Managing SUSE Content
You can use the SCC Manager plug-in to manage content from SUSE on your orcharhino.
Running SUSE Linux Enterprise Server on managed hosts requires a subscription from SUSE. Ensure to provide valid licenses for all used SUSE products. Using insufficient, invalid, or otherwise inadequate licenses might violate your terms with SUSE. We recommend using the SCC Manager plugin to import available products from SUSE to orcharhino. Navigate to Content > SUSE Subscriptions to see available and consumed SUSE subscriptions. |
Preparing SUSE Installation Media
Use this procedure to extract the SUSE installation medium on your orcharhino Server to provision hosts in a disconnected environment. This example prepares the installation medium for SUSE Linux Enterprise Server 15 SP3.
-
Download the
SLES 15 SP3
installation medium from suse.com/download/sles. -
Download the signature and checksum from suse.com.
-
Transfer the
.iso
image, the signature, and the checksum from your local machine to orcharhino Server usingscp
:# scp SLE-15-SP3-Full-x86_64-GM-Media1.iso root@orcharhino.example.com:/tmp/ # scp SLE-15-SP3-Full-x86_64-GM-Media1.iso.sha256 root@orcharhino.example.com:/tmp/ # scp sles_15_sp3.signature root@orcharhino.example.com:/tmp/
-
On your orcharhino Server, verify the integrity and authenticity of the
.iso
image using GPG public keys:# cd /tmp # gpg --verify sles_15_sp3.signature SLE-15-SP3-Full-x86_64-GM-Media1.iso.sha256 # echo '2a6259fc849fef6ce6701b8505f64f89de0d2882857def1c9e4379d26e74fa56 SLE-15-SP3-Full-x86_64-GM-Media1.iso' | sha256sum --check
-
Mount the
.iso
image:# mount SLE-15-SP3-Full-x86_64-GM-Media1.iso /mnt
-
Copy the content of the mounted installation medium to the
pub
directory:# mkdir -p /var/www/html/pub/installation_media/sles/15sp3 # cp -a /mnt/* /var/www/html/pub/installation_media/sles/15sp3/
-
Unmount and delete the
.iso
image:# cd # umount /mnt # rm -f /tmp/SLE-15-SP3-Full-x86_64-GM-Media1.iso # rm -f /tmp/SLE-15-SP3-Full-x86_64-GM-Media1.iso.sha256 # rm -f /tmp/sles_15_sp3.signature
You can use the path to the local installation media files when creating an installation medium, for example http://orcharhino.example.com/pub/installation_media/sles/15sp3/
.
For more information, see Adding Installation Media to orcharhino in Provisioning Hosts.
Creating a SUSE Operating System
Use this procedure to create an installation medium and operating system entry for SLES 15 SP3. For more information, see:
-
Adding Installation Media to orcharhino in Provisioning Hosts
-
Creating Operating Systems in Provisioning Hosts
-
An extracted
.iso
image on orcharhino or an HTTP server that can be reached from hosts during their provisioning process. For more information, see Preparing SUSE Installation Media.
-
In the orcharhino management UI, navigate to Hosts > Installation Media and click Create Medium.
-
Set a Name for the installation medium for SLES 15 SP3. Add
local
to the name because the path of the extracted.iso
image points to your orcharhino. -
Set the Path of the extracted
.iso
image. The content of/var/www/html/pub/
is publicly available onhttp://orcharhino.example.com/pub/
. If you extract the.iso
image to/var/www/html/pub/installation_media/sles/15sp3/
, the path ishttp://orcharhino.example.com/pub/installation_media/sles/15sp3/
. -
Set the Operating System Family to
SUSE
for all SLES systems. -
Set a location and organization context for the installation media.
-
On the Parameters tab, add the
sle-module-basesystem-url
parameter, select the string type, and enter the valuehttp://orcharhino.example.com/pub/installation_media/sles/15sp3/
. Note that the value depends on the path of the extracted.iso
image.Add the
or_client_repo_url
parameter, select the string type, and enter the valuehttp://orcharhino.example.com/pulp/repos/My_Organization/Library/custom/SLES_Client/SLES_Client_15SP3/
.If you want to provision hosts through orcharhino Proxies, you have to use the
sle-module-basesystem-path
andor_client_repo_path
parameters containing the Published At paths of your content on orcharhino Server. orcharhino Proxy will add the FQDN of your orcharhino Proxy to generate the URL based on the Content Source setting of your host.(SLES 12 only) Add the parameter
additional_media
, select the string type, and enter the value""
. -
Click Submit to save the installation media entry for SLES 15 SP3.
-
In the orcharhino management UI, navigate to Hosts > Operating Systems and click Create Operating System.
-
Set the Name of the operating system. Choose a name as reported by Ansible, Puppet, or Salt as fact.
-
Set the Major Version of SLES, for example
15
. -
Set the Minor Version of SLES, for example
3
for SLES 15 SP3. -
Optional: Add an arbitrary Description.
-
Set the Family to
SUSE
for all SLES systems. -
Set the Root Password Hash to
SHA256
for SLES 15 SP3. -
Assign the Architectures to SLES 15 SP3.
-
Click Submit to save the operating system entry.
-
In the orcharhino management UI, navigate to Hosts > Partition Tables and click Create Partition Table. The partition tables are stored in the
/usr/share/foreman/app/views/unattended/partition_tables_templates/
directory on your orcharhino Server.For more information, see Partition Tables in Provisioning Hosts.
-
In the orcharhino management UI, navigate to Hosts > Provisioning Templates and click Create Template. The provisioning templates are stored in the
/usr/share/foreman/app/views/unattended/provisioning_templates/
directory on your orcharhino Server.For more information, see Provisioning Templates in Provisioning Hosts.
-
In the orcharhino management UI, navigate to Hosts > Operating Systems.
-
Select the previously created operating system.
-
On the Partition Table tab, select the previously created partition table.
-
On the Templates tab, select the previously created provisioning template.
-
Click Submit to save the operating system entry.
Installing the SCC Manager Plug-in
Use this procedure to install the SCC Manager plug-in on your orcharhino.
-
Install the SCC Manager plug-in on your orcharhino Server:
# orcharhino-installer --enable-foreman-plugin-scc-manager
Adding an SCC Account to orcharhino
Use the following procedure to add your SCC account to orcharhino. To use the CLI instead of the orcharhino management UI, see the CLI procedure.
-
You have installed the SCC Manager plug-in on your orcharhino. For more information, see Installing the SCC Manager Plugin.
-
Optional: In the orcharhino management UI, navigate to Content > Content Credentials and click Create Content Credential.
Add the GPG public key for SLES 15 SP3 from suse.com.
-
In the orcharhino management UI, navigate to Content > SUSE Subscriptions.
-
Click Add SCC Account.
-
In the Name field, enter a name for your SCC account in orcharhino.
-
In the Login and Password fields, enter your SUSE credentials.
-
In the Base URL field, you can enter the base URL for the Suse Customer Center. By default, it is set to
https://scc.suse.com
. -
Optional: Set a Sync interval to periodically update the SCC authentication tokens. Note that this does not refer to synchronizing content to orcharhino.
-
Optional: In the Use GPG key for SUSE products field, you can select the previously created content credential to automatically add a GPG public key to your SUSE products.
zypper
automatically verifies the signatures of each software package to ensure their authenticity.You can also set the GPG public key for repositories from SUSE at a later stage. However, changing it does not affect already synchronized products. If you already have synchronized products in orcharhino, navigate to Content > Products and replace the GPG key in each respective product.
-
Optional: From the Download Policy list, select a download policy for your SUSE products. For more information, see Download Policies Overview.
-
Optional: From the Mirroring Policy list, select a mirroring policy for your SUSE products. For more information, see Mirroring Policies Overview.
-
Click Test connection to verify your account information. Note that you have to re-enter your password if you have already saved your SCC account to orcharhino.
-
Click Submit to save your SCC account to orcharhino.
-
In the orcharhino management UI, navigate to Content > SUSE Subscriptions, select your SCC account, and click Sync to fetch a list of products associated to your SCC account.
-
Optional: Import the public GPG key from SUSE into orcharhino.
For more information, see Importing a GPG Key in Managing Content.
-
Add your SCC account to orcharhino:
# hammer scc_manager scc_accounts create \ --base-url "https://scc.suse.com/" \ --interval My_Interval \ --katello-gpg-key-id My_GPG_Key_ID \ --location-id My_Location_ID \ --login "My_SCC_Account_Name" \ --name "My_Account_Name" \ --organization-id My_Organization_ID \ --password "My_SCC_Account_Password" \ --sync-date _My_Sync_Date
-
Test your SCC account credentials:
# hammer scc_manager scc_accounts test_connection \ --id My_SCC_Account_ID
Ensure Hammer CLI returns
Testing connection for SCC account succeeded.
. -
Synchronize the list of available SUSE products to orcharhino:
# hammer scc_manager scc_accounts sync \ --id My_SCC_Account_ID
-
Check the status of the task:
# hammer task info \ --id My_Task_ID
The synchronization is complete once Hammer CLI returns
State: stopped
andResult: success
.
Removing an SCC Account from orcharhino
Use the following procedure to remove your SCC account from orcharhino. To use the CLI instead of the orcharhino management UI, see the CLI procedure.
If you want to switch SCC accounts and retain your synchronized content, do not delete your old SCC account, even if it is expired. Instead, change the login and password of your SCC account. If you delete your old SCC account, you cannot reuse existing repositories, products, content views, and composite content views. For more information, see Switching SCC Accounts. |
-
In the orcharhino management UI, navigate to Content > SUSE Subscriptions.
-
For your SCC account, click Delete in the Actions menu.
-
Click Confirm to remove your SCC account from orcharhino.
-
Remove your SCC account from orcharhino:
# hammer scc_manager scc_accounts delete \ --id My_SCC_Account_ID
Switching SCC Accounts
You can switch your SCC account by changing the SCC credentials saved on orcharhino.
The SCC Manager plug-in does not support multiple SCC accounts. If you want to switch your SCC account and retain the synchronized content, do not immediately delete your old SCC account, even if it is expired. If you delete your old SCC account, you cannot reuse existing repositories, products, Content Views, and composite Content Views. |
-
You have added your SCC account to orcharhino. For more information, see Adding an SCC Account to Server.
-
In the orcharhino management UI, navigate to Content > SUSE Subscriptions.
-
Select your SCC account.
-
Enter a new Login and Password.
-
Click Submit to change your SCC account.
Your new SCC account reuses existing products and repositories from SUSE. Content that is no longer available for your new SCC account cannot be synchronized anymore.
Updating an SCC Account
Use the following procedure to update your SCC account in orcharhino. To use the CLI instead of the orcharhino management UI, see the CLI procedure.
-
In the orcharhino management UI, navigate to Content > SUSE Subscriptions.
-
Select your SCC account.
-
Update your SCC account as required.
For more information, see Adding an SCC Account to Server.
-
Click Submit to update your SCC account.
-
Update your SCC account in orcharhino:
# hammer scc_manager scc_accounts update \ My_Options
For a list of options, run
hammer scc_manager scc_accounts update --help
.
Importing SUSE Products
Use this procedure to import products from SUSE into orcharhino. To use the CLI instead of the orcharhino management UI, see the CLI procedure.
-
You have added your SCC account to orcharhino. For more information, see Adding an SCC Account to Server.
-
In the orcharhino management UI, navigate to Content > SUSE Subscriptions.
-
Click Select products on your previously synchronized SCC account.
-
Use the Select Product, Select Version, and Select Architecture lists to filter all available SUSE products.
Note that each filter depends on the previous selection.
-
Click Search to apply the filter.
-
Select all SUSE products you want to synchronize to orcharhino.
You can select individual repositories from the Filter repositories list. By default, debug and source repositories are excluded.
-
Click Add product(s) to create the selected SUSE products in orcharhino.
Note that the SCC Manager plug-in can only add, but not remove products from orcharhino.
-
Optional: Click on the task ID to follow the creation of the selected products in orcharhino.
-
List all available SUSE products:
# hammer scc_manager scc_accounts scc_products list \ --scc-account-id My_SCC_Account_ID
-
View information about a SUSE product:
# hammer scc_manager scc_accounts scc_products info \ --id My_SUSE_Product_ID \ --scc-account-id My_SCC_Account_ID
-
Subscribe to a SUSE product:
# hammer scc_manager scc_accounts scc_products subscribe \ --id My_SUSE_Product_ID \ --scc-account-id My_SCC_Account_ID
-
Optional: Subscribe to multiple SUSE products:
# hammer scc_manager scc_accounts bulk_subscribe \ --id My_SUSE_Account_ID \ --scc-subscribe-product-ids My_SUSE_Product_ID_1,My_SUSE_Product_ID_2,My_SUSE_Product_ID_3
Synchronizing SUSE Content
Use this procedure to synchronize SUSE content to your orcharhino to deploy, register, and serve content to managed hosts.
-
You have imported SUSE products into orcharhino. For more information, see Importing SUSE Products.
-
In the orcharhino management UI, navigate to Content > Products.
-
Select the
SUSE Linux Enterprise Server 15 SP3 x86_64
product and click Sync Now to synchronize the SUSE repositories for SLES 15 SP3 to orcharhino. -
In the orcharhino management UI, navigate to Content > Content Views.
-
Create a Content View called
SLES 15 SP3
comprising the SLES repositories created in theSLES 15 SP3
product and a Content View calledSLES 15 SP3 orcharhino client
comprising the orcharhino client repository created in theSLES 15 SP3 orcharhino client
product.For more information, see Creating a Content View.
-
Publish a new version of both Content Views.
For more information, see Promoting a Content View.
-
In the orcharhino management UI, navigate to Content > Content Views.
-
Click Create Content View to create a Composite Content View called
Composite SLES 15 SP3
comprising the previously publishedSLES 15 SP3
Content View, theSLES 15 SP3 orcharhino client
Content View, and optionally further Content Views of your choice, for example a Content View containing Puppet. For more information, see the ATIX Service Portal for the necessary upstream URL. For more information, see Creating a Composite Content View. -
Publish a new version and promote this version to the Life Cycle Environment of your choice.
-
In the orcharhino management UI, navigate to Content > Activation Keys.
-
Click Create Activation Key to create an Activation Key called
sles-15-sp3
.For more information, see Creating an Activation Key.
-
On the Details tab, select a Life Cycle Environment and Composite Content View.
-
On the Subscriptions tab, select the necessary subscriptions, for example
SLES 15 SP3
,SLES 15 SP3 orcharhino client
, andPuppet
.
Enabling Kernel Live Patching
You can enable Kernel Live Patching using KLP for managed hosts running SLES 15 SP3 to allow for Linux Kernel updates without reboots.
-
Synchronized content for SLES 15 SP3
-
Access to the SUSE product
SUSE Linux Enterprise Live Patching 15 SP3 x86_64
-
Navigate to Content > SUSE Subscriptions and click Select products. Select the
SUSE Linux Enterprise Live Patching 15 SP3 x86_64
product. -
Navigate to Content > Products, select the previously added product, and click Sync Selected.
-
Once synchronized, navigate to Content > Content Views and add the repositories of the
SUSE Linux Enterprise Live Patching 15 SP3 x86_64
product to yourSLES 15 SP3
content view. -
Navigate to Content > Content Views and select the
SLES 15 SP3
content view. Publish a new version of the selected content view. -
Navigate to Content > Activation Keys and select the previously created
sles-15-sp3
activation key. On the Subscriptions tab, select the repositories of theSUSE Linux Enterprise Live Patching 15 SP3 x86_64
product. -
Connect to your managed host running SLES 15 SP3:
# ssh root@my-host.example.com
-
Update the available content on your managed hosts:
# subscription-manager refresh
-
Install the required package:
# zypper install kernel-livepatch-tools
-
Reboot your managed host:
# reboot now
You can now update the Linux Kernel without rebooting your managed host.
Installing KLP Patches
After you have enabled Kernel Live Patching, you can install KLP patches to update the Linux Kernel without rebooting your managed host.
-
Kernel Live Patching is enabled on your managed host running SLES 15 SP3
-
Connect to your managed host running SLES 15 SP3:
# ssh root@my-host.example.com
-
Search for available Kernel live patches:
# zypper search kernel-livepatch
-
Install a KLP patch:
# zypper install kernel-livepatch-5_3_18-59_5-default
The text and illustrations on this page are licensed by ATIX AG under a Creative Commons Attribution–Share Alike 3.0 Unported ("CC-BY-SA") license. This page also contains text from the official Foreman documentation which uses the same license ("CC-BY-SA"). |