Activation Keys

Activation keys are used with traditional and Salt clients to ensure that your clients have the correct software entitlements, are connecting to the appropriate channels, and are subscribed to the relevant groups. Each activation key is bound to an organization, which you can set when you create the key.

In Uyuni, an activation key is a group of configuration settings with a label. You can apply all configuration settings associated with an activation key by adding its label as a parameter to a bootstrap script. We recommend you use an activation key label in combination with a bootstrap script. When the bootstrap script is executed all configuration settings associated with the label are applied to the system the script is run on.

An activation key can specify:

  • Channel Assignment

  • System Types (Traditionally called Add-on Entitlements)

  • Contact Method

  • Configuration Files

  • Packages to be Installed

  • System Group Assignment

provision config keys
Procedure: Creating an Activation Key
  1. In the Uyuni Web UI, as an administrator, navigate to Systems  Activation Keys.

  2. Click the Create Key button.

  3. On the Activation Key Details page, in the Description field, enter a name for the activation key.

  4. In the Key field, enter the distribution and service pack associated with the key. For example, SLES12-SP4 for SUSE Linux Enterprise Server 12 SP4.

    Do not use commas in the Key field for any SUSE products. However, you must use commas for Red Hat Products. For more information, see reference:systems/activation-keys.adoc.

  5. In the Base Channels drop-down box, select the appropriate base software channel, and allow the relevant child channels to populate. For more information, see reference:admin/setup-wizard.adoc#vle.webui.admin.wizard.products and administration:custom-channels.adoc.

  6. Select the child channels you need (for example, the mandatory SUSE Manager tools and updates channels).

  7. We recommend you leave the Contact Method set to Default.

  8. We recommend you leave the Universal Default setting unchecked.

  9. Click Create Activation Key to create the activation key.

  10. Check the Configuration File Deployment check box to enable configuration management for this key, and click Update Activation Key to save this change.

The Configuration File Deployment check box does not appear until after you have created the activation key. Ensure you go back and check the box if you need to enable configuration management.

Combining Mutiple Activation Keys

You can combine activation keys when executing the bootstrap script on your traditional clients. Combining keys allows for more control on what is installed on your systems and reduces duplication of keys for large or complex environments.

Combining activation keys works only on traditional clients. Salt clients do not support combined activation keys. If you use a combined key with a Salt client, only the first key is used.

combine keys
combine keys2

You can specify multiple activation keys at the command prompt, or in a single autoinstallation profile.

At the command prompt on the Uyuni Server, use the `rhnreg_ks command, and separate the key names with a comma. To specify multiple keys in a Kickstart profile, navigate to Systems  Autoinstallation and edit the profile you want to use.

Be careful when combining activation keys, as conflicts between some values could cause client registration to fail. Check that these values do not have conflicting information before you begin:

  • Software packages

  • Software child channels

  • Configuration channels.

If conflicts are detected, they are handled like this:

  • Conflicts in base software channels: registration fails.

  • Conflicts in system types: registration fails.

  • Conflicts in the enable configuration flag: configuration management is enabled.

  • If one key is system-specific: registration fails.

Reactivation Keys

Reactivation keys can be used once only to re-register a client and regain all Uyuni settings. Reactivation keys are client-specific, and include the system ID, history, groups, and channels.

To create a reactivation key, navigate to Systems, click the client to create a reactivation key for, and navigate to the Details  Reactivation tab. Click Generate New Key to create the reactivation key. Record the details of the key for later use. Unlike typical activation keys, which are not associated with a specific system ID, keys created here do not show up on the Systems  Activation Keys page.

When you have created a reactivation key, you can use it with the rhnreg_ks command line utility. This command will re-register the client and restore its Uyuni settings. You can only use a reactivation key once.

You can combine reactivation keys with activation keys to aggregate the settings of multiple keys for a single system profile. For example:

rhnreg_ks --server=<server-url>/XMLRPC \
          --activationkey=<reactivation-key>,<activationkey> \
          --force

If you autoinstall a client with its existing Uyuni profile, the profile will use the reactivation key to re-register the system and restore its settings. Do not regenerate, delete, or use this key while a profile-based autoinstallation is in progress. Doing so will cause the autoinstallation to fail.

Activation Key Best Practices

Default Parent Channel

Avoid using the SUSE Manager Default parent channel. This setting forces Uyuni to choose a parent channel that best corresponds to the installed operating system, which can sometimes lead to unexpected behavior. Instead, we recommend you create activation keys specific to each distribution and architecture.

Bootstrapping with Activation Keys

If you are using bootstrap scripts, consider creating an activation key for each script. This will help you align channel assignments, package installation, system group memberships, and configuration channel assignments. You will also need less manual interaction with your system after registration.

Bandwidth Requirements

Using activation keys might result in automatic downloading of software at registration time, which might not be desirable in environments where bandwidth is constrained.

These options create bandwidth usage:

  • Assigning a SUSE Product Pool channel will result in the automatic installation of the corresponding product descriptor package.

  • Any package in the Packages section will be installed.

  • Any Salt state from the Configuration section might trigger downloads depending on its contents.

Key Label Naming

If you do not enter a human-readable name for your activation keys, the system will automatically generate a number string, which can make it difficult to manage your keys.

Consider a naming scheme for your activation keys to help you keep track of them. Creating names which are associated with your organization’s infrastructure will make it easier for you when performing more complex operations.

When creating key labels, consider these tips:

  • OS naming (mandatory): Keys should always refer to the OS they provide settings for

  • Architecture naming (recommended): Unless your company is running on one architecture only, for example x86_64, then providing labels with an architecture type is a good idea.

  • Server type naming: What is, or what will this server be used for?

  • Location naming: Where is the server located? Room, building, or department?

  • Date naming: Maintenance windows, quarter, etc.

  • Custom naming: What naming scheme suits your organizations needs?

Example activation key label names:

sles12-sp2-web_server-room_129-x86_64
sles12-sp2-test_packages-blg_502-room_21-ppc64le

Do not use commas in the Key field for any SUSE products. However, you must use commas for Red Hat Products. For more information, see reference:systems/activation-keys.adoc.

Included Channels

When creating activation keys you also need to keep in mind which software channels will be associated with it.

Keys should have a specific base channel assigned to them, for example: SLES12-SP2-Pool-x86_64. If this is not the case, Uyuni cannot use specific stages. Using the default base channel is not recommended and may cause problems.

  • Channels to be included:

    • suse-manager-tools

  • Typical packages to be included:

    • mgr-osad (pushing tasks)

      • Installs python-jabberpy and pyxml as dependencies

    • mgr-cfg-actions (Remote Command, Configuration Management)

      • Installs mgr-cfg and mgr-cfg-client as dependencies

The suse-manager-tools channel is mandatory.

Typical packages to be included:

  • osad (pushing tasks): Installs python-jabberpy and pyxml as dependencies

  • rhncfg-actions (Remote Command, Configuration Managment): Installs rhncfg and rhncfg-client as dependencies