Spacewalk is an open source package and system management solution for RedHat derivative distributions like CentOS, Scientific Linux and Fedora, developed by the spacewalk community. Spacewalk is the upstream project for the source of Red Hat Satellite, It is released under GPLv2 license.
Spacewalk provides the web interface to manage and view the updates for the system that are registered with Spacewalk, we can initiate the task such as install, update, inventory, and so on. Here is the small tutorial about installing Spacewalk on CentOS 7 / RHEL 7.
- Inventory of the systems
- Install and Update system packages.
- Configuring Kick-start installation.
- Deploy and Manage the configuration files from singe location
- Start / Stop / Configure the guests.
- Distribute the content across the multiple Geo graphical location using spacewalk proxy.
- Outbound open ports 80, 443
- Inbound open ports 80, 443, 5222 (only if you want to push actions to client machines) and 5269 (only for push actions to a Spacewalk Proxy), 69 udp if you want to use tftp
- Storage for database: 250 KiB per client system + 500 KiB per channel + 230 KiB per package in channel (i.e. 1.1GiB for channel with 5000 packages)
- Storage for packages (default /var/satellite): Depends on what you’re storing; Red Hat recommend 6GB per channel for their channels
- 2GB RAM minimum, 4GB recommended
- Underlying (SpaceWalk Server) OS is fully up-to-date.
HostName : server.itzgeek.local
IP Address : 192.168.12.3
OS : CentOS Linux release 7.1.1503 (Core)
Before installing Spacewalk on CentOS, we must configure required repositories for Spacewalk setup.
Lets first setup Spacewalk repository, at the time of writing, latest available Spacewalk version was 2.3.
rpm -Uvh http://yum.spacewalkproject.org/2.3/RHEL/7/x86_64/spacewalk-repo-2.3-4.el7.noarch.rpm
Setup Jpackage Repo:
Add the following.
[jpackage-generic] name=JPackage generic #baseurl=http://mirrors.dotsrc.org/pub/jpackage/5.0/generic/free/ mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=generic&type=free&release=5.0 enabled=1 gpgcheck=1 gpgkey=http://www.jpackage.org/jpackage.asc
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
Your Spacewalk server should have a resolvable fully-qualified domain name (FQDN) such as “hostname.domain.com”, to do that; edit /etc/hosts file.
Modify it according to your environment.
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 # Your Spacewalk Server 192.168.12.3 server.itzgeek.local server
As said in the prerequisites, we need to have outbound port opened. Run the following on terminal to allow the required ports.
firewall-cmd --permanent --add-service=http ; firewall-cmd --permanent --add-service=https
Add port 5222 if you want to push actions to client machines and 5269 for push actions to a Spacewalk Proxy, 69 udp if you want to use tftp.
Restart firewall service using command:
SpaceWalk supports PostgreSQL (version 8.4 or higher) or Oracle ( version 10g or higher) as a database for storing its data.
Spacewalk has the embedded setup for PostgrSQL database which will do the automatic Spacewalk installation without having user intervention to enter the database information. Embedded database method is very easy to setup and run the Spacewalk in no time; this is very useful for those who do not have any database knowledge.
yum install spacewalk-setup-postgresql
You can use the external PostgreSQL or Oracle database to install Spacewalk, you can find the tons of documents online to setup database.
If you are planning use PostgreSQL database (Either Embedded or External PostgreSQL database).
yum install spacewalk-postgresql
If you are planning to use Oracle database.
yum install spacewalk-oracle
If you have installed embedded database, then use below command. It will ask you to enter the admin mail and organization details to generate the self signed certificate for secured access.
if you have setup database manually, then use below commands depend on database type. It will ask you to enter external database details.
spacewalk-setup --disconnected --external-oracle
spacewalk-setup --disconnected --external-postgresql
Since i am using embedded postgresql database, an example session is as follows;
# spacewalk-setup --disconnected * Setting up SELinux.. ** Database: Setting up database connection for PostgreSQL backend. ** Database: Installing the database: ** Database: This is a long process that is logged in: ** Database: /var/log/rhn/install_db.log *** Progress: ### ** Database: Installation complete. ** Database: Populating database. *** Progress: ############################ * Configuring tomcat. * Setting up users and groups. ** GPG: Initializing GPG and importing key. ** GPG: Creating /root/.gnupg directory You must enter an email address. Admin Email Address? [email protected] ## Email Address ## * Performing initial configuration. * Activating Spacewalk. ** Loading Spacewalk Certificate. ** Verifying certificate locally. ** Activating Spacewalk. * Configuring apache SSL virtual host. Should setup configure apache's default ssl server for you (saves original ssl.conf) [Y]? ## Press Y ## ** /etc/httpd/conf.d/ssl.conf has been backed up to ssl.conf-swsave * Configuring jabberd. * Creating SSL certificates. CA certificate password? ## Enter Certificate Password ## Re-enter CA certificate password? ## Re Enter Certificate Password ## Organization? ITzGeek ## Your Organization Name ## Organization Unit [server.itzgeek.local]? Linux ## Your Organization Unit ## Email Address [[email protected]]? ## Email Address ## City? Albany ## Your City ## State? NY ## Your State ## Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? US ## Your Country ## ** SSL: Generating CA certificate. ** SSL: Deploying CA certificate. ** SSL: Generating server certificate. ** SSL: Storing SSL certificates. * Deploying configuration files. * Update configuration in database. * Setting up Cobbler.. Cobbler requires tftp and xinetd services be turned on for PXE provisioning functionality. Enable these services [Y]? ## Press Y ## * Restarting services. Installation complete. Visit https://server.itzgeek.local to create the Spacewalk administrator account .
On complete, start the Spacewalk service if not started automatically.
Open up your browser and navigate it to https://ip-add-ress or https://your-domain-name.
You will be asked to create administrator account for spacewalk, fill up details and click on Create Login.
Once administrator account is created, it will take you to home page of spacewalk where you can do all administration activities.
That’s All!!!, you have sucessfully installed Spacewalk on CentOS 7 / RHEL 7. Next tutorial is about Configuring the SpaceWalk to distribute the updates for CentOS clients.