CentOS server management with Spacewalk

This aims to be a quick reference for managing a CentOS server installation using Spacewalk. It will probably take more time than I guess but I’m sure that we will achieve my basic goal: install Spacewalk, create some repositories and subscribe a server to one of these repositories. Easy, uh? :)

I’ve considered to use Scientific Linux in the whole process but I found that CentOS (and his “spiritual” father ;) ) is more popular in the company that I work for. Anyway, I hope that managing SL repositories will be as easy as managing CentOS repositories.

So, now that we know what we want to achieve let’s start from the beginning!

Install Spacewalk

Installing Spacewalk is not as hard as one could think. I’ve started from a minimal installation of CentOS 6 and the process described in the Spacewalk wiki is really close to the actual process. Anyway, regardless of the shortness in some steps explanations, as I’m not a PostreSQL expert I needed to follow the guide in the Spacewalk wiki on how to manually set up the database.
Be careful because the PosgtreSQL server must be initialized and started (I know it’s obvious, but CentOS doesn’t start the server on its installation). To initialize and start the server you can execute the commands below:
$> service postgresql initdb
$> service postgresql start
I’ve decided to use the PostgreSQL because it’s open source while Oracle… well, it’s just Oracle ;)
Just to let you know, I’ve configured the Spacewalk using an answers file (spacewalk-setup –disconnected –answer-file=answers):
admin-email = root@localhost
ssl-set-org = Foo Org
ssl-set-org-unit = spacewalk
ssl-set-city = Barcelona
ssl-set-state = Barcelona
ssl-set-country = ES
ssl-password = spacewalk
ssl-set-email = root@localhost
ssl-config-sslvhost = Y
Don’t be afraid if you see an error warning you that the database is already installed, just execute the command that the alert gives you to “remove” the installed database and try again.Once you’ve installed and configured Spacewalk you are ready to point to the server IP on your browser and start playing around with it :)

First steps with Spacewalk and setting up repositories

First of all you will need to create an administrator account. In order to do that, Spacewalk has created a webpage that will be shown to you the first time you visit the portal:
Spacewalk - Install
Creating the account shouldn’t be a problem so, we will skip to the repositories set up!
Now, we will synchronize the EPEL 6 repository for 64-bits systems. This can be done both via web and using the command line interface and we will achieve that using both of them. To define the repository we will need first to create it on the portal (Channels > Manage Software Channels > Manage Repositories > Create new repository):
Spacewalk - Channels - Manage Software Channels - Manage Repositories
NOTE: The URL in this picture is: http://dl.fedoraproject.org/pub/epel/6/x86_64/
Once we got the repository configured, we are going to create a software channel (Channels > Manage Software Channels > Create new software channel) and then, go to the Repositories tab of the software channel menu and select the recently created repository:
Spacewalk - Channels - Manage Software Channels - Repositories
At this step, we’ve reached the first serious issue. If you try to synchronize the repository using the web (see the blue link on the grey menu bar in the image above), it won’t work. A valid workaround for that is to use the CLI tools.
IMPORTANT NOTE: It seems like it’s actually working but it could take a lot of time without any progress bar or whatever so, I will stick with the terminal command, which provides me a list of synchronized packages in real time.
To synchronize all the software packages from a remote repository to a local Spacewalk software channel you will need to execute the command below on the command line:
spacewalk-repo-sync –channel ixavi-main-channel
The bare EPEL repository has more than nine thousand packages so better grab a beer (or two, it took ten hours on my laptop) and wait ;) Of course, you would create your repository with just a few packages and test Spacewalk with it but, creating RPM repositories is not the focus of this article so we will leave that for another blog post and use a public one instead.
ISSUE: Taskomatic seems to have some serious problems handling huge repositories (like the EPEL one) it looks like it’s being killed before completing its tasks. In order to avoid some of these issues you can edit the Taskomatic config file in /usr/share/rhn/config-defaults/rhn_taskomatic_daemon.conf and increase some ping default values:wrapper.ping.timeout=36000

Anyway, it’s still probable that the Taskomatic instance was killed before you’ve done these modifications so, check that it’s running or start it once again executing this command:

/etc/init.d/taskomatic start

Once the repository is successfully updated, you will see its metadata information status in the portal in the software channel details page.

Activation keys and client registration

Before you can register clients on the channel that we’ve just set up, you must create an activation key. An activation key is the interface that will let clients connect to a concrete Spacewalk channel. To create an activation key you should go to Systems > Activation Keys > Create new key. In the following picture you can see how it should look like:
Spacewalk - Systems - Activation Keys
Be careful because Spacewalk adds a prefix to the activation key. So, you will need to include the prefix on the client register.
Once we’ve got the activation key it’s time for registering some client systems. Registering clients is an easy task… but you will need to enable some extra repositories to get the most recent versions of some required packages. The registering procedure is very well documented in the Spacewalk wiki. It might sound awkward but maybe you can download all the required packages manually (they are some ;) ) from the external repositories to avoid these repositories activation.
ISSUE: If you are working with Proxmox VE and fully virtualized VMs with KVM (doesn’t matter which version you are using) you will need to manually modify the VM descriptor to set the UUID. Without setting this identifier some registering commands will fail without detailed error messages in the system logs.
To define this identifier you will need to edit the VM descriptor placed on /etc/pve/qemu-server/???.conf and add the parameter “args: -uuid=xxxxxxx-xxxx-xxxx-xxxxxxxx” where “x” is an hexadecimal. The “args” parameter lets you pass KVM parameters from the Proxmox virtualization system.

Push changes from Spacewalk

Ok, we’ve installed Spacewalk, synchronized an external repository, created an activation key and subscribed a client system but none of these steps will let us manage the software or the configuration of the subscribed system so… how can we do it?To install some RPM package remotely we will go to the Systems page, click on the subscribed server to see its details and then go to Software > Packages > Install. There you will find a list of all available packages for the selected server; to install these packages you will need to select some packages (using the checkbox), click on the “Install Selected Packages”:

Spacewalk - Systems - Systems - Software - Packages - Install

Once you clicked on the button, you will see the next dialog to confirm the event scheduling:

Spacewalk - Systems - Systems - Software - Packages - Install2

Usually, client checks on the Spacewalk server take two hours between them but you can force a client check with:

$> rhn_check

This will force the client to check its status updates on the Spacewalk server and execute the required commands.

And that’s all, I found several errors during all the process but, fortunately, all of them could be solved with just a few google searches. The most complicated was the UUID setting on the VMs that I was using to build the example (Proxmox VE).

Hope you like it :)

One thought on “CentOS server management with Spacewalk”

Comments are closed.