packages and environments can cause system failures. The Red Hat Network Daemon must be enabled on the systems for this feature to work.

6.4.2.6.1.3. System Details ⇒ Details ⇒ Hardware

Detailed information about the system, including networking, BIOS, storage, and other devices. This appears only if you selected to include the hardware profile for this machine during registration. If the hardware profile looks incomplete or outdated, click the Schedule Hardware Refresh button to schedule a Hardware Profile update for your system. The next time the RHN Daemon connects to RHN, it will update your System Profile with the latest list of hardware.

6.4.2.6.1.4. System Details ⇒ Details ⇒ Notes

A place to create notes about the system. To add a new note, click the create new note button, type a subject and details, and click the Create button. To modify a note, click on its subject in the list of notes, make your changes, and click the Update button. To remove a note, click on its subject in the list of notes and then click the delete note button.

6.4.2.6.1.5. System Details ⇒ Details ⇒ Custom Info —

Completely customizable information about the system. Unlike a note, information included here is more formal and can be searched upon. For instance, you may decide to identify an asset tag for each system. To do this, you must first create an asset key within the Custom System Info page. Refer to Section 6.4.9 Custom System Info — for instructions. Once the key exists, you may assign a value to it by clicking create new value here. Click the name of the key in the resulting list and enter a value for it in the Description field, such as "Example#456." Then click the Update Key button.

6.4.2.6.1.6. System Details ⇒ Details ⇒ Reactivation —

A System Profile-specific activation key. This allows you to create an activation key encompassing this system's ID, history, groups, and channels. You may then use this key only once with the rhnreg_ks command line utility to re-register this system and regain all Red Hat Network settings. Refer to Section 2.5 Registering with Activation Keys for instructions. Unlike typical activation keys, which are not associated with a specific system ID, keys created here do not show up within the Activation Keys page.

WarningWarning
 

When kickstarting a system with its existing RHN profile, it will use the system-specific activation key created here to reregister the system and return its other RHN settings. For this reason, you should not regenerate, delete, or use this key (with rhnreg_ks) while a profile-based kickstart is in progress. If you do, the kickstart will fail.

6.4.2.6.1.7. System Details ⇒ Details ⇒ Remote Command —

The method for running a remote command on the system. To allow remote commands to be run on the client through RHN, first install the latest rhncfg* packages available within the RHN Provisioning child channel for the system. These may already be installed if you kickstarted the system with configuration management functionality.

Next, create the necessary directory on the target system:

mkdir -p /etc/sysconfig/rhn/allowed-actions/script

Then create a run file in that directory to act as a flag to RHN signaling permission to allow remote commands:

touch /etc/sysconfig/rhn/allowed-actions/script/run

You may then identify a specific user, group, and timeout period, as well as the script itself on this page. Select a date and time to begin attempting the command, and click Schedule Remote Command.

6.4.2.6.1.8. System Details ⇒ Details ⇒ Connection

The system's path to the package repository. This tab appears for any system in an organization that has a registered RHN Proxy Server version 3.1 or later. This subtab is designed to help you determine if updates and other information are passing through one or more RHN Proxy Servers. It identifies the Proxies being used and the order in which data passes through them to reach this system. The Proxy connecting directly to the central RHN Servers or your RHN Satellite Server is numbered '1'.

6.4.2.6.2. System Details ⇒ Errata

Contains a list of Errata Alerts applicable to the system. Refer to Section 6.1.3 Errata Alert Icons for meanings of the icons on this tab. To apply updates, select them and click the Apply Errata button. Double-check the updates to be applied on the confirmation page, then click the Confirm button. After confirming, the action is added to the Pending Actions list under Schedule. Errata that have been scheduled cannot be selected for update. In the place of a checkbox, you will find a clock icon that, when clicked, takes you to the Action Details page.

To help users determine whether an update has been scheduled, a Status column exists within the Errata table. Possible values are: None, Pending, Picked Up, Completed, and Failed. This column identifies only the latest action related to an Errata. For instance, if an action fails and you reschedule it, this column will show the status of the Errata as Pending only (with no mention of the previous failure). Clicking a status other than None takes you to the Action Details page. This column corresponds to one on the Affected Systems tab of the Errata Details page.

6.4.2.6.3. System Details ⇒ Packages

Manages the packages on the system.

6.4.2.6.3.1. System Details ⇒ Packages ⇒ Packages

The default display of the Packages tab describes the options available to you and provides the means to update your package list. If after exploring the packages, you believe the list is outdated or incomplete (or you installed the packages manually and did not have RHN install them), click the Update Package List button on the bottom right-hand corner of this page. The next time the RHN Daemon connects to RHN, it will update your System Profile with the latest list of installed packages.

6.4.2.6.3.2. System Details ⇒ Packages ⇒ List/Remove

Lists installed packages from the system's software System Profile and enables you to remove them. Click on a package name to view its Package Details page. (Refer to Section 6.6.5.3 Package Details.) To delete packages from the system, select their checkboxes and click the Remove Packages button on the bottom right-hand corner of the page. A confirmation page will appear with the packages listed. Click the Confirm button to remove the packages.

6.4.2.6.3.3. System Details ⇒ Packages ⇒ Upgrade

Displays a list of packages that have a new version available based on the package versions in the channels for the system. Click on the latest package name to view its Package Details page. To upgrade packages immediately, select them and click the Upgrade Packages button. If the system is Provisioning-entitled and set to allow remote commands, you then have the option of running a remote command with the package action. Refer to the Remote Command subtab description for details. To download the packages as a .tar file, select them and click the Download Packages button. Refer to Section 6.6.5.2 Package Download for details.

6.4.2.6.3.4. System Details ⇒ Packages ⇒ Install

Enables you to install new packages on the system from the available channels. Click on the package name to view its Package Details page. To install packages, select them and click the Install Selected Packages button. If the system is Provisioning-entitled and set to allow remote commands, you then have the option of running a remote command with the package action. Refer to the Remote Command subtab description for details.

6.4.2.6.3.5. System Details ⇒ Packages ⇒ Verify —

Validates the packages installed on the system against its RPM database. This is the equivalent of running rpm -V. Specifically, this tab allows you to compare the metadata of the system's packages with information from the database, such as MD5 sum, filesize, permissions, owner, group and file size and type. To verify a package or packages, select them and click the Verify Selected Packages button and then confirm this action. Once finished, you can view the results by selecting this action within the History subtab under Events.

6.4.2.6.3.6. System Details ⇒ Packages ⇒ Profiles —

Gives you the ability to compare the packages on this system with the packages of stored profiles and other Management and Provisioning systems. To make the comparison with a stored profile, select that profile from the pulldown menu and click the Compare button. To make the comparison with another system, select it from the associated pulldown menu and click the Compare button. To create a stored profile based upon the existing system, click the Create System Profile button, enter any additional information you desire, and click the Create Profile button. These profiles are kept within the Stored Profiles page linked from the left navigation bar.

— Once package profiles have been compared, Provisioning customers have the ability to synchronize the packages of the selected system with the package manifest of the compared profile. Note that this action may delete packages on the system not in the profile, as well as install packages from the profile. To install specific packages, select the checkboxes of packages from the profile. To remove specific packages already installed on the system itself, select the checkboxes of packages showing a difference of "This system only." To synchronize the system's packages with the compared profile entirely, select the master checkbox at the top of the column. Then click the Sync Packages to button. On the confirmation screen, review the changes, select a time frame for the action, and click the Schedule Sync button.

6.4.2.6.4. System Details ⇒ Channels

Manage the channels associated with the system.

6.4.2.6.4.1. System Details ⇒ Channels ⇒ Software

Software channels provide a well-defined method to determine which packages should be available to a system for installation or upgrade, based upon its operating systems, packages and, functionality. Click a channel name to view its Channel Details page. To modify the child channels associated with this system, use the checkboxes next to the channels and click the Change Subscriptions button. You will receive a success message or be notified of any errors. To change the system's base channel, select the new one from the pulldown menu and click the Modify Base Channel button. Refer to Section 6.6.1 Software Channels for more information.

6.4.2.6.4.2. System Details ⇒ Channels ⇒ Configuration —

Assists in managing the configuration of the system. Like software channels, configuration channels store files to be installed on systems. Unlike software packages, various versions of configuration files may prove useful to a system at any given time.

To manage the configuration of a system, it must have the latest rhncfg* packages installed and the configfiles/ directory and associated files created on it. Refer to Section 6.6.6.1 Preparing Systems for Config Management for instructions. Command line options also exist for many of these functions. Refer to Appendix A Command Line Config Management Tools for instructions.

Here are the options available within the system's Configuration tab, each of which results in a separate subtab:

  • Managed Files — List all configuration files currently associated with the system. The Overrides column identifies which config file from which channel will apply if the system is unsubscribed from the config channel that provides the file now. For instance, if a system has '/etc/foo' from channel 'bar' and '/etc/foo' from channel 'baz' is in the Overrides column, then unsubscribing from channel 'bar' will mean that the file from channel 'baz' will be applicable. Also, if nothing is in the 'Overrides' column for a given file path, then unsubscribing from the channel providing the file will mean that the file is no longer managed (though it will (not remove the file from the system).

  • Verify — Validate the configuration files installed on the system by comparing them to versions stored in RHN's central configuration manager. Select the files to be verified and click Verify.

  • Config Channels — Set the subscription and rank of configuration channels that may be associated with the system, lowest first. Enter numbers in the Rank fields to establish the order in which channels are used. Channels with no numeric value are not associated with the system. Your local configuration channel will always override all other channels for this system and therefore cannot have its rank adjusted from 1. All other channels are created in the Manage Config Channels interface within the Channels category. Refer to Section 6.6.6 Manage Config Channels — for instructions. When satisfied, click Update.

  • Local Overrides — View and manage the default configuration files for the system. If no files exist, click the add, edit, or remove files link within the description to access the system's Config Channel Files page. If a file exists, click its name to go to the Configuration File Details page. Refer to Section 6.6.6.6 Configuration File Details — for instructions. To replicate the file within a config channel, select its checkbox, click the Copy to Config Channel button, and select the destination channel. To remove a file, select it and click Delete Selected Files.

  • Sandbox — Manipulate configuration files without deploying them. This sandbox provides you with an area to experiment with files without affecting systems. To add files, click the import new files link, select an option for their addition from the dropdown menu, and click Go. Ensure you have the latest rhncfg* packages. The rest of the functions work like those on the Local Overrides subtab.

6.4.2.6.5. System Details ⇒ Groups —

Lists the system's associated groups and enables you to change these associations.

6.4.2.6.5.1. System Details ⇒ Groups ⇒ List/Remove —

Lists groups to which the system belongs and enables you to cancel those associations. Only System Group Administrators and Organization Administrator can add and remove the system from groups. To remove the system from groups, select the groups' checkboxes and click the Leave Selected Groups button. Click on a group's name to go to its System Group Details page. Refer to Section 6.4.3.3 System Group Details — for more information.

6.4.2.6.5.2. System Details ⇒ Groups ⇒ Join —

Lists groups that the system may be subscribed to. Only System Group Administrators and Organization Administrator can add and remove the system from groups. To add the system to groups, select the groups' checkboxes and click the Join Selected Groups button.

6.4.2.6.6. System Details ⇒ Snapshots —

Provides snapshots enabling rollback of the system's package profile, configuration files, and RHN settings. These snapshots are captured whenever an action takes place on the system.

6.4.2.6.6.1. System Details ⇒ Snapshots ⇒ Snapshots —

The default display of the Snapshots tab lists the reason, dates, and times for snapshots taken. To revert to a previous configuration, click the snapshot taken at the desired date and time and review the potential changes on the provided subtabs. When satisfied with the reversion, return to the Rollback subtab and click the Rollback to Snapshot button. To see the list again, click Return to snapshot list.

6.4.2.6.6.2. System Details ⇒ Snapshots ⇒ Snapshot Tags —

Provides a means to add meaningful descriptions to your system snapshots. This can be used to indicate milestones, such as a known working configuration or a successful upgrade. To tag the most recent snapshot, click create new system tag, enter a descriptive term in the Tag name field, and click the Tag Current Snapshot button. You may then revert using this tag directly by clicking its name in the Snapshot Tags list. To delete tags, select their checkboxes, click Remove Tags, and confirm the action.

6.4.2.6.7. System Details ⇒ Kickstart —

Enables the re-installation of the system based upon selectable parameters, including specific Red Hat distribution. These kickstarts are based upon profiles developed within the Kickstart interface. Refer to Section 6.4.10 Kickstart — for details.

6.4.2.6.7.1. System Details ⇒ Kickstart ⇒ Session Status —

The default display of the Kickstart tab, if you've scheduled a kickstart, shows where the system's kickstart stands. Details include the kickstart profile used, its state, and pending and latest actions. Kickstarts that do not complete within approximately two hours will be marked as failed here. Click the profile name to access the Kickstart Details page. Click the view link to see the actual kickstart configuration file generated by RHN. To force this page to reload at a set interval, select one from the pulldown menu and click the Change Reload Time button.

6.4.2.6.7.2. System Details ⇒ Kickstart ⇒ Session History —

Displays particular points in a kickstart session's progress. Like Session Status, this subtab appears only if you've scheduled a kickstart. It lists individual actions, such as package installs, as they occur. Click the name of an action to see information about it, including summary, details, and time. Failed kickstarts are shown here, as well. To force this page to reload at a set interval, select one from the pulldown menu and click the Change Reload Time button.

6.4.2.6.7.3. System Details ⇒ Kickstart ⇒ Schedule —

Allows the kickstarting of the selected system. To schedule a kickstart, select a distribution, identify the type (IP address or manual selection of kickstart profile), and click Continue. Note that IP address kickstarts require ranges to be defined in kickstart profiles.

On the next page, finish choosing from the options available. Using the existing RHN profile will rely upon the system-specific activation key created within the Reactivation tab to reregister the system. Do not regenerate, delete, or use this key while a profile-based kickstart is in progress. Selecting the Deploy Configuration checkbox will re-install configuration files from any config channels associated with the system. When finished, click the Schedule Kickstart button.

CautionCaution
 

It is imperative the kickstart profile selected match the installation files supplied. For instance, it is possible a given IP address could be associated with a Red Hat Enterprise Linux 2.1 kickstart profile, but you insert an IP address kickstart CD-ROM built for Red Hat Enterprise Linux 3. This would result in errors and cause the kickstart to fail.

6.4.2.6.8. System Details ⇒ Events

Displays past, current, and scheduled actions on the system. You may cancel pending events here. The following sections describe the Events subtabs and the features they offer. Refer to Section 6.7.5.1 Action Details for more information.

6.4.2.6.8.1. System Details ⇒ Events ⇒ History

The default display of the Events tab lists the type and status of events that have failed, occurred or are occurring. This list is automatically generated. To view details of an event, click its summary in the System History table. To again view the table, click Return to history list at the bottom of the page.

6.4.2.6.8.2. System Details ⇒ Events ⇒ Pending

Lists events that are scheduled but have not begun. A prerequisite action is required to complete successfully before a given action will be attempted. If an action has a prerequisite, there will not be a checkbox available to cancel that specific action. Instead, there will be a checkbox next to the prerequisite action; Cancelling the prerequisite action will cause the action in question to fail.

Actions can be chained in this manner so that action 'a' requires action 'b' which requires action 'c'. Action 'c' will be the first one attempted, and will be the one with the checkbox next to it until it is completed successfully - if any action in the chain fails, the remaining actions also fail. To unschedule a pending event, select the event and click the Cancel Events button at the bottom of the page. The following icons indicate the type of events listed here:

  • — Package Event

  • — Errata Event

  • — Preferences Event

  • — System Event

6.4.2.6.9. System Details ⇒ Probes —

Displays all of the probes monitoring the system. You must be a Monitoring Administrator or Organization Administrator to see this tab. The State column shows icons representing the status of each probe. Refer to Section 6.9 Monitoring — for descriptions of these states. Clicking the probe description takes you to its Current State page, while clicking the number in the Edit probe column allows you to modify the probe's settings.

To add a probe to the system, click the create new probe link at the top-right corner of the page and complete the fields on the following page. Selecting a probe command group changes the list of available probes and alters the remaining fields and requirements. Refer to Appendix C Probes for the complete list of probes by command group. Note that some probes require the Red Hat Network Monitoring Daemon to be installed on the client system.

Enter a brief but unique description for the probe, select the Scout to run the probe (typically RHN Monitoring Satellite), and select the Probe Notification checkbox to receive alerts. Select a probe check (or run) interval, complete the remaining fields, and establish CRITICAL and WARNING alert thresholds, if this option exists. When finished, click Create Probe.

Once the probe has been added, you must reconfigure your Monitoring infrastructure to recognize it. Refer to Section 6.9.3 Scout Config Push — for details. After the probe has run, its results become available on the Current State page. Refer to Section 6.9.1.7 Current State — for details.

6.4.3. System Groups —

The System Groups page allows all RHN Management and Provisioning users to view the System Groups list. Only Organization Administrators may perform the following additional tasks:

  1. Create system groups. (Refer to Section 6.4.3.1 Creating Groups.)

  2. Add systems to system groups. (Refer to Section 6.4.3.2 Adding and Removing Systems in Groups.)

  3. Remove systems from system groups. (Refer to Section 6.4.2.6 System Details.)

  4. Assign system group permissions to users. (Refer to Section 6.8 Users — .)

As shown in Figure 6-4, the System Groups list displays all of your system groups.

Figure 6-4. System Group List

The System Groups list contains several columns for each group:

6.4.3.1. Creating Groups

To add a new system group, click the create new group button at the top-right corner of the page. Type a name and description and click the Create Group button. Make sure you use a name that clearly sets this group apart from others. The new group will appear in the System Groups list.

6.4.3.2. Adding and Removing Systems in Groups

In the System Groups list, click the name of the group to receive the systems. This will take you to the System Group Details page. Once there, click the Target Systems tab and select the systems to be added to this group. Although all entitled systems should be listed, only systems entitled to Management and Provisioning can be selected for addition. After selecting all of the systems to be added, click the Add Systems button on the bottom right-hand corner of the page. The new systems will then be shown on the group's Systems tab.

To remove systems from groups, use the Groups tab of the System Details page. Refer to Section 6.4.2.6 System Details for instructions.

6.4.3.3. System Group Details —

At the top of each System Group Details page are two links: work with group and delete group. Clicking delete group does just that and should be used with caution. Clicking Work with Group functions similarly to the Use Group button from the System Groups list in that it loads the group's systems and launches the System Set Manager immediately. Refer to Section 6.4.4 System Set Manager — for more information.

The System Group Details page is broken down into tabs:

6.4.3.3.1. System Group Details ⇒ Details —

— Basic information about the system group: the group name and group description. To change this information, click Edit Group Properties, make your changes in the appropriate fields, and click the Modify Details button.

6.4.3.3.2. System Group Details ⇒ Systems —

List of systems that are members of the system group. Clicking links within the table takes you to corresponding tabs within the System Details page for the associated system. To remove systems from the group, select the appropriate checkboxes and click the Remove from group button on the bottom of the page. Clicking it does not delete systems from RHN entirely. This is done through the System Set Manager or System Details pages. Refer to Section 6.4.4 System Set Manager — or Section 6.4.2.6 System Details, respectively.

6.4.3.3.3. System Group Details ⇒ Target Systems —

Target Systems — List of all systems in your organization. This tab enables you to add systems to the specified system group. Merely select the systems using the checkboxes to the left and click the Add Systems button on the bottom right-hand corner of the page.

6.4.3.3.4. System Group Details ⇒ Errata —

List of relevant Errata for systems in the system group. Clicking the Advisory takes you to the Details tab of the Errata Details page. (Refer to Section 6.5.2.2 Errata Details for more information.) Clicking the Affected Systems number lists all of the systems addressed by the Errata. To apply the Errata Updates in this list, select the systems and click the Apply Errata button.

6.4.3.3.5. System Group Details ⇒ Admins —

List of all organization users that potentially have permission to manage the system group. Organization Administrators are clearly identified. System Group Administrators are marked with an asterisk (*). To change the system group's users, select and unselect the appropriate checkboxes and click the Update button.

6.4.4. System Set Manager —

The System Set Manager allows you to perform many actions possible individually through the System Details page on multiple systems at once, including:

Before performing actions on multiple systems, you must select systems you wish to modify. Note that Update-level systems cannot be selected. Pages including Systems list, System Search, and System Groups list have a column of checkboxes under the Select heading. Mark the checkboxes beside the systems or groups you want to select, and click the Update List button below the column to add them to the System Set Manager.

You can access the System Set Manager page in two ways: 1)Add systems and groups from their respective lists to the System Set Manager and click System Set Manager in the left navigation bar. 2)Click Use Group in the System Groups list or Work with Group on the System Group Details page to work with a predefined system group. The System Set Manager page is broken down into tabs:

6.4.4.1. System Set Manager ⇒ Overview —

Description of the various options available to you in the remaining tabs.

6.4.4.2. System Set Manager ⇒ Systems —

List of systems now selected. To delete systems from this particular set, select them and click the Remove button.

6.4.4.3. System Set Manager ⇒ Errata —

List of Errata Updates applicable to the current system set. To apply updates, select the Errata and click the Apply Errata button.

6.4.4.4. System Set Manager ⇒ Packages —

Options to modify packages on the system within the following subtabs:

6.4.4.4.1. System Set Manager ⇒ Packages ⇒ Install —

A list of channels from which you may retrieve packages. Click on the channel name and select the packages from the list. Then click the Install Packages button.

6.4.4.4.2. System Set Manager ⇒ Packages ⇒ Upgrade —

A list of all the packages installed on the selected systems that might be updated. Select the packages to be upgraded, then click the Upgrade Packages button.

6.4.4.4.3. System Set Manager ⇒ Packages ⇒ Remove —

A list of all the packages installed on the selected systems that might be removed. Select the packages to be deleted, then click the Remove Packages button.

6.4.4.5. System Set Manager ⇒ Groups —

Tools to create groups and manage group membership. These functions are limited to Organization Administrators and System Group Administrators. To add a new group, click create new group on the top-right corner. In the resulting page, type its name and description in the identified fields and click the Create Group button. To add or remove the selected systems in any of the system groups, toggle the appropriate radio buttons and click the Alter Membership button.

6.4.4.6. System Set Manager ⇒ Channels —

Options to manage channel associations through the following subtabs:

6.4.4.6.1. System Set Manager ⇒ Channels ⇒ Channel Subscriptions —

To subscribe or unsubscribe the selected systems in any of the channels, toggle the appropriate radio buttons and click the Alter Subscriptions button.

6.4.4.6.2. System Set Manager ⇒ Channels ⇒ Config Channels —

Like the options within the System Details ⇒ Channels ⇒ Configuration tab, the subtabs here can be used to subscribe the selected systems to configuration channels and deploy and verify the configuration files on the systems. The channels are created in the Manage Config Channels interface within the Channels category. Refer to Section 6.6.6 Manage Config Channels — for channel creation instructions.

To manage the configuration of a system, it must have the latest rhncfg* packages installed and the configfiles/ directory and associated files created on it. Refer to Section 6.6.6.1 Preparing Systems for Config Management for instructions. Command line options also exist for many of these functions. Refer to Appendix A Command Line Config Management Tools for instructions.

6.4.4.6.2.1. System Set Manager ⇒ Channels ⇒ Config Channels ⇒ Subscriptions —

On this subtab, enter numbers in the Rank column to establish the order in which channels are used, lowest first. Channels with no numeric value are not associated with the systems. Your local configuration channel will always override all other channels. Once you've established the rank of the config channels, you must decide how they should be applied to the selected systems.

The three buttons below the channels reflect your options. Clicking Add with Highest Rank places all the ranked channels before any channels already subscribed to by the systems. Clicking Add with Lowest Rank places the ranked channels after channels subscribed to by the systems. Clicking Replace Existing Config Channels removes any existing association and starts cleanly with the ranked channels, leaving every system with the same config channels in the same order.

In the first two cases, if any of the newly ranked config channels is already in a system's existing config channel list, the duplicate channel is removed and re-added according to the new rank, effectively reordering the system's existing channels. When such conflicts exist, you're presented with a confirmation page to ensure the intended action is correct. When the change has taken place, a message appears at the top of the page indicating the update was successful.

6.4.4.6.2.2. System Set Manager ⇒ Channels ⇒ Config Channels ⇒ Deploy —

Use this subtab to distribute configuration files from your central repository on RHN to the selected systems at once. The table lists the configuration files associated with any of the selected systems. Clicking the name of a file opens its Configuration File Details page. Clicking its system count displays the systems already subscribed to the file.

To subscribe the selected systems to the available configuration files, select the checkbox for each desired file. When done, click Deploy Configuration and schedule the action. Note that the files deployed are of the latest version at the time of scheduling and do not account for versions that may appear before the action takes place.

6.4.4.6.2.3. System Set Manager ⇒ Channels ⇒ Config Channels ⇒ Verify —

Use this subtab to validate configuration files on the selected systems against copies in your central repository on RHN. The table lists the configuration files associated with any of the selected systems. Clicking the name of a file opens its Configuration File Details page. Clicking its system count displays the systems already subscribed to the file.

To compare the configuration files deployed on the systems with those in RHN, select the checkbox for each file to be validated. Then click Verify Configuration and schedule the action. Note that the files verified are of the latest version at the time of scheduling and do not account for versions that may appear before the action takes place. Then find the results within the main Schedule category or within the System Details ⇒ Events tab.

6.4.4.6.3. System Set Manager ⇒ Channels ⇒ Base Channel Alteration —

Channel Administrators may use this subtab to change the base channels the selected systems are subscribed to. Systems will be unsubscribed from all channels and subscribed to the new base channels. For this reason, this should be done with caution. Select the new base channel from the pulldown menus and click the Change Base Channels button.

6.4.4.7. System Set Manager ⇒ Provisioning —

Provisioning — Options for provisioning systems through the following subtabs:

6.4.4.7.1. System Set Manager ⇒ Provisioning ⇒ Kickstart —

Use this subtab to re-install the selected Provisioning-entitled systems. To schedule a kickstart, select a distribution, identify the type (IP address or manual), and click Continue. Then finish choosing from the options available on the subsequent screen and click the Schedule Kickstart button.

6.4.4.7.2. System Set Manager ⇒ Provisioning ⇒ Tag Systems —

Use this subtab to to add meaningful descriptions to the most recent snapshots of your selected systems. To tag the most recent system snapshots, enter a descriptive term in the Tag name field, and click the Tag Current Snapshots button.

6.4.4.7.3. System Set Manager ⇒ Provisioning ⇒ Rollback —

Use this subtab to rollback selected Provisioning-entitled systems to previous snapshots marked with a tag. Click the name of the tag, verify the systems to be reverted, and click the Rollback Systems button.

6.4.4.7.4. System Set Manager ⇒ Provisioning ⇒ Remote Command —

Use this subtab to issue remote commands on selected Provisioning-entitled systems. You must have created a run file on the client systems for this function to be allowed. Refer to the description of the Configuration subtab of the Channels tab for instructions. You may then identify a specific user, group, and timeout period, as well as the script itself on this page. Select a date and time to begin attempting the command, and click Schedule Remote Command.

6.4.4.8. System Set Manager ⇒ Misc —

Misc — Tools to update System Profiles and preferences for the system set. Here are the tools broken down by section:

6.4.4.8.1. System Set Manager ⇒ Misc ⇒ System Profile Updates —

Clicking Update Hardware Profile, then the Confirm Refresh button schedules a hardware profile update. Clicking Update Package Profile, then the Confirm Refresh button schedules a package profile update.

6.4.4.8.2. System Set Manager ⇒ Misc ⇒ Custom System Information —

Clicking Set a custom value then the name of a key allows you to provide values for all selected systems. Enter the information and click the Set Values button. Clicking Remove a custom value then the name of a key allows you to remove values for all selected systems. Click the Remove Values button to finalize the deletion.

6.4.4.8.3. System Set Manager ⇒ Misc ⇒ Reboot Systems —

Selecting the appropriate systems and then clicking the Reboot Systems link sets those systems for reboot. To immediately cancel this action, click the list of systems link that appears within the confirmation message at the top of the page, select the systems, and click Unschedule Action.

6.4.4.8.4. System Set Manager ⇒ Misc ⇒ Lock Systems —

Selecting the appropriate systems and then clicking the Lock Systems link prevents the scheduling of any action through RHN that would affect the systems. This can be reversed by clicking the Unlock Systems link.

6.4.4.8.5. System Set Manager ⇒ Misc ⇒ Delete Systems —

Clicking Delete System Profiles, then the Confirm Deletions button removes the selected profiles permanently.

6.4.4.8.6. System Set Manager ⇒ Misc ⇒ Upgrade System Entitlements —

Clicking Upgrade to * Entitlement increases the service level for as many selected systems as possible.

6.4.4.8.7. System Set Manager ⇒ Misc ⇒ System Preferences —

Toggling the Yes and No radio buttons and then clicking the Change Preferences button alters your notification preferences for the selected systems. All of these preferences may also be applied to systems individually through the Properties subtab of the System Details page. Refer to Section 6.4.2.6.1.2 System Details ⇒ Details ⇒ Properties for instructions.

  • Receive Notifications of Updates/Errata — This setting keeps you abreast of all advisories pertaining to your systems. Anytime an update is produced and released for a system under your supervision, a notification is sent via email.

  • Include system in Daily Summary — This setting includes the selected systems in a daily summary of system events. (By default, all Management and Provisioning systems are included in the summary.) These are actions affecting packages, such as scheduled Errata Updates, and system reboots or failures to check in. In addition to including the systems here, you must choose to receive email notifications in the Your Preferences page of the Your RHN category. Refer to Section 6.3.2 Your Preferences for instructions. Note that RHN will send these summaries only to verified email addresses.

  • Automatic application of relevant errata — This setting allows you have all Errata Updates automatically applied to systems. This means packages associated with Errata will be updated without any user intervention. Customers should note that Red Hat does not recommend the use of the auto-update feature for production systems because conflicts between packages and environments can cause system failures. The Red Hat Network Daemon must be enabled on the systems for this feature to work.

6.4.5. System Entitlements

To use all of the features of RHN, your systems must be entitled — subscribed to an RHN service level. Use the System Entitlements page to configure which systems are entitled to which service offerings. There are three primary types of entitlements:

The System Entitlements page allows you to view and promote the entitlements for your registered systems. Only increases in entitlement levels are allowed. Systems cannot be re-entitled to a lower entitlement level. For instance, a system entitled to the Update service level can be promoted to the Management level, but this action cannot be reversed.

To change an individual entitlement, select the entitlement from the system's pulldown menu and click the Update Entitlements button on the bottom right-hand corner of the page. Click the name of a system to see details about it. If no drop-down menu exists for your Update-level system, you may need to purchase a Management entitlement. Do this through the Buy Now page under Your RHN.

WarningWarning
 

Changing a system's entitlement is an irreversible action. You may be unable to change the entitlement levels of some systems. For more information, refer to the RHN entitlement policy linked from the System Entitlements page.

In addition, you may entitle all newly registered systems to the Managements service level at once by clicking the Auto-Entitle Newest Servers Now link at the bottom of the page. To use this link, which appears only when new, unentitled systems exist, first make sure you have enough Management entitlements available. If you need to purchase additional entitlements, click the Buy them now link at the top of the page. After auto-entitling, a message appears at the top of the System Entitlements page indicating the number of systems successfully entitled to the Management service level.

6.4.6. Advanced Search —

The System Search page allows you to search through your systems according to specific criteria. These criteria include custom system information, system details, hardware, devices, interface, networking, packages, and location. The activity selections (Days Since Last Checkin, for instance) can be especially useful in finding and removing outdated System Profiles. Type the keyword, select the criterion to search by, use the radio buttons to identify whether you wish to query all systems or only those loaded in the System Set Manager, and click the Search button. Yo may also select the Invert Result checkbox to reverse your results list.

The results appear at the bottom of the page. For details about using the resulting system list, refer to Section 6.4.2 Systems.

6.4.7. Activation Keys —

RHN Management and Provisioning customers with the Activation Key Administrator role (including Organization Administrators) can generate activation keys through the RHN website. These keys can then be used to register the Red Hat Enterprise Linux system, entitle the system to an RHN service level and subscribe the system to specific channels and system groups through the command line utility rhnreg_ks. Refer to Section 2.5 Registering with Activation Keys for instructions on use.

NoteNote
 

System-specific activation keys created through the Reactivation subtab of the System Details page do not show up in this list because they are not reusable across systems.

6.4.7.1. Managing Activation Keys

To generate an activation key:

  1. Select Systems => Activation Keys from the top and left navigation bars.

  2. Click the create new key link at the top-left corner.

    WarningWarning
     

    In addition to the fields listed below, RHN Satellite Server customers may also populate the Key field itself. This user-defined string of characters can then be supplied with rhnreg_ks to register client systems with the Satellite. Only numbers, letters, hyphens, and underscores may be included in the key. All other characters are prohibited. Commas are especially problematic as they are the separator used when including two or more activation keys at once. Refer to Section 6.4.7.2 Using Multiple Activation Keys at Once — for details.

  3. Provide the following information:

    • Description — User-defined description to identify the generated activation key.

    • Usage Limit — The number of times the key can be used to register a system before the activation key is disabled. Leave blank for unlimited use.

    • Base Channel — The primary channel for the key. Selecting nothing will enable you to select from all child channels, although systems can be subscribed to only those that are applicable.

    • Entitlement — The service level for the key, either Management or Provisioning. All systems will be subscribed at this level with the key.

    • Universal default — Whether or not this key should be considered the primary activation key for your organization.

    • Deploy configs — Select to have all stored configuration files installed upon registration.

    Click Create Key.

After creating the unique key, it appears in the list of activation keys along with the number of times it has been used. Note that only Activation Key Administrators can see this list. At this point, you may associate child channels and groups with the key so systems registered with it will automatically be subscribed to them.

To change information about a key, such as the channels or groups, click its description in the key list, make your modifications in the appropriate tabs, and click the Update Key button. To disassociate channels and groups from a key, deselect them in their respective menus by [Ctrl]-clicking their highlighted names. To remove a key entirely, click the delete key link in the top-right corner of the edit page.

If you do not want a key to be used to activate a system, you can disable it by unselecting the corresponding checkbox under the Enabled column in the key list. The key can be re-enabled by selecting the checkbox. After making these changes, click the Update Keys button on the bottom right-hand corner of the page.

6.4.7.2. Using Multiple Activation Keys at Once —

Provisioning customers should note that multiple activation keys can be included at the command line or in a single kickstart profile. This allows you to aggregate the aspects of various keys without having to recreate a new key specific to the desired systems, simplifying the registration and kickstart processes while slowing the growth of your key list.

Without this stacking ability, your organization would need at least six activation keys to manage four server groups and subscribe a server to any two groups. Factor in two versions of the operating system, such as Red Hat Enterprise Linux 2.1 and 3, and you need twice the number of activation keys. A larger organization would need keys in the dozens.

Before specifiying more than one activation key, you must understand how their values are combined and resolved. These entities are straight unions: server groups, software packages, software child channels, and config channels. A combination of each of these will be included in the kickstart profile. The remaining entities must be resolved if different in the following manner:

  • base software channels — registration fails

  • entitlements — registration fails

  • enable config flag — configuration management is set

  • activation key type — a system-specific reactivation key will generate a failure

You're now ready to use multiple activation keys at once. This is done with comma separation at the command line with rhnreg_ks or in a kickstart profile within the Post tab of the Kickstart Details page. Refer to Section 2.5 Registering with Activation Keys and Section 6.4.10.3 Creating Kickstarts, relatively, for instructions.

6.4.8. Stored Profiles —

RHN Provisioning customers can create package profiles through the Profiles subtab of the Packages tab within the System Details page. Those profiles end up here, on the Stored Profiles page, where they may be edited and even deleted.

To edit a profile, click its name in the list, alter its name and description, and click the Update Profile. To view software associated with the profile, click the Packages subtab. To remove the profile entirely, click delete stored profile at the upper-right corner of the page.

6.4.9. Custom System Info —

RHN Provisioning customers may include completely customizable information about systems. Unlike notes, the information here is more formal and can be searched upon. For instance, you may decide to identify an asset tag for each system. To do this, you must create an asset key within the Custom System Info page.

Click create new key at the upper-right corner of the page. Enter a descriptive label and description, such as Asset and Precise location of each system, and click the Create Key. The key will then show up in the custom info keys list.

Once the key exists, you may assign a value to it through the Custom Info tab of the System Details page. Refer to Section 6.4.2.6.1.5 System Details ⇒ Details ⇒ Custom Info — for instructions.

6.4.10. Kickstart —

To satisfy the provisioning needs of customers, RHN provides this interface for developing kickstart profiles by which new systems may be built. This enables systems to be installed to particular specifications automatically.

WarningWarning
 

Since RHN Proxy Servers typically direct files from the central RHN Servers, and those servers do not distribute the files necessary for kickstart, systems connected to a Proxy not being served by an RHN Satellite Server must be kickstarted using an external installation tree. This tree can be placed on the Proxy itself in one of two non-forwarding directories: /var/www/html/pub/ and /var/www/html/_rhn_proxy/. Refer to Section 6.4.10.9 Kickstart ⇒ Distributions — for instructions on setting up installation trees.

6.4.10.1. Kickstart Prerequisites

Although Red Hat Network has taken great pains to ease the provisioning of systems, some preparation is still required for your infrastructure to handle kickstarts. For instance, before creating kickstart profiles, you should have:

  • Installed and have running a DHCP server.

  • Installed and have running a TFTP server.

  • Configured DHCP to assign required networking parameters and the bootloader program location.

  • Specified within the bootloader configuration file the kernel to be used and appropriate kernel options.

For a decription of the innerworkings of the kickstart process, refer to Section 6.4.10.2 Kickstart Explained.

6.4.10.2. Kickstart Explained

When a machine is to receive a network-based kickstart, the following events must occur in this order:

  1. After being placed on the network and turned on, the machine's PXE logic broadcasts its MAC address and a request to be discovered.

  2. The DHCP server recognizes the discovery request and extends an offer of network information needed for the new machine to boot. This includes an IP address, the default gateway to be used, the netmask of the network, the IP address of the TFTP server holding the bootloader program, and the full path and filename of that program (relative to the TFTP server's root).

  3. The machine applies the networking information and initiates a session with the TFTP server to request the bootloader program.

  4. The bootloader, once loaded, searches for its configuration file on the TFTP server from which it was itself loaded. This file dictates which kernel and kernel options, such as the initial RAM disk (initrd) image, should be executed on the booting machine. Assuming the bootloader program is SYSLINUX, this file will be located in the pxelinux.cfg directory on the TFTP server and named the hexadecimal equivalent of the new machine's IP address. For example, a bootloader configuration file for Red Hat Enterprise Linux AS 2.1 should contain:

    port 0
    prompt 0
    timeout 1
    default My_Label
    label My_Label
           kernel vmlinuz
           append ks=http://myrhnsatellite/ initrd=initrd.img network apic
  5. The machine accepts and uncompresses the init image and kernel, boots the kernel, and initiates a kickstart installation with the options supplied in the bootloader configuration file, including the server containing the kickstart configuration file.

  6. This kickstart configuration file in turn directs the machine to the location of the installation files.

  7. The new machine is built based upon the parameters established within the kickstart configuration file.

6.4.10.3. Creating Kickstarts

To develop a new kickstart profile, first create a distribution through the Distributions page. Refer to Section 6.4.10.9 Kickstart ⇒ Distributions — for instructions. Once that is done, return to the Kickstart page and click create new kickstart in the upper-right corner of the page. On the resulting page, enter a name and label for the profile, select whether it should immediately be considered active, and click the Select Kickstart Options button.

On the next page, identify the precise values to be included in the profile, including: bootloader type, time zone, kickstart network configuration, root password, and partition details. Please note that the kickstart network configuration value here is different from the network setting on the Advanced Options tab. Refer to the individual tab descriptions for details. Click the Create Kickstart button when done.

When finished with the initial profile, you're presented with the Kickstart Details page, which offers various options for enhancing the kickstart steps. Refer to Section 6.4.10.4 Kickstart Details — for descriptions of the page and its tabs. Take note that RHN supports including separate files within the Partition Details section of the kickstart profile. For instance, you may dynamically generate a partition file based on the machine type and number of disks at kickstart time. This file can be created via %pre script and placed on the system, such as /tmp/part-include. Then you can call for that file by including the following line within the Partition Details field of the Kickstart Details ⇒ Options tab:

%include /tmp/part-include

You may clone or delete the profile at any time using links at the upper-right corner of the Kickstart Details page. Once you've populated the tabs and fields within the Kickstart Details page, the kickstart profile should be completely configured and ready for use. Refer to the following pages for instructions on supplementing and aggregating kickstart profiles.

6.4.10.4. Kickstart Details —

Use the following tabs to modify the kickstart profile.

6.4.10.4.1. Kickstart Details ⇒ Details —

The default display of the Kickstart Details page shows the kickstart profile name and label, as well as the associated distribution, URL to be used, whether it's the default profile for your organization, and any comments about the profile. Note that the URL does not begin with https:// because the Red Hat Enterprise Linux installation program does not support Secure Sockets Layer (SSL). Click the view kickstart link to see the actual kickstart configuration file (converted to SSL) generated by RHN.

In addition, you may select lists of files here that will be preserved during the kickstart process. These files, typically configuration files and others that will remain relevant when the server is re-deployed, can be selected using the File Preservation Lists pulldown menu near the bottom of the page. Refer to Section 6.4.10.10 Kickstart ⇒ File Preservation — to find out how create these lists. To deselect a list, hold the [Ctrl] key and click the list name with the mouse. When done, click the Update Kickstart button.

6.4.10.4.2. Kickstart Details ⇒ Options —

Collects the precise values to be applied against the kickstart process, including bootloader type, time zone, root password, and partition details. Keep in mind, the kickstart network configuration value here is used by the bootloader to determine the network configuration for the kickstart process, unlike the network setting on the Advanced Options tab, which is used to generate the kickstart configuration file. The options passed to the bootloader are different from those needed by the Red Hat installation program to configure the system. Remember you may %include separate files in the Partition Details section of the profile if needed. When done, click the Update Kickstart button.

6.4.10.4.3. Kickstart Details ⇒ Advanced Options —

Accessible through a link at the top of the Options tab, this page establishes the arguments to be included in the kickstart configuration file. These differ from the settings included on the Options tab. For instance, the network setting here defines the parameters of the Red Hat installation program, while the kickstart network configuration value there affects the bootloader. As an example, you might need to kickstart a system using eth1 (kickstart network configuration), but eth0 is the primary network interface for the box (as identified in the network field on this page). When done, click the Update Kickstart button.

6.4.10.4.4. Kickstart Details ⇒ Packages —

Allows the addition or removal of specific software packages from the kickstart profile. To include packages, enter them in the text field. To remove packages, precede them with with a dash (-). You may also enter entire components and exclude specific packages, such as @ X Window System and -filename.rpm.

Note that packages to be excluded may still be installed to resolve dependencies and ensure the system works properly. When finished, click Add Packages. To delete packages from the list you've created, enter them below and click Remove Packages.

6.4.10.4.5. Kickstart Details ⇒ Pre —

Enables you to edit the %pre script for the kickstart profile. Make your changes and click the Update Pre button.

6.4.10.4.5.1. Kickstart Details ⇒ Pre ⇒ --interpreter —

Enables you to specify an interpreter and specific commands to be interpreted before the rest of the %pre section. Identify the interpreter, such as /usr/bin/python, in the top field then include the commands to be intepreted below it, and click Update Pre.

6.4.10.4.6. Kickstart Details ⇒ Post —

Enables you to include the %post script and other parameters in the kickstart profile through the following subtabs:

6.4.10.4.6.1. Kickstart Details ⇒ Post ⇒ Details —

Allows editing of the %post script and inclusion of other options to be set after initial kickstart. You may alter individual commands within the script, identify the package profile to be used during synchronization, and include the activation key to be used for registration. If you plan to include multiple activation keys, first refer to Section 6.4.7.2 Using Multiple Activation Keys at Once — for an explanation of how conflicts are resolved.

In addition, you may predetermine whether configuration management and remote commands may be carried out on the system using the checkboxes at the bottom of the page. Make your changes and click the Update Post button.

6.4.10.4.6.2. Kickstart Details ⇒ Post ⇒ GPG and SSL keys —

Displays all of the GPG and SSL keys created by your organization. To include GPG and SSL keys you have created in the %post section, select the keys and click the Update Keys button. Refer to Section 6.4.10.8 Kickstart ⇒ GPG and SSL Keys — for instructions on creating keys.

CautionCaution
 

When kickstarting systems receiving updates through either an RHN Proxy Server or RHN Satellite Server:, you must import that server's SSL certificate at the Kickstart/GPG and SSL Keys page and associate it with all relevant kickstart profiles. This association should be made on the GPG and SSL keys subtab of the Kickstart Details page. Not doing this will result in SSL_CERTIFICATE errors, and the kickstart will never report as complete in the RHN website.

6.4.10.4.6.3. Kickstart Details ⇒ Post ⇒ --nochroot —

Allows for the inclusion of commands to be executed before commands in the regular %post section and outside of the chroot. Refer to the Red Hat Enterprise Linux System Administration Guide for potential uses.

6.4.10.4.6.4. Kickstart Details ⇒ Post ⇒ --interpreter —

Like the same subtab under Pre, this enables you to specify an interpreter and specific commands to be interpreted before the rest of the %post section. Identify the interpreter, such as /usr/bin/python, in the top field then include the commands to be intepreted under it, and click Update Post.

6.4.10.4.7. Kickstart Details ⇒ IP Addresses —

Identifies the IP address ranges to be presented with this kickstart profile upon request. Conflicts between IP address ranges will not be allowed unless one range is a subset of another, in which case the kickstart associated with the smallest of the enclosing ranges will be presented. Enter the range and click the Update IP ranges button. New fields will appear allowing you to enter additional ranges.

6.4.10.5. Kickstart ⇒ Profiles —

Lists the kickstart profiles created by your organization. Click a name to see the Kickstart Details page. To enable inactive profiles, select the appropriate checkboxes and click the Update Profiles.

6.4.10.6. Kickstart ⇒ IP Ranges —

Lists the IP addresses that have been associated with kickstart profiles created by your organization. Click either the range or the profile name to access different tabs of the Kickstart Details page.

6.4.10.7. Kickstart ⇒ Sessions

Lists kickstart processes underway. Click the name of the system to obtain details about the kickstart session, including its progress, the action now taking place and the next to occur.

6.4.10.8. Kickstart ⇒ GPG and SSL Keys —

Lists keys and certificates available for inclusion in kickstart profiles and provides a means to create new ones. This is especially important for customers of RHN Satellite Server or RHN Proxy Server because systems being kickstarted by them will need to have the server key imported into RHN and associated with the relevant kickstart profiles. Import it by creating a new key here and then make the profile association in the GPG and SSL keys subtab of the Kickstart Details page.

To develop a new key/certificate, click create new cryptokey in the upper-right corner of the page. Enter a description, select the type, upload the file, and click the Update Key button. Note that a unique description is required.

6.4.10.9. Kickstart ⇒ Distributions —

Enables you to identify custom installation trees that may be used for kickstarting. (Satellite users should note that this does not display Red Hat distributions provided to them. They can be found within the Distribution dropdown menu of the Kickstart Details page.) Before creating a distribution, you will need to make an installation tree available, as described in the Kickstart Installations chapter of the Red Hat Enterprise Linux 3 System Administration Guide. This tree will need to be located in a public directory on a Web server.

ImportantImportant
 

RHN Satellite Server users should note that channels imported with satellite-sync are made available automatically and do not require the creation of a separate installation tree. For instance, if you have imported rhel-i386-es-3 and the current release is rhel-i386-es-3-u1, this option will appear within the Distribution dropdown menu of the Kickstart Details page. You need only select the correct distribution. These trees are available to client systems that kickstart through the Satellite. While you may be able to access the files from a non-kickstarting client, this functionality is not supported and may be removed at any time in the future.

To create a new distribution, enter an intuitive label (without spaces) in the Distribution Label field, such as my-orgs-rhel-as-3. In the External Location field, paste the URL to the base of the installation tree. (You can test this by appending "README" to the URL in a Web browser, hitting return, and ensuring the distribution's readme file appears.)

In the Autokickstart RPM field, enter the auto-ks kernel image for the distribution. You can find all of the available packages by searching RPMs for "auto-kickstart". Identify the appropriate package based upon the distribution to be kickstarted. It should look something like, "auto-kickstart-ks-rhel-i386-as-3". Then, strip everything preceding the "ks" to derive the boot image. For instance, in the above example, you would put "ks-rhel-i386-as-3" in the Autokickstart RPM field.

Then select the matching distribution from the Base Channel and Installer Generation dropdown menus, such as Red Hat Enterprise Linux AS (v.3 for x86) and Red Hat Enterprise Linux 3, respectively. When finished, click the Create button.

6.4.10.10. Kickstart ⇒ File Preservation —

Collects lists of files to be protected and re-deployed on systems during kickstart. For instance, if you have many custom configuration files located on a system to be kickstarted, you can enter them here quickly as a list and then associate that list with the kickstart profile to be used.

To use this feature, click the create new file preservation list link at the top and enter a relevant label and all files and directories to preserved on the resulting page. Make sure you enter absolute paths to all files and directories. Then click Create List.

ImportantImportant
 

Although file preservation is useful, it does have limitations. First, each list is limited to a total size of 1 MB. Further, special devices like /dev/hda1 and /dev/sda1 are not supported. Finally, only actual file and directory names may be entered. No regular-expression wildcards can be included.

When finished, you may include the file preservation list in the kickstart profile to be used on systems containing those files. Refer to Section 6.4.10.3 Creating Kickstarts for precise steps.

6.4.10.11. Building Bootable Kickstart ISOs

Copy the contents of /isolinux from the first CD-ROM of the target distribution. Then edit the isolinux.cfg file to default to 'ks'. Change the 'ks' section to look like this:

 label ks
   kernel vmlinuz
   append text ks={url} initrd=initrd.img lang= devfs=nomount ramdisk_size=16438 \
   {ksdevice}

The URL can be obtained from the Kickstart Details page. It will look something like this:

http://my.sat.server/kickstart/ks/org/1271287x2c4682f33b87ed1d4dbea8/label/my-rhel3-as-ks

IP addressed-based kickstart URLs will look something like this:

http://my.sat.server/kickstart/ks/mode/ip_range

The kickstart distribution selected by the IP range should match the distribution you are building from, or errors will occur. {ksdevice} is optional, but looks like:

ksdevice=eth0

It is possible to change the distribution for a kickstart profile within a family, such as RHEL AS3 to RHEL ES3, by specifying the new distribution label. Note that you cannot move between versions (2.1 to 3) and between updates (U1 to U2).

Next, you may customize isolinux.cfg further for your needs, such as by adding multiple kickstart options, different boot messages, shorter timeout periods, etc.

Then make the ISO, as described in the Making an Installation Boot CD-ROM section of the Red Hat Enterprise Linux 3 Installation Guide. Or by issuing the command:

mkisofs -o file.iso -b isolinux.bin -c boot.cat -no-emul-boot -boot-load-size 4 \
-boot-info-table -R -J -v -T isolinux/

Note that isolinux/ is the relative path to the directory containing the isolinux files you got from the distribution cd, while file.iso is the output iso file, put into the current directory.

You may then burn the ISO to CD-ROM. To use the disc (assuming you left the label for the kickstart boot as 'ks'), you should boot and type "ks" at the prompt. When you hit enter, the kickstart should begin.

6.4.10.12. Integrating Kickstart with PXE

In addition to CD-ROM-based installs, RHN supports kickstarts through a Pre-Boot Execution Environment (PXE). This is less error prone than CDs, enables kickstarting from bare metal, and integrates with existing PXE/DHCP environments.

To use this method, you should make sure your systems have network interface cards (NIC) that support PXE, install and configure a PXE server, ensure DHCP is running, and then place the appropriate files on an HTTP server for deployment. Once the kickstart profile has been created, you may use the URL from the Kickstart Details page, just as you do for CD-ROM-based installs.

To obtain specific instructions for conducting PXE kickstarts, refer to the PXE Network Installations chapter of the Red Hat Enterprise Linux 3 System Administration Guide.

TipTip
 

Upon running the Network Booting Tool as described in the Red Hat Enterprise Linux 3: System Administration Guide, ensure you select "HTTP" as the protocol and include the domain name of the RHN Satellite Server in the Server field if you intend to use it to distribute the installation files.