Uyuni 2026.01 Proxy Deployment

This guide outlines the deployment process for the Uyuni 2026.01 Proxy container on SL Micro 6.1 or SUSE Linux Enterprise Server 15 SP7. This guide presumes you have already successfully deployed a Uyuni 2026.01 Server.

SL Micro is only supported as regular minion (default contact method) for the time being. We are working on managing it as Salt SSH client (salt-ssh contact method), too.

To successfully deploy, you will perform the following actions:

Procedure: Deploying Proxy

  1. Review hardware requirements.

  2. Synchronize the SL Micro 6.1 or SUSE Linux Enterprise Server 15 SP7 parent channel and the proxy extension child channel on the server.

  3. Install SL Micro or SUSE Linux Enterprise Server on a bare-metal machine.

  4. During the installation, register SL Micro or SUSE Linux Enterprise Server along with the Uyuni Proxy extension.

  5. Create a Salt activation key.

  6. Bootstrap the proxy as a client with the default connection method.

  7. Generate a proxy configuration.

  8. Transfer the proxy configuration from server to proxy.

  9. Use the proxy configuration to register the client as a proxy with Uyuni.

Supported operating system for the Proxy Container Host

The supported operating system for the container host are SL Micro 6.1 and SUSE Linux Enterprise Server 15 SP7.

Container host

A container host is a server equipped with a container engine like Podman, which lets it manage and deploy containers. These containers hold applications and their essential parts, such as libraries, but not a full operating system, making them lightweight. This setup ensures applications run the same way in different environments. The container host supplies the necessary resources such as CPU, memory, and storage for these containers.

1. Hardware Requirements for the Proxy

For more information about hardware requirements for deploying Uyuni Proxy, see installation-and-upgrade:hardware-requirements.adoc#proxy-hardware-requirements.

2. Synchronize the Parent and Proxy Extension Child Channels

This section presumes that you have already entered your organization credentials under the Admin  Setup Wizard  Organization Credentials in the server’s Web UI. Products are listed on the Admin  Setup Wizard  Products page. This channel must be fully synchronized on the server, with the child channel Proxy as an extension option selected.

Procedure: Synchronizing the Parent Channel and Proxy Extension

  1. In the Uyuni Web UI select Admin  Products.

  2. From the products page enter SL Micro or SUSE Linux Enterprise Server in the filter field.

  3. Next use the drop-down to select the required architecture. For this example x86-64.

  4. In the Product Description field select the SL Micro 6.1 or SUSE Linux Enterprise Server 15 SP7 checkbox then use the drop-down to select the Uyuni Proxy Extension 5.1 x86_64 extension.

  5. Click the Add products button.

  6. Wait for the synchronization to complete.

3. Prepare Uyuni Proxy Host

In the following subsections, you either prepare the proxy host with SLE Micro or SUSE Linux Enterprise Server.

3.1. Prepare SL Micro 6.1 Host

3.1.1. Download the installation media

Procedure: Downloading the installation media

  1. Locate the SL Micro 6.1 installation media at https://www.suse.com/download/sle-micro/, and download the appropriate media file.

  2. Prepare a DVD or USB flash drive with the downloaded .iso image for installation.

3.1.2. Install SL Micro 6.1

For more information about preparing your machines (virtual or physical), see the SL Micro Deployment Guide.

Procedure: Installing SL Micro 6.1

  1. Insert the DVD or USB flash drive (USB disk or key) containing the installation image for SLE Micro 6.1.

  2. Boot or reboot your system.

  3. Use the arrow keys to select Installation.

  4. Adjust Keyboard and language.

  5. Click the checkbox to accept the license agreement.

  6. Click Next to continue.

  7. Select the registration method. For this example, we will register the server with SUSE Customer Center.

    The Uyuni 2026.01 containers are installed as extensions. Depending on the specific extension needed from the list below, additional SUSE Customer Center registration codes will be required for each.

    • Uyuni 2026.01 Server

    • Uyuni 2026.01 Proxy

    • Uyuni 2026.01 Retail Branch Server

    The SL Micro 6.1 entitlement is included within the Uyuni entitlement, so it does not require a separate registration code.

  8. Enter your SUSE Customer Center email address.

  9. Enter your registration code for SL Micro 6.1.

  10. Click Next to continue.

  11. To install a proxy, select the Uyuni 2026.01 Proxy extension; to install a server, select the Uyuni 2026.01 Server extension Checkbox.

  12. Click Next to continue.

  13. Enter your Uyuni 2026.01 extension registration code.

  14. Click Next to continue.

  15. On the NTP Configuration page click Next.

  16. On the Authentication for the System page enter a password for the root user. Click Next.

  17. On the Installation Settings page click Install.

This concludes installation of SL Micro 6.1 and Uyuni 2026.01 as an extension.

3.1.3. OPTIONAL: Registration from the command line

If you added Uyuni 2026.01 as an extension during SL Micro 6.1 installation then you can skip this procedure. However, optionally you may skip registration during SL Micro 6.1 installation by selecting the Skip Registration button. This section provides steps on registering your products after SL Micro 6.1 installation.

The following steps register a Uyuni 2026.01 extension with the x86-64 architecture and thus require a registration code for the x86-64 architecture. To register ARM or s390x architectures use the correct registration code.
Procedure: Registering from the command line

  1. List available extensions with the following command:

    transactional-update --quiet register --list-extensions

  2. From the list of available extensions, select the one you wish to install:

    1. If installing the Server, use your Uyuni Server Extension 2026.01 x86_64 registration code with following command:

      transactional-update register -p Multi-Linux-Manager-Server/5.1/x86_64 -r <reg_code>

    2. If installing the Proxy, use your Uyuni Proxy Extension 2026.01 x86_64 registration code with following command:

    transactional-update register -p Multi-Linux-Manager-Proxy/5.1/x86_64 -r <reg_code>

  3. Reboot.

3.1.4. Update the system

Procedure: Updating the system

  1. Log in as root.

  2. Run transactional-update:

    transactional-update

  3. Reboot.

SL Micro is designed to update itself automatically by default and will reboot after applying updates. However, this behavior is not desirable for the Uyuni environment. To prevent automatic updates on your server, Uyuni disables the transactional-update timer during the bootstrap process.

If you prefer the SL Micro default behavior, enable the timer by running the following command:

systemctl enable --now transactional-update.timer

To continue with deployment, see Configure Custom Persistent Storage.

3.2. Prepare SUSE Linux Enterprise Server 15 SP7 host

Alternatively, you can deploy Uyuni on SUSE Linux Enterprise Server 15 SP7.

The following procedures describe the main steps of the installation process.

3.2.1. Install Uyuni extensions on SUSE Linux Enterprise Server

Procedure: Installing Uyuni Extensions on SUSE Linux Enterprise Server

  1. Locate and download SUSE Linux Enterprise Server 15 SP7 .iso at https://www.suse.com/download/sles/.

  2. Make sure that you have regsistration codes both for the host operating system (SUSE Linux Enterprise Server 15 SP7) and extensions

  3. Start the installation of SUSE Linux Enterprise Server 15 SP7.

    1. On the Language, keyboard and product selection select the product to install.

    2. On the License agreement read the agreement and check I Agree to the License Terms.

  4. Select the registration method. For this example, we will register the server with SUSE Customer Center.

  5. Enter your SUSE Customer Center email address.

  6. Enter your registration code for SUSE Linux Enterprise Server 15 SP7.

  7. Click Next to continue.

    Please note that for SUSE Linux Enterprise Server 15 SP7, you are required to have a valid SUSE Linux Enterprise Server subscription and corresponding registration code, which you must provide on this screen. You will be required to enter the Uyuni Extension registration code below.

  8. In the screen Extensions and Modules Selection check the following:

    • Select the Uyuni Server Extension to install the Server, or the Uyuni Proxy Extension to install the Proxy.

    • Basesystem Module

    • Containers Module

  9. Click Next to continue.

  10. Enter your Uyuni 2026.01 extension registration code.

  11. Click Next to continue.

  12. Complete the installation.

  13. When the installation completes, log in to the newly installed server as root.

  14. Update the System (optional, if the system was not set to download updates during install):

    zypper up

  15. Reboot.

3.2.2. OPTIONAL: Registration from the command line

If you added Uyuni 2026.01 as an extension during SUSE Linux Enterprise Server installation then you can skip this procedure.

However, optionally you may skip registration during SUSE Linux Enterprise Server installation by selecting the Skip Registration button. This section provides steps on registering your products after SUSE Linux Enterprise Server installation.

The following steps register a Uyuni 2026.01 extension with the x86-64 architecture and thus require a registration code for the x86-64 architecture.

To register ARM or s390x architectures use the correct registration code.
Procedure: Registering from the command line

  1. List available extensions with the following command:

    SUSEConnect --list-extensions

  2. From the list of available extensions, select the one you wish to install. If installing the Server, use your Uyuni Server Extension 2026.01 x86_64 registration code. For example for SUSE Linux Enterprise 15 SP7, use the following commands:

    SUSEConnect -r <regcode>
SUSEConnect -p sle-module-containers/15.7/x86_64
SUSEConnect -p Multi-Linux-Manager-Server-SLE/5.1/x86_64 -r <regcode>

    • If installing the Proxy, use your Uyuni Proxy Extension 2026.01 x86_64 registration code with the following command:

    SUSEConnect -p Multi-Linux-Manager-Proxy-SLE/5.1/x86_64 -r <regcode>

3.2.3. Install and enable podman

Procedure: Installing podman

  1. Log in as root and install the product package.

    • On the server:

      zypper in podman
zypper in -t product SUSE-Multi-Linux-Manager-Server

    • On the proxies:

      zypper in podman
zypper in -t product SUSE-Multi-Linux-Manager-Proxy

      Make sure that package podman is installed. Additionally, on the server mgradm and mgradm-bash-completion or on the proxies, mgrpxy and mgrpxy-bash-completion also need to be installed.

  2. Start the Podman service by rebooting the system, or running a command:

    systemctl enable --now podman.service

To continue with deployment, see Configure Custom Persistent Storage.

4. Configure Custom Persistent Storage

Configuring persistent storage is optional, but it is the only way to avoid serious trouble with container full disk conditions. If custom persistent storage is required for your infrastructure, use the mgr-storage-proxy tool.

  • For more information, see mgr-storage-proxy --help. This tool simplifies creating the container storage and Squid cache volumes.

Use the command in the following manner:

mgr-storage-proxy <storage-disk-device>

For example:

mgr-storage-proxy /dev/nvme1n1

This command will create the persistent storage volumes at /var/lib/containers/storage/volumes.

For more information, see

5. Create an Activation Key for the Proxy

Procedure: Creating an Activation Key

  1. Navigate to Systems  Activation Keys , and click Create key.

  2. Create an activation key for the proxy host with SL Micro 6.1 or SUSE Linux Enterprise Server 15 SP7 as the parent channel. This key should include all recommended channels and the proxy as an extension child channel.

  3. Proceed to boostrapping the proxy host as a default client.

6. Bootstrap the Proxy Host as a Client

Procedure: Bootstrapping the Proxy Host

  1. Select Systems  Bootstrapping.

  2. Fill in the fields for your proxy host.

  3. Select the activation key created in the previous step from the drop-down.

  4. Click Bootstrap.

  5. Wait for the bootstrap process to complete successfully. Check the Salt menu and confirm the Salt key is listed and accepted.

  6. Reboot the proxy host if the operating system is SL Micro.

  7. Select the host from the System list and trigger a second reboot in case of SL Micro after all events are finished to conclude the onboarding.

Procedure: Updating the Proxy Host

  1. Select the host from the Systems list and apply all patches to update it.

  2. Reboot the proxy host if the operating system is SL Micro.

7. Generate Proxy Configuration

The configuration archive of the Uyuni Proxy is generated by the Uyuni Server. Each additional Proxy requires its own configuration archive.

For the containerized Uyuni Proxy, you must build a new proxy configuration file and then redeploy the container for the changes to take effect. This is the process for updating settings, including the SSL certificate.

For Podman deployment, the container host for the Uyuni Proxy must be registered as a client to the Uyuni Server prior to generating this proxy configuration.

If a proxy FQDN is used to generate a proxy container configuration that is not a registered client (as in the Kubernetes use case), a new system entry will appear in system list. This new entry will be shown under previously entered Proxy FQDN value and will be of Foreign system type.

Peripheral servers are always using third-party SSL certificates. If the hub server has generated the certificates for the peripheral server, it needs to generate the certificate of each proxy too.

On the hub server, run the following command.

mgrctl exec -ti -- rhn-ssl-tool --gen-server --dir="/root/ssl-build" --set-country="COUNTRY" \
  --set-state="STATE" --set-city="CITY" --set-org="ORGANIZATION" \
  --set-org-unit="ORGANIZATION UNIT" --set-email="name@example.com" \
  --set-hostname=PROXY --set-cname="proxy.example.com"

The files to use will be

  1. /root/ssl-build/RHN-ORG-TRUSTED-SSL-CERT as the root CA,

  2. /root/ssl-build/<hostname>/server.crt as the proxy certificate and

  3. /root/ssl-build/<hostname>/server.key as the proxy certificate’s key.

7.1. Generate the Proxy Configuration with Web UI

Procedure: Generating a Proxy Container Configuration Using Web UI

  1. In the Web UI, navigate to Systems  Proxy Configuration and fill the required data:

  2. In the Proxy FQDN field type fully qualified domain name for the proxy.

  3. In the Parent FQDN field type fully qualified domain name for the Uyuni Server or another Uyuni Proxy.

  4. In the Proxy SSH port field type SSH port on which SSH service is listening on Uyuni Proxy. Recommended is to keep default 8022.

  5. In the Max Squid cache size [MB] field type maximal allowed size for Squid cache. Recommended is to use at most 80% of available storage for the containers.

    2 GB represents the default proxy squid cache size. This will need to be adjusted for your environment.

  6. In the SSL certificate selection list choose if new server certificate should be generated for Uyuni Proxy or an existing one should be used. You can consider generated certificates as Uyuni builtin (self signed) certificates.

    Depending on the choice then provide either path to signing CA certificate to generate a new certificate or path to an existing certificate and its key to be used as proxy certificate.

    The CA certificates generated by the server are stored in the /var/lib/containers/storage/volumes/root/_data/ssl-build directory.

    For more information about existing or custom certificates and the concept of corporate and intermediate certificates, see Import SSL Certificates.

  7. Click Generate to register a new proxy FQDN in the Uyuni Server and generate a configuration archive (config.tar.gz) containing details for the container host.

  8. After a few moments you are presented with file to download. Save this file locally.

7.2. Generate Proxy Configuration With spacecmd and Self-Signed Certificate

You can generate a Proxy configuration using spacecmd.

Procedure: Generating Proxy Configuration with spacecmd and Self-Signed Certificate

  1. SSH into your container host.

  2. Execute the following command replacing the Server and Proxy FQDN:

    mgrctl exec -ti 'spacecmd proxy_container_config_generate_cert -- dev-pxy.example.com dev-srv.example.com 2048 email@example.com -o /tmp/config.tar.gz'

  3. Copy the generated configuration from the server container:

    mgrctl cp server:/tmp/config.tar.gz .

7.3. Generate Proxy Configuration With spacecmd and Custom Certificate

You can generate a Proxy configuration using spacecmd for custom certificates rather than the default self-signed certificates.

Procedure: Generating Proxy Configuration with spacecmd and Custom Certificate

  1. SSH into your Server container host.

  2. Execute the following commands, replacing the Server and Proxy FQDN:

    for f in ca.crt proxy.crt proxy.key; do
  mgrctl cp $f server:/tmp/$f
done
mgrctl exec -ti 'spacecmd proxy_container_config -- -p 8022 pxy.example.com srv.example.com 2048 email@example.com /tmp/ca.crt /tmp/proxy.crt /tmp/proxy.key -o /tmp/config.tar.gz'

  3. If your setup uses an intermediate CA, copy it as well and include it in the command with the -i option (can be provided multiple times if needed) :

    mgrctl cp intermediateCA.pem server:/tmp/intermediateCA.pem
mgrctl exec -ti 'spacecmd proxy_container_config -- -p 8022 -i /tmp/intermediateCA.pem pxy.example.com srv.example.com 2048 email@example.com /tmp/ca.crt /tmp/proxy.crt /tmp/proxy.key -o /tmp/config.tar.gz'

  4. Copy the generated configuration from the server container:

    mgrctl cp server:/tmp/config.tar.gz .

8. Transfer the Proxy Configuration

The Web UI generates a configuration archive. This archive needs to be made available on the proxy container host.

Procedure: Copying the Proxy Configuration

  1. If not already done, copy the configuration archive (config.tar.gz) generated in the previous step from the server container to the server host:

    mgrctl cp server:/root/config.tar.gz .

  2. If not already done, copy the files from the server host to the proxy host:

    scp config.tar.gz <proxy-FQDN>:/root

  3. On the proxy host, install the Proxy with:

    mgrpxy install podman config.tar.gz

9. Start the Uyuni Proxy

Container can now be started with the mgrpxy command:

Procedure: Starting and Checking Proxy Status

  1. Start the proxy by calling:

    mgrpxy start

  2. Check container status by calling:

    mgrpxy status

    Five Uyuni Proxy containers should be present and should be part of the proxy-pod container pod:

    • proxy-salt-broker

    • proxy-httpd

    • proxy-tftpd

    • proxy-squid

    • proxy-ssh

10. Use a Custom Container Image for a Service

By default, the Uyuni Proxy suite is configured to use the same image version and registry path for each of its services. However, it is possible to override the default values for a specific service using the install parameters ending with -tag and -image.

For example:

mgrpxy install podman --httpd-tag 0.1.0 --httpd-image registry.opensuse.org/uyuni/proxy-httpd /path/to/config.tar.gz

It adjusts the configuration file for the httpd service, where registry.opensuse.org/uyuni/proxy-httpds is the image to use and 0.1.0 is the version tag, before restarting it.

To reset the values to defaults, run the install command again without those parameters:

mgrpxy install podman /path/to/config.tar.gz

This command first resets the configuration of all services to the global defaults and then reloads it.