Registering Amazon Linux Clients

This section contains information about registering traditional and Salt clients running Amazon Linux operating systems.

Traditional clients are not available on Amazon Linux 2. Amazon Linux 2 clients are only supported as Salt clients.

When created at AWS, Amazon Linux instances always have the same machine-id id at /etc/machine-id. Make sure you regenerate the machine-id after the instance is created. For more information, see administration:tshoot-registerclones.adoc.

Add Software Channels

Before you register Amazon Linux clients to your Uyuni Server, you need to add the required software channels, and synchronize them.

The channels you need for this procedure are:

Table 1. Amazon Linux Channels - CLI
OS Version Core Channel Client Channel

Amazon Linux 2

amazonlinux2-core

amazonlinux2-uyuni-client

Make sure you also add and sync amazonlinux2-extra-docker channel if you plan to use Docker at your Amazon Linux instances.
Procedure: Adding Software Channels at the Command Prompt

  1. At the command prompt on the Uyuni Server, as root, use the spacewalk-common-channels command to add the appropriate channels:

    spacewalk-common-channels \
<base_channel_label>
<child_channel_label_1> \
<child_channel_label_2> \
... <child_channel_label_n>

  2. Synchronize the channels:

    spacewalk-repo-sync -p <base_channel_label>

  3. Ensure the synchronization is complete before continuing.

The client tools channel provided by spacewalk-common-channels is sourced from Uyuni and not from SUSE.

Check Synchronization Status

Procedure: Checking Synchronization Progress

  1. In the Uyuni Web UI, navigate to Software  Manage  Channels, then click the channel associated to the repository.

  2. Navigate to the Repositories tab, then click Sync and check Sync Status.

Procedure: Checking Synchronization Progress from the Command Prompt

  1. At the command prompt on the Uyuni Server, as root, use the tail command to check the synchronization log file:

    tail -f /var/log/rhn/reposync/<channel-label>.log

  2. Each child channel generates its own log during the synchronization progress. You need to check all the base and child channel log files to be sure that the synchronization is complete.

Create an Activation Key

You need to create an activation key that is associated with your Amazon Linux channels.

For more information on activation keys, see client-configuration:activation-keys.adoc.

Trust GPG Keys on Clients

By default, operating systems trust only their own GPG keys when they are installed, and do not trust keys provided by third party packages. The clients can be successfully bootstrapped without the GPG key being trusted. However, you cannot install new client tool packages or update them until the keys are trusted.

Salt clients are set to trust SUSE tools channels GPG keys when they are bootstrapped. For all other clients and channels, you need to manually trust third party GPG keys.

If you are bootstrapping Salt clients from the Uyuni Web UI, you can use a Salt state to trust the key. For more information on custom Salt states, see salt:custom-states.adoc.
Procedure: Trusting GPG Keys on Clients

  1. On the Uyuni Server, at the command prompt, check the contents of the /srv/www/htdocs/pub/ directory. This directory contains all available public keys. Take a note of the key that applies to the channel assigned to the client you are registering.

  2. Open the relevant bootstrap script, locate the ORG_GPG_KEY= parameter and add the required key. For example:

    uyuni-gpg-pubkey-0d20833e.key

    You do not need to delete any previously stored keys.

Register Clients

Amazon Linux clients are registered in the same way as all other clients. For more information, see client-configuration:registration-overview.adoc.