Install containerized Uyuni Proxy
Only openSUSE Leap 15.3 and newer are supported to be used as container host for Uyuni Proxy containers. |
1. Container host requirements
Hardware | Details | Recommendation |
---|---|---|
CPU |
Minimum 2 dedicated 64-bit CPU cores |
|
RAM |
Test Server |
Minimum 2 GB |
Production Server |
Minimum 8 GB |
|
Disk Space |
Minimum 100 GB |
Software | Details | Remark |
---|---|---|
Connection Method |
Salt |
Host must be configured as a Salt client |
To ensure that domain name of the Uyuni Server can be resolved by the clients: * Both container proxy and client machines must be connected to a DNS server * Reverse lookup must work |
2. Install container services on the host system
Container host to be used as a base for Uyuni Proxy containers needs to be first registered as a client to the Uyuni Server. For more information about registering client to the Uyuni Server, see Client Registration. |
Uyuni Proxy containers are using podman
and systemd
to run and manage all proxy containers.
First step is to install the mgrpxy
utility provided by the package of the same name.
The mgrpxy
package is available in the container utils repository: pick the one matching the distribution in: https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable:/ContainerUtils/.
To install them run:
zypper in helm mgrpxy
mgrpxy
for Uyuni Proxy-
Assign
Containers Module
software channel to the container host in the Uyuni. For more information about assigning software channels to the system, see Channel Management. -
Log in as
root
on the container host. -
Manually install
mgrpxy
package:zypper install mgrpxy
3. Install Uyuni Proxy containers
Uyuni Proxy containers require some volumes to be mounted for long term storage.
Those volumes are automatically created by podman
and can be listed using the podman volume ls
command.
By default, podman
stores the files of the volumes in /var/lib/containers/storage/volumes
.
The volumes are named:
-
uyuni-proxy-squid-cache
-
uyuni-proxy-rhn-cache
-
uyuni-proxy-tftpboot
To override default volume settings, create the volumes prior to the first start of the pod using the podman volume create
command.
By default, the uyuni-proxy-systemd-services
package creates these three directories that can be used to mount external disks:
/var/lib/uyuni/proxy-rhn-cache /var/lib/uyuni/proxy-squid-cache /var/lib/uyuni/proxy-tftpboot
If /etc/fstab
has these entries:
/dev/uyuni-proxy/rhn-cache /var/lib/uyuni/proxy-rhn-cache xfs defaults 0 0 /dev/uyuni-proxy/squid-cache /var/lib/uyuni/proxy-squid-cache xfs defaults 0 0 /dev/uyuni-proxy/tftpboot /var/lib/uyuni/proxy-tftpboot xfs defaults 0 0
Run these commands to create custom volumes:
podman volume create --driver local --opt device=/dev/mapper/uyuni--proxy-rhn--cache --opt type=xfs uyuni-proxy-rhn-cache podman volume create --driver local --opt device=/dev/mapper/uyuni--proxy-squid--cache --opt type=xfs uyuni-proxy-squid-cache podman volume create --driver local --opt device=/dev/mapper/uyuni--proxy-tftpboot --opt type=xfs uyuni-proxy-tftpboot
To install the systemd service starting the Uyuni proxy, run the mgrpxy install podman /path/to/config.tar.gz
command.
It is possible to add custom arguments passed to podman container pod with the one or more --podman-arg
parameters to the install command.
It is possible to modify the tag to use for container images with the --tag=latest
parameter to the install command.
Changing the containers images and version parameters is dangerous and can cause a non-functional system. |
3.1. Using a custom container image for a service
By default, the Uyuni Proxy suite is set to use the same image version and registry path for each of its services.
However, it is possible to override the default values for a specific service using the install parameters ending with -tag
and -image
.
For example, use it like this:
mgrpxy install podman --httpd-tag 0.1.0 --httpd-image registry.opensuse.org/uyuni/proxy-httpd /path/to/config.tar.gz
It adjusts the configuration file for the httpd service, where registry.opensuse.org/uyuni/proxy-httpds
is the image to use and 0.1.0
is the version tag, before restarting it.
To reset the values to defaults, run the install command again without those parameters:
mgrpxy install podman /path/to/config.tar.gz
This command first resets the configuration of all services to the global defaults and then reloads it.
4. Allow network access for provided services on container host firewall
Uyuni Proxy containers work as so called node-port service. This means proxy container pod shares container host network TCP and UDP port space. For this reason container host firewall must be configured to accept incoming traffic on ports used by Uyuni Proxy containers. Those ports are:
-
69/UDP - TFTP
-
80/TCP - HTTP
-
443/TCP - HTTPS
-
4505/TCP - Salt
-
4506/TCP - Salt
-
8022/TCP - SSH
Continue with setting up the installed Uyuni Proxy as a containers at Containerized Uyuni Proxy Setup.