Retail Uyuni Server Setup

This section covers Uyuni for Retail Server setup, using these procedures:

  • Set up Uyuni with YaST

  • Create the main administration account

  • Add Software Channels

  • Check Synchronization Status

  • Trust GPG Keys on Clients

  • Register the Branch Server and Terminals as Clients

Set up Uyuni with YaST

This section guides you through Uyuni setup procedures.

Procedure: Uyuni Setup
  1. On the Uyuni Server, at the command prompt, as root, start YaST:

    yast2
  2. Navigate to Network Services  Uyuni Setup to begin set up.

  3. From the introduction screen, select Uyuni Setup  Set up Uyuni from scratch and click Next to continue.

  4. Type an email address to receive status notifications and click Next to continue. Uyuni can sometimes send a large volume of notification emails. You can disable email notifications in the Web UI after setup, if you need to.

  5. Type your certificate information and provide a password. Passwords must be at at least seven characters in length, and must not contain spaces, single or double quotation marks (' or "), exclamation marks (!), or dollar signs ($). Always store your passwords in a secure location. You must have the certificate password to set up a Uyuni Proxy Server.

    Click btn:[Next] to continue.
  6. Navigate to Uyuni Setup  Database Settings screen, type a database username and password, and click Next to continue. Passwords must be at at least seven characters in length, and must not contain spaces, single or double quotation marks (' or "), exclamation marks (!), or dollar signs ($). Always store your passwords in a secure location.

    Click btn:[Next] to continue.
  7. Click Yes to begin the setup process.

  8. When setup is complete, click Next to continue. Take note of the address to access the Uyuni Web UI.

  9. Click Finish to complete Uyuni setup.

Create the Main Administration Account

This section covers how to create your organization’s main administration account for Uyuni.

The main administration account has the highest authority within Uyuni. Ensure you keep access information for this account secure. We recommend that you create lower level administration accounts for organizations and groups. Do not share the main administration access details.

Procedure: Setting Up the Main Administration Account
  1. In your web browser, enter the address for the Uyuni Web UI. This address was provided after you completed setup. For more information, see retail:retail-uyuni-server-setup.adoc#retail-server-setup-yast.

  2. Sign in to the Web UI, navigate to the Create Organization  Organization Name field, and enter your organization name.

  3. In the Create Organization  Desired Login and Create Organization  Desired Password fields, enter your username and password.

  4. Complete the Account Information fields, including an email for system notifications.

  5. Click Create Organization to finish creating your administration account.

When you have completed the Uyuni Web UI setup, you are taken to the Home  Overview page.

Add Software Channels

Before you register Uyuni branch servers and terminals to your Uyuni Server, check that you have the openSUSE product enabled, and the required channels are fully synchronized.

The products you need for this procedure are:

Table 1. OpenSUSE Channels - CLI
OS Version Base Channel Client Channel Updates Channel Other Channels

openSUSE Leap 15.2

opensuse_leap15_2

opensuse_leap15_2-uyuni-client

opensuse_leap15_2-updates

uyuni-proxy-stable-leap-152

Procedure: Adding Software Channels at the Command Prompt
  1. At the command prompt on the Uyuni Server, as root, use the spacewalk-common-channels command to add the appropriate channels:

    spacewalk-common-channels \
    <base_channel_name> \
    <child_channel_name_1> \
    <child_channel_name_2> \
    ... <child_channel_name_n>
  2. Synchronize the channels:

    mgr-sync refresh --refresh-channels

Check Synchronization Status

Procedure: Checking Synchronization Progress
  1. In the Uyuni Web UI, navigate to Software  Manage  Channels, then click the channel associated to the repository.

  2. Navigate to the Repositories tab, then click Sync and check Sync Status.

Procedure: Checking Synchronization Progress from the Command Prompt
  1. At the command prompt on the Uyuni Server, as root, use the tail command to check the synchronization log file:

    tail -f /var/log/rhn/reposync/<channel-label>.log
  2. Each child channel generates its own log during the synchronization progress. You will need to check all the base and child channel log files to be sure that the synchronization is complete.

openSUSE channels can be very large. Synchronization can sometimes take several hours.

Trust GPG Keys on Clients

By default, some operating systems do not trust the GPG key for the Uyuni client tools. The clients can be successfully bootstrapped without the GPG key being trusted. However, you will not be able to install new client tool packages or update them until the keys are trusted.

Procedure: Trusting GPG Keys on Clients
  1. On the Uyuni Server, at the command prompt, check the contents of the /srv/www/htdocs/pub/ directory. This directory contains all available public keys. Take a note of the key that applies to the client you are registering.

  2. Open the relevant bootstrap script, locate the ORG_GPG_KEY= parameter and add the required key. For example:

    uyuni-gpg-pubkey-0d20833e.key
      You do not need to delete any previously stored keys.
    . If you are bootstrapping clients from the {productname} {webui}, you will need to use a Salt state to trust the key.
      Create the Salt state and assign it to the organization.
      You can then use an activation key and configuration channels to deploy the key to the clients.

Create Activation Key for a Branch Server and the Retail Terminals

The branch server is based on an Uyuni Proxy. Its activation key must contain these child channels:

  • openSUSE Leap 15.2 Updates (x86_64)

  • Uyuni Client Tools for openSUSE Leap 15.2 (x86_64)

  • Uyuni Proxy Stable for openSUSE Leap 15.2 (x86_64)

The activation key for retail terminals based on openSUSE Leap 15.2 must contain these child channels:

  • openSUSE Leap 15.2 Updates (x86_64)

  • Uyuni Client Tools for openSUSE Leap 15.2 (x86_64)

For more information about creating activation keys, see client-configuration:activation-keys.adoc.

Register the Branch Server and Terminals as Clients

You register both the branch server and the terminals as openSUSE clients. To register your openSUSE clients, you need a bootstrap repository. By default, bootstrap repositories are automatically created, and regenerated daily for all synchronized products. You can manually create the bootstrap repository from the command prompt, using this command:

mgr-create-bootstrap-repo --with-custom-channels

For more information on registering your clients, see client-configuration:registration-overview.adoc.

Register the Branch Server

A retail branch server is registered as an openSUSE proxy. The proxy can be bootstrapped using the Web UI, or at the command prompt. Ensure you use the activation key you created for the proxy.

For more information about proxies, see installation:uyuni-proxy-registration.adoc. For more information about activation keys, see client-configuration:activation-keys.adoc.

Procedure: Setting Up the Uyuni Proxy
  1. Check that the Uyuni Proxy Stable for openSUSE Leap 15.2 (x86_64) channel is assigned to the proxy on the system profile page.

  2. At the command prompt on the proxy, as root, install the proxy pattern:

    zypper in -t pattern uyuni_proxy
  3. Finalize the proxy setup:

    configure-proxy.sh
    [command]``configure-proxy.sh`` is an interactive script.
    For more information about the proxy setup script, see xref:installation:uyuni-proxy-setup.adoc#uyuni-proxy-setup-confproxy[].
  4. OPTIONAL: If you want to use the same system also as a build host, navigate to the client’s system profile and check OS Image Build Host as a Add-On System Types.

  5. Configure the proxy to run as a branch server. For example:

    retail_branch_init <branch_server_minion_id> --dedicated-nic eth1 \
        --branch-ip 192.168.7.5 \
        --netmask 255.255.255.0 \
        --dyn-range 192.168.7.100 192.168.7.200 \
        --server-domain branch.example.org \
        --branch-prefix uyuni
    For additional options,  use the [command]``retail_branch_init --help`` command.