Spacewalk Server Installation and Configuration

Spacewalk Server Installation and Configuration


Overview


In this article we are going to cover -

  • Spacewalk Server Installation and Configuration.


Prerequisites


  • Two CentOS/any Linux OS installed machine, one for spacewalk Server and other for spacewalk Client.
  • Proper networking access between the spacewalk server and client machines.
  • I assume that you have the basic knowledge of package management in linux.

In this article we are using the two machines:

  • CentOS Linux release 7.4.1708 (192.168.20.31) where we are going to install spacewalk Server.
  • CentOS Linux release 7.4.1708 (192.168.20.32) as a client/remote server, where we are going to install package using spacewalk Server.


Brief Overview of Spacewalk


Spacewalk is an open source tool which is used to manage system and package management. Using Spacewalk, we can deploy, manage and update packages to Red Hat derived distributions like CentOS, Fedora and Scientific Linux etc. The Spacewalk is the upstream project for the source of Red Hat Satellite. It has a nice web interface that will help us to view the status of software updates in the clients and initiate update actions. Spacewalk provides provisioning capabilities that enables you to kick-start provision systems and manage and deploy configuration files.


Spacewalk have below major features:

  • Install and Update system packages.
  • Inventory of the systems.
  • Start / Stop / Configure the guests.
  • Perform Kick-start installation.
  • Deploy and Manage the configuration files from single location


Repositories Setup


Before installing Spacewalk, we will add some additional repositories that will help us to get some important dependencies. So, first setup Spacewalk repository to get the latest of Spacewalk version - v2.7.

# rpm -Uvh http://yum.spacewalkproject.org/2.7/RHEL/7/x86_64/spacewalk-repo-2.7-2.el7.noarch.rpm


Now we will setup the EPEL repo and configure Java repositories for getting dependencies for Spacewalk installation.

# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

 

# cd /etc/yum.repos.d/

 

# curl -O https://copr.fedorainfracloud.org/coprs/g/spacewalkproject/java-packages/repo/epel-7/group_spacewalkproject-java-packages-epel-7.repo

Our Spacewalk server should have a resolvable fully-qualified domain name (FQDN). For this we will add the Spacewalk server’s hostname and IP address manually in /etc/hosts file.

# vi /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.20.31   server.spacewalk

 
 
 
 


Install Spacewalk Database


Spacewalk needs a database server to store it’s primary data. By default, Spacewalk uses an embedded PostgreSQL database. Embedded database method is very easy to setup. Here we will use the embedded database for Spacewalk installation.

# yum install spacewalk-setup-postgresql



Install Spacewalk

Now we will install Spacewalk server using below command.

# yum install spacewalk-postgresql


Now we will initialize the PostgreSQL database before starting the installation.

# postgresql-setup initdb
Initializing database ... OK

 
 
 
 


Configure Firewall


We need to have the below port opened for different purpose.

  • Add port 5222, if we want to push actions to client machine.
  • Add port 5269 for push actions to a Spacewalk Proxy.
  • Add port 69 udp, if we want to use tftp.

# firewall-cmd --permanent --add-service=http

# firewall-cmd --permanent --add-service=https

 

# firewall-cmd --permanent --add-port=5222/tcp

# firewall-cmd --permanent --add-port=5222/udp

 

# firewall-cmd --permanent --add-port=5269/tcp

# firewall-cmd --permanent --add-port=5269/udp

 


Restart firewall service using the command.

# firewall-cmd --reload

 

# systemctl enable firewalld



Configure Spacewalk


We are going to configure the Spacewalk with the installed embedded database. It will ask us to enter the admin mail, password and organization details to generate the self-signed certificate for secure access. During Spacewalk configuration, it will be asked to enter a password for the Spacewalk database user.

 

Please don’t use ‘#’ (number sign/pound/hash) and ‘@’ in your database password otherwise installation will fail.

 

# spacewalk-setup


Output:

* Setting up SELinux..
** Database: Setting up database connection for PostgreSQL backend.
Database "rhnschema" does not exist
** Database: Installing the database:
** Database: This is a long process that is logged in:
** Database: /var/log/rhn/install_db.log
*** Progress: ###
** Database: Installation complete.
** Database: Populating database.
*** Progress: ##########################
* Configuring tomcat.
* Setting up users and groups.
** GPG: Initializing GPG and importing key.
** GPG: Creating /root/.gnupg directory
You must enter an email address.
Admin Email Address? admin@linuxtechiebulb.com
* Performing initial configuration.
* Configuring apache SSL virtual host.
Should setup configure apache's default ssl server for you (saves original ssl.conf) [Y]? Y
** /etc/httpd/conf.d/ssl.conf has been backed up to ssl.conf-swsave
* Configuring jabberd.
* Creating SSL certificates.
CA certificate password? # Enter Certificate Password
Re-enter CA certificate password?  # Re Enter Certificate Password
Cname alias of the machine (comma seperated)? spacewalk-server, server
Organization? LinuxTechieBulb
Organization Unit [spacewalk-server]? IT
Email Address [admin@linuxtechiebulb.com]? admin@linuxtechiebulb.com
City? Bangalore
State? Karnataka
Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? IN
** SSL: Generating CA certificate.
** SSL: Deploying CA certificate.
** SSL: Generating server certificate.
** SSL: Storing SSL certificates.
* Deploying configuration files.
* Update configuration in database.
* Setting up Cobbler..
Cobbler requires tftp and xinetd services be turned on for PXE provisioning functionality. Enable these services [Y]? Y
* Restarting services.

Installation complete.
Visit https://spacewalk-server to create the Spacewalk administrator account.

 
 

Spacewalk server has been configured now. After complete, start the spacewalk service if not started automatically.

# /usr/sbin/spacewalk-service start


We can check the spacewalk-service status using the below command:

# /usr/sbin/spacewalk-service status


Output:

Redirecting to /bin/systemctl status postgresql.service
● postgresql.service - PostgreSQL database server
Loaded: loaded (/usr/lib/systemd/system/postgresql.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-03-12 17:30:52 IST; 8min ago

...

Redirecting to /bin/systemctl status jabberd.service
● jabberd.service - Jabber Server
Loaded: loaded (/usr/lib/systemd/system/jabberd.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-03-12 17:30:52 IST; 8min ago

...

Redirecting to /bin/systemctl status tomcat.service
● tomcat.service - Apache Tomcat Web Application Container
Loaded: loaded (/usr/lib/systemd/system/tomcat.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-03-12 17:30:52 IST; 8min ago

...

Redirecting to /bin/systemctl status httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-03-12 17:31:24 IST; 8min ago

...

Redirecting to /bin/systemctl status osa-dispatcher.service
● osa-dispatcher.service - OSA Dispatcher daemon
Loaded: loaded (/usr/lib/systemd/system/osa-dispatcher.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-03-12 17:31:24 IST; 8min ago

...

Redirecting to /bin/systemctl status rhn-search.service
● rhn-search.service - Spacewalk search engine
Loaded: loaded (/usr/lib/systemd/system/rhn-search.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-03-12 17:31:25 IST; 8min ago

...

● cobblerd.service - LSB: daemon for libvirt virtualization API
Loaded: loaded (/etc/rc.d/init.d/cobblerd; bad; vendor preset: disabled)
Active: active (running) since Mon 2018-03-12 17:31:27 IST; 8min ago

...

Redirecting to /bin/systemctl status taskomatic.service
● taskomatic.service - Taskomatic
Loaded: loaded (/usr/lib/systemd/system/taskomatic.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-03-12 17:31:27 IST; 8min ago

...

 
 
 
 

Now we can access the spacewalk from the web browser and navigate to https://hostname/ or https://ip-address/. We need to add exceptions for the self-signed certificate.



Now we will be asked to create an administrator account for the spacewalk and click on Create Login.



Once the administrator account is created, it will take us to the login page of spacewalk where we can enter the administration credentials.



After Signin, it will take us to the home page of spacewalk where we can do all administration activities.



Now our Spacewalk server successfully installed and configured on CentOS 7.


That’s all for now. In my upcoming article, we’ll cover:

  • Create a channel.
  • Create a repository.
  • Download the package on Spacewalk server.
  • Generate the activation key.


Next Article: Managing Spacewalk Channels and Repositories


Leave a Reply

Your email address will not be published. Required fields are marked *