How to Install SpaceWalk on CentOS 7 / RHEL 7
The Spacewalk is the upstream project for the source of Red Hat Satellite, released under GPLv2 license.
Spacewalk provides the web interface to manage and view the updates for the system that are registered with Spacewalk, and we can initiate the task such as install, update, inventory, and so on.
Here is the small tutorial about installing Spacewalk on CentOS 7 / RHEL 7.
- Inventory of the systems
- Install and Update system packages.
- Perform Kick-start installation.
- Deploy and Manage the configuration files from single location
- Start / Stop / Configure the guests.
- Distribute the content across the multiple Geographical location using spacewalk proxy.
- Outbound open ports 80, 443
- Inbound open ports 80, 443, 5222 (only if you want to push actions to client machines) and 5269 (only for push actions to a Spacewalk Proxy), 69 udp if you want to use tftp
- Storage for database: 250 KiB per client system + 500 KiB per channel + 230 KiB per package in channel (i.e., 1.1GiB for channel with 5000 packages)
- Storage for packages (default /var/satellite): Depends on what you’re storing; Red Hat recommend 6GB per channel for their channels
- 2GB RAM minimum, 4GB recommended
- Underlying (SpaceWalk Server) OS is fully up-to-date.
HostName : server.itzgeek.local
IP Address: 192.168.1.10
OS: CentOS Linux release 7.4.1708 (Core)
Make sure the system is configured with static IP Address.
Before installing Spacewalk on CentOS, we must configure required repositories on our system.
Lets first setup Spacewalk repository to get the latest of Spacewalk version, v2.7.
rpm -Uvh http://yum.spacewalkproject.org/2.7/RHEL/7/x86_64/spacewalk-repo-2.7-2.el7.noarch.rpm
You need to configure Java respositories for getting dependecies for Spacewalk installation.
cd /etc/yum.repos.d curl -O https://copr.fedorainfracloud.org/coprs/g/spacewalkproject/java-packages/repo/epel-7/group_spacewalkproject-java-packages-epel-7.repo
Also, setup EPEL repo on CentOS 7.
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
Additionally, in RHEL 7, subscribe the system to Optional Channels.
subscription-manager repos --enable rhel-7-server-optional-rpms
Your Spacewalk server should have a resolvable fully-qualified domain name (FQDN) like “hostname.domain.com”.
To do that edit /etc/hosts file.
Modify it according to your environment.
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 # Your Spacewalk Server 192.168.1.10 server.itzgeek.local server
As said in the prerequisites, we need to have the outbound port opened. Run the following on terminal to allow the required ports.
firewall-cmd --permanent --add-service=http ; firewall-cmd --permanent --add-service=https
Add port 5222 if you want to push actions to client machines and 5269 for push actions to a Spacewalk Proxy, 69 udp if you want to use tftp.
Restart firewall service using the command:
SpaceWalk supports PostgreSQL (version 8.4 or higher) or Oracle ( version 10g or higher) as a database for storing its data.
Spacewalk has the embedded setup for PostgreSQL database which will do the automatic Spacewalk installation without having user intervention to enter the database information.
Embedded database method is very easy to setup and runs the Spacewalk in no time; this is very useful for those who do not have any database knowledge. Here we will use the embedded database for Spacewalk installation.
yum install spacewalk-setup-postgresql
You can use the external PostgreSQL or Oracle database to install Spacewalk. You can find the tons of documents online to setup database.
If you are planning use PostgreSQL database (Either Embedded or External PostgreSQL database), then install the following package.
yum install spacewalk-postgresql
Initialize the PostgreSQL database before starting the installation.
Initializing database ... OK
If you have installed the embedded database, then use below command. It will ask you to enter the admin mail and organization details to generate the self-signed certificate for secure access.
* Setting up SELinux.. ** Database: Setting up database connection for PostgreSQL backend. Database "rhnschema" does not exist ** Database: Installing the database: ** Database: This is a long process that is logged in: ** Database: /var/log/rhn/install_db.log *** Progress: ### ** Database: Installation complete. ** Database: Populating database. *** Progress: ########################## * Configuring tomcat. * Setting up users and groups. ** GPG: Initializing GPG and importing key. ** GPG: Creating /root/.gnupg directory You must enter an email address. Admin Email Address? firstname.lastname@example.org * Performing initial configuration. * Configuring apache SSL virtual host. Should setup configure apache's default ssl server for you (saves original ssl.conf) [Y]? Y ## Press Y # ** /etc/httpd/conf.d/ssl.conf has been backed up to ssl.conf-swsave * Configuring jabberd. * Creating SSL certificates. CA certificate password? ## Enter Certificate Password ## Re-enter CA certificate password? ## Re Enter Certificate Password ## Cname alias of the machine (comma seperated)? server.itzgeek.local,server ## Certificate Sub Name ## Organization? ITzGeek ## Your Organization Name ## Organization Unit [server.itzgeek.local]? IT ## Your Organization Unit ## Email Address [email@example.com]? ## Email Address ## City? Albany ## Your City ## State? NY ## Your State ## Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? US ## Your Country ## ** SSL: Generating CA certificate. ** SSL: Deploying CA certificate. ** SSL: Generating server certificate. ** SSL: Storing SSL certificates. * Deploying configuration files. * Update configuration in database. * Setting up Cobbler.. Cobbler requires tftp and xinetd services be turned on for PXE provisioning functionality. Enable these services [Y]? Y * Restarting services. Installation complete. Visit https://server.itzgeek.local to create the Spacewalk administrator account.
On complete, start the Spacewalk service if not started automatically.
Open up your browser and navigate it to
You need to add exceptions for the self-signed certificate.
You will be asked to create an administrator account for the spacewalk, fill up details and click on Create Login.
Once administrator account is created, it will take you to the home page of spacewalk where you can do all administration activities.
That’s All. You have successfully installed Spacewalk on CentOS 7 / RHEL 7. Next tutorial is about Configuring the SpaceWalk to distribute the updates for CentOS clients.