Managing SLES Systems Guide

SLES is a commercially supported Linux distribution and a popular choice for servers and cloud computing due to its long term support. This guide shows how to attach existing or deploy new hosts running SUSE Linux Enterprise Server (short: SLES) 15 SP3. When starting with a basic orcharhino installation, you can configure and prepare your orcharhino to deploy hosts running SLES 15 SP3 in five steps:

  1. Prepare the installation media to perform offline installations.

  2. Create the operating system entry for SLES 15 SP3.

  3. Synchronize SUSE content to orcharhino.

  4. Create a host group to bundle provisioning and configuration information.

  5. Deploy a host running SLES 15 SP3.

Attaching Hosts Running SLES 15 SP3

You can attach existing hosts running SLES 15 SP3 to your orcharhino. Refer to the attach existing hosts guide for more information on how to attach existing hosts running SLES using the bootstrap.py script.

Prerequisites
  • If you use a self-signed certificate on your orcharhino, ensure hosts trust the SSL certificate before running the bootstrap.py script.

  • An activation key for the host needs to exist and contain the necessary software content.

  • A host group must be configured accordingly to have orcharhino manage the host completely.

    Ensure to select a host group without any predefined deploy on compute resource. Otherwise, attaching an existing host starts deploying a new host to the compute resource selected in the deploy on drop down menu. Refer to creating a host group for more information.

  • Synchronize the required orcharhino client repository and create a content view.

  • (Debian, SLES, and Ubuntu only) Use --deps-repository-url to specify the repository containing the required dependencies. Navigate to Content > Products, click on your orcharhino clients product, choose the orcharhino client repository on the Repositories tab, and select the appropriate client repository. Pass the Published At URL using --deps-repository-url, for example --deps-repository-url https://orcharhino.example.com/pulp/deb/Example/Library/custom/Debian_Client/Debian_10_Client/.

  • (SLES only) Ensure to provide the managed host with the dependencies of subscription-manager:

    Operating System SUSE Repository

    SLES 11 SP4

    Pool Repository, Update Repository

    SLES 12 SP5

    Pool Repository

    SLES 15

    Pool Repository, Module-Basesystem Repository

    SLES 15 SP1

    Pool Repository, Module-Basesystem Repository, Module-Python2 Repository

    SLES 15 SP2

    Pool Repository, Module-Basesystem Repository, Module-Python2 Repository

    SLES 15 SP3

    Pool Repository, Module-Basesystem Repository, Module-Python2 Repository

    Ensure the necessary SUSE repositories are available using the activation key.

Procedure
  1. Download the bootstrap.py script to your host using wget:

    # wget http://orcharhino.example.com/pub/bootstrap.py
  2. Use the --help option to display a list of mandatory options:

    # python bootstrap.py --help
  3. Attach your host running SLES 15 SP3 to your orcharhino:

    # ./bootstrap.py \
        -s "orcharhino.example.com" \
        -a "sles_15_sp3" \
        -o "Example" \
        -L "Munich" \
        -l "admin" \
        -p "password" \
        -g "SLES 15 SP3" \
        --fqdn "my-host.example.com" \
        --deps-repository-url "https://orcharhino.example.com/pulp/rpm/Example/Library/custom/SLES_15_SP3_Client/SLES_15_SP3_Client/"

Preparing the Installation Media

Extract the installation media for SLES 15 SP3 on your orcharhino to perform offline installations.

Procedure
  1. Download the SLES 15 SP3 installation media from suse.com/download/sles.

  2. Transfer the .iso image from your local machine to orcharhino using scp:

    # scp SLE-15-SP3-Full-x86_64-GM-Media1.iso root@orcharhino.example.com:/tmp/
  3. Download the signature and checksum from suse.com and transfer both to your orcharhino.

  4. On your orcharhino, verify the integrity and authenticity of the .iso image using GPG public keys:

    # gpg --verify sles_15_sp3.signature SLE-15-SP3-Full-x86_64-GM-Media1.iso.sha256
    # echo '2a6259fc849fef6ce6701b8505f64f89de0d2882857def1c9e4379d26e74fa56 SLE-15-SP3-Full-x86_64-GM-Media1.iso' | sha256sum --check
  5. Mount the .iso image:

    # mount SLE-15-SP3-Full-x86_64-GM-Media1.iso /mnt
  6. Copy the content of the mounted installation media to the pub directory:

    # mkdir -p /var/www/html/pub/installation_media/sles/15sp3
    # cp -a /mnt/* /var/www/html/pub/installation_media/sles/15sp3/
  7. Unmount and delete the .iso image:

    # umount /mnt
    # rm -rf /tmp/SLE-15-SP3-Full-x86_64-GM-Media1.iso

Use the path to the local installation media files when creating an installation media, for example http://orcharhino.example.com/pub/installation_media/sles/15sp3/. This allows you to perform offline installations of hosts running SLES 15 SP3.

Creating the Operating System Entry

Create an installation medium entry and operating system entry for SLES 15 SP3.

You can use an Ansible role to configure operating systems. The Ansible role is located on your orcharhino at /usr/share/orcharhino-ansible/roles/or_operating_systems/.

Prerequisite
  • An extracted .iso image on orcharhino or an HTTP server that can be reached during the host provisioning process.

Procedure
  1. Navigate to Hosts > Installation Media and click Create Medium.

    • The Name identifies the installation media for SLES 15 SP3. We recommend adding local to the name as the path of the extracted .iso image points to your orcharhino.

    • The Path defines the path to the extracted .iso image. The content of /var/www/html/pub/ is publicly available on http://orcharhino.example.com/pub/. If you extract the .iso image to /var/www/html/pub/installation_media/sles/15sp3/, the path is http://orcharhino.example.com/pub/installation_media/sles/15sp3/.

    • Set the Operating System Family to SUSE for all SLES systems.

    • Set a location and organization context for the installation media.

    • Click Submit to save the installation media entry for SLES 15 SP3.

  2. Navigate to Hosts > Operating Systems and click Create Operating System.

    • Set the Name of the operating system. Choose a name as reported by Ansible, Puppet, or Salt as fact.

    • Set the Major Version of SLES, for example 15.

    • Set the Minor Version of SLES, for example 3 for SLES 15 SP3.

    • Optional: Add an arbitrary Description.

    • Set the Family to SUSE for all SLES systems.

    • Set the Root Password Hash to SHA256 for SLES 15 SP3.

    • Assign the Architectures to SLES 15 SP3.

    • The other tabs require associations to the operating system. On a basic orcharhino installation, you cannot yet select any partition tables and templates when creating the operating system. Instead, click Submit to save the SLES 15 SP3 operating system entry and navigate to Hosts > Partition Tables and Hosts > Provisioning Templates to create and associate templates to the operating system. The partition tables and templates are stored in the /usr/share/foreman/app/views/unattended directory on your orcharhino server. Return to the operating system and select a partition table, an installation media, templates, and optionally parameters.

      You can use an Ansible role to configure operating systems. The Ansible role is located on your orcharhino at /usr/share/orcharhino-ansible/roles/or_operating_systems/.

    • Click Submit to save the operating system entry.

Installing the SCC Manager Plugin

Perform the following steps to install the SCC Manager plugin on your orcharhino:

Procedure
  1. Connect to your orcharhino using SSH:

    # ssh root@orcharhino.example.com
  2. Install the SCC Manager plugin on your orcharhino:

    # yum install -y tfm-rubygem-foreman_scc_manager
  3. Run database migrations on your orcharhino:

    # foreman-rake db:migrate
    # foreman-rake db:seed
  4. Restart orcharhino services:

    # foreman-maintain service restart

Continue by adding your SCC account to orcharhino.

Adding SCC Accounts to orcharhino

Prerequisites
Procedure
  1. Optional: Navigate to Content > Content Credentials and click Create Content Credential.

    Add the GPG public key for SLES 15 SP3 from suse.com. Refer to content credentials for more information.

  2. Navigate to Content > SUSE Subscriptions and click Add SCC Account.

    • Enter your account name and password.

    • Optional: Set a Sync interval to periodically update the SCC authentication tokens. Note that this does not refer to synchronizing content to orcharhino.

    • Optional: Assign a GPG key for SUSE products to the SCC products. zypper automatically verifies the signatures of each software package to ensure their authenticity.

      You can also set the GPG public key for SUSE repositories at a later stage. However, changing it does not affect already subscribed products. If you already have subscribed products in orcharhino, navigate to Content > Products and replace the GPG key in each respective product.

    • Click Test connection to verify your account information. Note that you have to re-enter your password if you’re trying to check the connection to an SCC account that has already been saved to orcharhino.

    • Click Submit to save your SCC account to orcharhino.

  3. Navigate to Content > SUSE Subscriptions, select your previously created SCC account, and click Sync to fetch a list of products associated to your SCC account.

You may now import products from your newly added SCC account.

Importing SUSE Products

Prerequisites
Procedure
  1. Navigate to Content > SUSE Subscriptions and click Select products on your previously synchronized SCC account.

    • Select all SUSE products you want to synchronize to orcharhino. This guide assumes you have access to and select the SUSE Linux Enterprise Server 15 SP3 x86_64 product.

    • Click Submit to create the selected SUSE products in orcharhino.

You can now synchronize or remove any selected SUSE products on the products page.

Synchronizing SUSE Content

You can use orcharhino to synchronize SLES content to deploy, attach, and serve content to managed hosts.

  1. Navigate to Content > Products, select the SUSE Linux Enterprise Server 15 SP3 x86_64 product, and click Sync Now to synchronize the SUSE repositories for SLES 15 SP3 to orcharhino.

  2. Navigate to Content > Content Views and click Create Content View.

    • Create a content view called SLES 15 SP3 comprising the SLES repositories created in the SLES 15 SP3 product.

    • Create a content view called SLES 15 SP3 orcharhino client comprising the orcharhino client repository created in the SLES 15 SP3 orcharhino client product.

    • Publish a new version of both content views.

  3. Navigate to Content > Content Views and click Create Content View.

    • Create a composite content view called Composite SLES 15 SP3 comprising the previously published SLES 15 SP3 content view, the SLES 15 SP3 orcharhino client content view, and optionally further content views of your choice, for example a content view containing Puppet. Refer to adding an orcharhino client on how to synchronize the orcharhino client repository for SLES 15 SP3 and the ATIX Service Portal for the necessary upstream URL.

    • Publish a new version and promote this version to the lifecycle environment of your choice.

  4. Navigate to Content > Activation Keys and click Create Activation Key.

    Create an activation key called sles-15-sp3 and configure it as follows:

    • On the Details tab, select a lifecycle environment and composite content view.

    • On the Subscriptions tab, select the necessary subscriptions, for example SLES 15 SP3, SLES 15 SP3 orcharhino client, and Puppet.

You can now create a host group and assign the previously created activation key to it to deploy hosts running SLES 15 SP3 more comfortably.

Creating a Host Group for SLES 15 SP3

Create a host group to bundle provisioning and configuration information for hosts running SLES 15 SP3.

Prerequisites
Procedure
  1. Navigate to Configure > Host Groups and click Create Host Group.

    • On the Host Group tab, enter a Name, Lifecycle Environment, Content View, Content Source, Deploy on, and Compute Profile.

    • On the Network tab, enter a Domain and Subnet.

    • On the Operating System tab, enter an Architecture, Operating System, Media, Partition Table, and optionally a Root Password.

    • On the Activation Keys tab, select the previously created Activation Key.

    • Optional: Assign Ansible Roles, Puppet Classes, or Salt States to the host group.

  2. Click Submit to save your host group to orcharhino.

Deploying Hosts Running SLES 15 SP3

Prerequisites
Procedure
  1. Navigate to Hosts > Create Host.

  2. Enter a name for your host.

  3. Select the previously created host group.

  4. Click Submit to deploy your host.

Enabling Kernel Live Patching

You can enable Kernel Live Patching using KLP for managed hosts running SLES 15 SP3 to allow for Linux Kernel updates without reboots.

Prerequisites
  • Synchronized content for SLES 15 SP3

  • Access to the SUSE product SUSE Linux Enterprise Live Patching 15 SP3 x86_64

Procedure
  1. Navigate to Content > SUSE Subscriptions and click Select products. Select the SUSE Linux Enterprise Live Patching 15 SP3 x86_64 product.

  2. Navigate to Content > Products, select the previously added product, and click Sync Selected.

  3. Once synchronized, navigate to Content > Content Views and add the repositories of the SUSE Linux Enterprise Live Patching 15 SP3 x86_64 product to your SLES 15 SP3 content view.

  4. Navigate to Content > Content Views and select the SLES 15 SP3 content view. Publish a new version of the selected content view.

  5. Navigate to Content > Activation Keys and select the previously created sles-15-sp3 activation key. On the Subscriptions tab, select the repositories of the SUSE Linux Enterprise Live Patching 15 SP3 x86_64 product.

  6. Connect to your managed host running SLES 15 SP3:

    # ssh root@my-host.example.com
  7. Update the available content on your managed hosts:

    # subscription-manager refresh
  8. Install the required package:

    # zypper install kernel-livepatch-tools
  9. Reboot your managed host:

    # reboot now

You can now continue with installing KLP Patches to update the Linux Kernel without rebooting your managed host.

Installing KLP Patches

Once Kernel Live Patching is enabled, you can install KLP patches to update the Linux Kernel without rebooting your managed host.

Prerequisite
Procedure
  1. Connect to your managed host running SLES 15 SP3:

    # ssh root@my-host.example.com
  2. Search for available Kernel live patches:

    # zypper search kernel-livepatch
  3. Install a KLP patch:

    # zypper install kernel-livepatch-5_3_18-59_5-default