orcharhino is a complete data centre management solution for physical and virtual servers. Key features include automated system deployment, configuration management, and content management including patch management. You can automate tasks and quickly deploy hosts, all through a single unified interface.
This alphabetically ordered glossary provides an overview of orcharhino related technical terms.
- Activation Key
Activation keys are used by the
subscription-managerto register hosts with orcharhino’s content management. They consist of three parts: a lifecycle environment, a content view, and subscriptions. They are associated to exactly one lifecycle environment and exactly one content view, though this may be a composite content view. You can use them on multiple machines and they behave like configuration information rather than traditional software licence keys. You can associate them to one or more subscriptions, which generally correspond to products. When a host registers using a given key, content is made available to the host. The content that is made available is the set theoretic intersection between the content present in the key’s content view/lifecycle environment combination, and the content present in the key’s subscriptions.
Ansible is a configuration management tool running agentless via SSH or PowerShell to provision hosts. It uses so-called Playbooks (
.yaml-files) to describe configuration, deployment, and orchestration. Within orcharhino, Ansible can be used as a configuration management tool for your managed hosts. You can also use Ansible to automate orcharhino itself using the Foreman Ansible modules.
- ARF Reports
Asset Reporting Format (ARF) Reports are the result of compliance scans on managed hosts which have a policy assigned. They list compliance criteria and whether the scanned host has passed or failed.
- Compliance Policies
Compliance Policies relate to the actual application of SCAP content to managed hosts using orcharhino with its OpenSCAP plugin. You can create compliance policies using the orcharhino management UI. Compliance reports require the setting of a specific XCCDF profile from a SCAP content, optionally using a tailoring file. They are associated with a schedule for running audits and can be associated with any number of host groups.
- Compute Resource
A compute resource is an external virtualization solution that you can attach to orcharhino. Once attached, the orcharhino can deploy to, as well as manage instances within the virtualization solution. Prominent examples for compute resources include VMware, libvirt, and Proxmox installations, as well as cloud providers like Microsoft Azure. Compute resources can be accessed via the infrastructure menu.
Content describes a software repository, errata information, or other files.
- Content Host
A content host receives content from your orcharhino Server or your orcharhino Proxies. It must be subscribed to orcharhino and is always associated to exactly one content view and exactly one lifecycle environment.
- Content View
Content views are named and versioned collections of repositories. Whenever a new content view version is published, the current software content state of the repositories within it is frozen. Any subsequent changes to the underlying repositories will no longer affect the published content view version.
- Composite Content View
Composite content views do not contain products, but other content views, which allows for a more modular approach of managing content. Unless noted otherwise, the term content view is used to refer to both content views and composite content views.
A deployment is the supply of software to its intended destination. This process is ideally automated. In orcharhino, it is used to describe the creation of a new host, which includes its provisioning, installation of an operating system, and configuration.
Foreman is an open source component of orcharhino.
Hammer is a command-line interface tool for orcharhino. It can be used to directly interact with orcharhino’s API without the need for a browser. It works well for automating certain recurring tasks, another possibility is to use either remote execution or Ansible modules.
A host is a system that is managed by orcharhino. It can be either physical or virtual. A host is always connected to exactly one content view in orcharhino.
- Host Group
Host groups are used to specify certain properties in advance for new hosts to be built. They can contain networking and operating system information. They further help unifying configuration management in Ansible, Puppet, and Salt by grouping hosts. Host groups apply not only to new hosts, but also existing ones. This excludes the content view and lifecycle environment, which is defined by the activation key.
- Installation Media
Installation media are packages used to install the base operating system during the provisioning process. An installation medium in orcharhino represents the installation files for one or more operating systems, which must be accessible via the network, either via an URL or an NFS server location. It is usually either a mirror or a CD or DVD image. Pointing the URL of the installation medium to a local copy, for example
http://orcharhino.example.com/pub/installation_media/, may improve provisioning time and reduce network load.
Every operating system depends on exactly one path of an installation medium, whereas installation media paths may serve different operating systems at the same time.
For CentOS and RHEL, this can be done by using the keywords
$minor in the path, which will be filled in when accessing the URL.
Debian, Ubuntu, and SLES do not support such variables.
Installation media for multiple versions of Debian may be bundled in one path, for example a repository containing packages for both Debian 10 Buster as well as Debian 11 Bullseye.
This also works for Ubuntu.
Katello is a plugin for orcharhino to enable content management, that means holding software packages available. It depends on Pulp for content management, which fetches software from repositories and stores various versions of it. It is installed by default.
- Katello Agent
The client-side software allows orcharhino users to manage registered hosts (that is content hosts) within orcharhino’s management UI.
The Katello agent supports package actions for Red Hat and SUSE based systems. The remote execution plugin additionally supports package actions for Debian and Ubuntu. As a result, use of the Katello agent for package actions will be deprecated in favour of the remote execution plugin in the not too distant future.
- Katello Host Tools and Katello Host Tools Tracer
The client-side software is responsible for the connection between managed hosts and content from orcharhino or orcharhino Proxies. It uploads currently used repositories and installed packages to orcharhino and signals if the managed host needs to be rebooted after updating the Linux Kernel. Note that
katello-host-tools-traceris not available for hosts running SLES 12 and below.
- Lifecycle Environment
Lifecycle environments describe the stage is which certain versions of content are available to hosts. For example, the classic scenario for lifecycle management is to distinguish between hosts for development, testing, and production. In this scenario, hosts would be assigned to either the development, testing, or production lifecycle environment. It would then be possible to run different versions of the same software in the different environments. This way, new versions of a software can be developed, and then tested before being used in the production environment, greatly reducing the risk of disruption by prematurely rolled out updates.
- Lifecycle Environment Path
Lifecycle environments are organized into directional paths. Content view versions are then promoted through the lifecycle environment path. Sticking with the previous example, a new content view version would be used in the Development environment fist, then be promoted to Testing, and only enter Production once it has been sufficiently tested. It is possible to create multiple lifecycle environment paths, containing a variable number of lifecycle environments. All paths originate from the Library environment, which is always present by default.
Location is a tag mostly used for geographical separation of managed hosts by orcharhino. This could be different cities or different data centres.
- orcharhino Proxy
orcharhino Proxies are autonomous orcharhino components that run on separate hosts from the orcharhino Server. They interact with orcharhino Server in a client-server model. Your orcharhino installation always comes bundled with integrated smart proxy functionality, such that it can function as the sole orcharhino Proxy for most use cases.
Separate orcharhino Proxies are only needed in scenarios where orcharhino manages an IT infrastructure that spans across multiple networks. In such scenarios, orcharhino Server requires an orcharhino Proxy in every network with a compute resource provider, which differs from the orcharhino Server network.
Organization is a tag used for organizational separation of managed hosts by orcharhino. This is particularly useful when dealing with several customers or business units.
- Patch and Release Management
Patch and release management describes the process of acquiring, managing, and installing patches and software updates to your infrastructure. It also keeps control on the package versions available to the hosts and provides information on applicable errata.
Products are named collections of one or more content repositories including their respective errata information. A single product can contain repositories of different types. You can add repositories to orcharhino as part of a product. One or more products form a content view, for example it can be a bundle of
CentOS 7 Client.
- Provisioning Template
Provisioning templates are templates, which automatically generate AutoYaST files for SUSE, Kickstart files for Alma Linux, Amazon Linux, CentOS, Oracle Linux, Red Hat Enterprise Linux, and Rocky Linux, or Preseed files for Debian and Ubuntu used to automatically install an operating system. This results in an installation process without the need of manual user input.
Pulp manages repositories of software packages by mirroring them locally. It provides patch and content management for Katello.
Puppet is a software configuration management tool utilising a declarative language in a server-client architecture.
PXE stands for preboot execution environment and is used to boot operating systems received from the network rather than a local disk. It requires a compatible NIC and relies on DHCP and TFTP.
- Red Hat Subscription
For Red Hat customers, orcharhino provides additional features for the management of Red Hat content.
A repository is a single source of content, usually in form of an URL. It is the smallest storage unit for software content in orcharhino. A repository generally needs to be synchronized with a content source to obtain content, although you can also manually upload packages to orcharhino. To be usable in orcharhino, a remote repository must be of a type supported by orcharhino. These types are deb, yum, Puppet, Docker, and file. One or more repositories form a product, for example
CentOS Updates, and
Salt is a modular configuration management tool used to maintain hosts in certain defined states, for example have packages installed or services running. It is designed to be idempotent. orcharhino utilises Salt for configuration management.
Security Content Automation Protocol (SCAP) refers to a
.xmlfile in DataStream format. This format is part of the SCAP standard since version 1.2. DataStream files define a security baseline for hosts to comply with and may bundle multiple constituent parts.
- Simple Content Access
Simple content access (SCA) aims to simplify subscription management. In organizations which have simple content access enabled, content hosts don’t have to be subscribed to a product in order to access its content. Instead, content hosts automatically consume all repositories published within their content view and lifecycle environment.
- Smart Proxy
Smart proxies are network nodes acting as an intermediate relaying network traffic in a certain manner. They may provide DNS, DHCP, TFTP, and CA functionalities as well as supplying synchronized or relayed content from orcharhino Server to managed hosts. An orcharhino Proxy bundles various smart proxy functionalities and may act as an Ansible control node, a Puppet master, or a Salt Master.
A subscription is closely tied to a product and contains the right to access certain content. The usage of Red Hat and SUSE products is limited by the amount of available subscriptions.
Advanced subscriptions management is generally only needed for Red Hat and SUSE products. Other products generally have an unlimited number of subscriptions available and each subscribed content host will automatically be given one.
- Subscription Manager
subscription-manageris a client application that is necessary for the host to receive content from the orcharhino. It activates and deactivates subscriptions and may enable or disable repositories. The subscription manager registers the machine to orcharhino using its activation key.
- SUSE Subscription
For SUSE customers, orcharhino provides additional features for the management of SUSE repositories. You can use the SCC Manager plugin to manage your SUSE content in orcharhino.
Synchronization describes the process of content being pulled from external repositories to the local Pulp storage.
- Sync Plan
Sync plans describe the periodic synchronization from external content.
- Tailoring Files
Tailoring Files specify a set of modifications to existing SCAP content. They adapt SCAP content to your particular needs without changing the original SCAP content itself.
Virtualization describes the process of running multiple operating systems with various applications on a single hardware host using hypervisors like VMware, Proxmox, or libvirt. It facilitates scalability and cost savings.
- XCCDF Profiles
eXtensible Configuration Checklist Description Format (XCCDF) Profiles are a component part of SCAP content. XCCDF is a language to write security checklists and benchmarks. An XCCDF file contains security configuration rules for lists of managed hosts.