Proxy Migration
In Uyuni 2024.10, the containerized proxy is managed by a set of systemd services.
In Uyuni 2024.10, management of the containerized proxy was re-designed and made simpler with the mgrpxy
tool.
This section will help you migrate from the legacy systemd
proxy using the new mgrpxy
tool.
An in-place migration from previous releases of Uyuni to 2024.10 will remain unsupported due to the HostOS change from openSUSE Leap to openSUSE Leap Micro. The traditional contact protocol is no longer supported in Uyuni 2024.10 and later. Before migrating from previous Uyuni releases to 2024.10, any existing traditional clients including the traditional proxies must be migrated to Salt. |
1. Migrate from Legacy to Containerized Proxy with Systemd
1.1. Generate the Proxy Configuration
-
Log in to the Uyuni Server Web UI.
-
Select
from the left navigation. -
Enter your Proxy FQDN. Use the same FQDN as the original proxy host.
-
Enter your Server FQDN.
-
Enter the Proxy port number. We recommend using the default port of 8022
-
Certificate and private key are located on the Server container host in
/var/lib/containers/storage/volumes/root/_data/ssl-build/
.-
RHN-ORG-TRUSTED-SSL-CERT
-
RHN-ORG-PRIVATE-SSL-KEY
-
-
Copy the certificate and key to your machine with:
scp root@uyuni-server-example.com:/root/ssl-build/RHN-ORG-PRIVATE-SSL-KEY . scp root@uyuni-server-example.com:/root/ssl-build/RHN-ORG-TRUSTED-SSL-CERT .
-
Select Choose File and browse your local machine for the certificate.
-
Select Choose File and brose your local machine for the private key.
-
Enter the CA password.
-
Click Generate.
1.2. Transfer Proxy Configuration to New Host
-
From the Server transfer the generated tar.gz file containing the proxy configuration to the new Proxy host:
scp config.tar.gz <uyuni-proxy-FQDN>:/root/
-
Disable the legacy proxy prior to executing the next step:
Listing 1. Disable the Legacy Proxyspacewalk-proxy stop
-
Deploy the new Proxy with:
systemctl start uyuni-proxy-pod
-
Enable the new Proxy with:
systemctl enable --now uyuni-proxy-pod
-
Run
podman ps
to verify all the containers are present and running:proxy-salt-broker proxy-httpd proxy-tftpd proxy-squid proxy-ssh
2. Migrate Uyuni Proxy to Uyuni 2024.10 Containerized Proxy
-
Boot your new machine and begin installation of openSUSE Leap Micro 5.5.
-
Complete the installation.
-
Update the system:
transactional-update --continue
-
Install
mgrpxy
and optionally,mgrpxy-bash-completion
:transactional-update pkg install mgrpxy mgrpxy-bash-completion
-
Reboot.
-
Copy your tar.gz proxy configuration to the host.
3. Installing packages using the Web UI
The mgrpxy
and mgrpxy-bash-completion
packages can also be installed via the web UI after the minion has been bootstrapped and registered with the Server.
-
After installation, ensure that the SLE Micro 5.5 Parent channel and Proxy child channels are added and synced from the
page. -
In the Web UI, go to
and create an activation key linked to the synced SLE Micro 5.5 channel. -
Bootstrap your system as a minion using the
page. -
Once the new machine is onboarded and displayed in the systems list, select the system and navigate to the
page. -
Install the packages
mgrpxy
andmgrpxy-bash-completion
. -
Reboot the system.
4. Generate Proxy Config with spacecmd and Self-Signed Certificate
You can generate a Proxy configuration using spacecmd.
-
SSH into your container host.
-
Execute the following command replacing the Server and Proxy FQDN:
mgrctl exec -ti 'spacecmd proxy_container_config_generate_cert -- dev-pxy.example.com dev-srv.example.com 2048 email@example.com -o /tmp/config.tar.gz'
-
Copy the generated config to the Proxy:
mgrctl cp server:/tmp/config.tar.gz .
-
Deploy the Proxy with:
mgrpxy install podman config.tar.gz
5. Generate Proxy Config with spacecmd and Custom Certificate
You can generate a Proxy configuration using spacecmd for a custom certificates rather than the default self signed certificates.
2 GB represents the default proxy squid cache size. This will need to be adjusted for your environment. |
-
SSH into your Server container host.
-
Execute the following command replacing the Server and Proxy FQDN:
for f in ca.crt proxy.crt proxy.key; do mgrctl cp $f server:/tmp/$f done mgrctl exec -ti 'spacecmd proxy_container_config -- -p 8022 pxy.example.com srv.example.com 2048 email@example.com /tmp/ca.crt /tmp/proxy.crt /tmp/proxy.key -o /tmp/config.tar.gz'
-
Copy the generated config to the Proxy:
mgrctl cp server:/tmp/config.tar.gz .
-
Deploy the Proxy with:
mgrpxy install podman config.tar.gz