Registering Amazon Linux Clients
This section contains information about registering traditional and Salt clients running Amazon Linux operating systems.
Traditional clients are not available on Amazon Linux 2. Amazon Linux 2 clients are only supported as Salt clients. |
When created at AWS, Amazon Linux instances always have the same |
1. Add Software Channels
Before you register Amazon Linux clients to your Uyuni Server, you need to add the required software channels, and synchronize them.
The architectures currently supported are: x86_64
and aarch64
.
For full list of supported products and architectures, see client-configuration:supported-features.adoc.
In the following section, descriptions often defaults to the |
The channels you need for this procedure are:
OS Version | Core Channel | Client Channel |
---|---|---|
Amazon Linux 2 |
amazonlinux2-core |
amazonlinux2-uyuni-client |
Make sure you also add and sync |
-
At the command prompt on the Uyuni Server, as root, use the
spacewalk-common-channels
command to add the appropriate channels:spacewalk-common-channels \ <base_channel_label> <child_channel_label_1> \ <child_channel_label_2> \ ... <child_channel_label_n>
-
Synchronize the channels:
spacewalk-repo-sync -p <base_channel_label>
-
Ensure the synchronization is complete before continuing.
The client tools channel provided by |
2. Check Synchronization Status
-
In the Uyuni Web UI, navigate to
, then click the channel associated to the repository. -
Navigate to the
Repositories
tab, then clickSync
and checkSync Status
.
-
At the command prompt on the Uyuni Server, as root, use the
tail
command to check the synchronization log file:tail -f /var/log/rhn/reposync/<channel-label>.log
-
Each child channel generates its own log during the synchronization progress. You need to check all the base and child channel log files to be sure that the synchronization is complete.
3. Create an Activation Key
You need to create an activation key that is associated with your Amazon Linux channels.
For more information on activation keys, see client-configuration:activation-keys.adoc.
4. Trust GPG Keys on Clients
By default, operating systems trust only their own GPG keys when they are installed, and do not trust keys provided by third party packages. The clients can be successfully bootstrapped without the GPG key being trusted. However, you cannot install new client tool packages or update them until the keys are trusted.
Salt clients are set to trust SUSE tools channels GPG keys when they are bootstrapped. For all other clients and channels, you need to manually trust third party GPG keys.
If you are bootstrapping Salt clients from the Uyuni Web UI, you can use a Salt state to trust the key. For more information on custom Salt states, see specialized-guides:salt/salt-custom-states.adoc. |
-
On the Uyuni Server, at the command prompt, check the contents of the
/srv/www/htdocs/pub/
directory. This directory contains all available public keys. Take a note of the key that applies to the channel assigned to the client you are registering. -
Open the relevant bootstrap script, locate the
ORG_GPG_KEY=
parameter and add the required key. For example:uyuni-gpg-pubkey-0d20833e.key
You do not need to delete any previously stored keys.
Trusting a GPG key is important for security on clients. It is the task of the admin to decide which keys are needed and can be trusted. Trusting the key is done manually, either by writing a Salt state or adding the keys to the bootstrap script. |
5. Register Clients
Amazon Linux clients are registered in the same way as all other clients. For more information, see client-configuration:registration-overview.adoc.