Deploy a Uyuni 2024.10 Proxy

This guide outlines the deployment process for the Uyuni 2024.10 Proxy. This guide presumes you have already successfully deployed a Uyuni 2024.10 Server. To successfully deploy, you will perform the following actions:

Checklist: Proxy Deployment
  1. Review hardware requirements.

  2. Install openSUSE Leap Micro 5.5 on a bare-metal machine.

  3. Bootstrap the Proxy as a Salt minion.

  4. Generate a Proxy configuration.

  5. Transfer the Proxy configuration from Server to Proxy

  6. Use the Proxy configuration to register the Salt minion as a Proxy with Uyuni.

Supported operating system for the Proxy Container Host

The supported operating system for the container host is openSUSE Leap Micro 5.5.

Container host

A container host is a server equipped with a container engine like Podman, which lets it manage and deploy containers. These containers hold applications and their essential parts, such as libraries, but not a full operating system, making them lightweight. This setup ensures applications run the same way in different environments. The container host supplies the necessary resources such as CPU, memory, and storage for these containers.

1. Hardware Requirements for the Proxy

This table shows the hardware requirements for deploying Uyuni Proxy.

Table 1. Proxy Hardware Requirements
Hardware Details Recommendation

CPU

x86-64, ARM

Minimum 2 dedicated 64-bit CPU cores

RAM

Minimum

2 GB

Recommended

8 GB

Disk Space

/ (root directory)

Minimum 40 GB

/var/lib/containers/storage/volumes

Minimum 100 GB, Storage requirements should be calculated for the number of ISO distribution images, containers, and bootstrap repositories you will use.

2. Container Host General Requirements

For general requirements, see General requirements.

An openSUSE Leap Micro 5.5 server should be installed from installation media. This procedure is described below.

3. Container Host Requirements

For CPU, RAM, and storage requirements, see Hardware requirements.

To guarantee that clients can resolve the FQDN domain name, both the containerized server and the host machines must be linked to a functional DNS server. Additionally, it is essential to ensure correct configuration of reverse lookups.

4. Installing Uyuni Tools for Use with Containers

Procedure: Installing Uyuni Tools on openSUSE Leap Micro 5.5
  1. On your local host open a terminal window or start up a virtual machine running openSUSE Leap Micro 5.5.

  2. Login.

  3. Enter the transactional-update shell:

    transactional-update shell
  4. Add the following repository to your openSUSE Leap Micro 5.5 server:

    zypper ar https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable/images/repo/Uyuni-Proxy-POOL-x86_64-Media1/
  5. Refresh the repository list and accept the key:

    zypper ref
  6. Install the container tools:

    zypper in mgrpxy mgrpxy-bash-completion uyuni-storage-setup-proxy

    Alternatively you may install mgrpxy-zsh-completion or mgrpxy-fish-completion.

  7. Exit the transactional shell:

    transactional update # exit
  8. Reboot the host.

For more information on the Uyuni Container Utilities, see Uyuni Container Utilities.

5. Configure Custom Persistent Storage

This step is optional. However, if custom persistent storage is required for your infrastructure, use the mgr-storage-proxy tool.

  • For more information, see mgr-storage-proxy --help. This tool simplifies creating the container storage and Squid cache volumes.

Use the command in the following manner:

mgr-storage-proxy <storage-disk-device>

For example:

mgr-storage-proxy /dev/nvme1n1

This command will create the persistent storage volumes at /var/lib/containers/storage/volumes.

For more information, see

6. Bootstrap the Proxy Host as a Minion

Task: Bootstrap the Proxy Host
  1. Select Systems  Bootstrapping.

  2. Fill in the fields for your Proxy host.

  3. Select the Activation key created in the previous step from the dropdown.

  4. Click + Bootstrap.

  5. Wait for the Bootstrap process to complete successfully. Check the Salt menu and confirm the Salt minion key is listed and accepted.

  6. Reboot the Proxy host.

  7. Select the host from the System list and trigger a second reboot after all events are finished to conclude the onboarding.

Task: Update the Proxy Host
  1. Select the host from the Systems list and apply all patches to update it.

  2. Reboot the Proxy host.

7. Generate the Proxy Configuration

The configuration archive of the Uyuni Proxy is generated by the Uyuni Server. Each additional Proxy requires its own configuration archive.

The container host for the Uyuni Proxy must be registered as a salt minion to the Uyuni Server prior to generating this Proxy configuration.

You will perform the following tasks:

  1. Generate a Proxy configuration file.

  2. Transfer the configuration to the Proxy.

  3. Start the Proxy with the mgrpxy command.

Task: Generating a Proxy Container Configuration using Web UI
  1. In the Web UI, navigate to Systems  Proxy Configuration and fill the required data:

  2. In the Proxy FQDN field type fully qualified domain name for the proxy.

  3. In the Parent FQDN field type fully qualified domain name for the Uyuni Server or another Uyuni Proxy.

  4. In the Proxy SSH port field type SSH port on which SSH service is listening on Uyuni Proxy. Recommended is to keep default 8022.

  5. In the Max Squid cache size [MB] field type maximal allowed size for Squid cache. Typically this should be at most 60% of available storage for the containers.

  6. In the SSL certificate selection list choose if new server certificate should be generated for Uyuni Proxy or an existing one should be used. You can consider generated certificates as Uyuni builtin (self signed) certificates.

    Depending on the choice then provide either path to signing CA certificate to generate a new certificate or path to an existing certificate and its key to be used as proxy certificate.

    The CA certificates generated on the server are stored in the /var/lib/containers/storage/volumes/root/ssl-build directory.

    For more information about existing or custom certificates and the concept of corporate and intermediate certificates, see Import SSL Certificates.

  7. Click Generate to register new proxy FQDN in Uyuni Server and generate configuration archive with details for container host.

  8. After a few moments you are presented with file to download. Save this file locally.

suma proxy containerized webui

8. Transfer the Proxy Configuration

The Web UI generates a configuration archive. This archive needs to be made available on the Proxy container host.

Task: Copy the Proxy configuration
  1. Copy the files from the Server container to the Server host OS:

    mgrctl cp server:/root/config.tar.gz .
  2. Next copy the files from the Server host OS to the Proxy host:

    scp config.tar.gz <proxy-FQDN>:/root
  3. Install the Proxy with:

    mgrpxy install podman config.tar.gz

9. Start the Uyuni 2024.10 Proxy

Container can now be started with the mgrpxy command:

Task: Start and Check Proxy Status
  1. Start the Proxy by calling:

    mgrpxy start
  2. Check container status by calling:

    mgrpxy status

    Five Uyuni Proxy containers should be present:

    • proxy-salt-broker

    • proxy-httpd

    • proxy-tftpd

    • proxy-squid

    • proxy-ssh

And should be part of the proxy-pod container pod.

9.1. Using a Custom Container Image for a Service

By default, the Uyuni Proxy suite is set to use the same image version and registry path for each of its services. However, it is possible to override the default values for a specific service using the install parameters ending with -tag and -image.

For example, use it like this:

mgrpxy install podman --httpd-tag 0.1.0 --httpd-image registry.opensuse.org/uyuni/proxy-httpd /path/to/config.tar.gz

It adjusts the configuration file for the httpd service, where registry.opensuse.org/uyuni/proxy-httpds is the image to use and 0.1.0 is the version tag, before restarting it.

To reset the values to defaults, run the install command again without those parameters:

mgrpxy install podman /path/to/config.tar.gz

This command first resets the configuration of all services to the global defaults and then reloads it.