Patch Management of Linux Servers Using Spacewalk
Spacewalk is an open source configuration management tool sponsored by Red Hat. Spacewalk is alternate of Redhat network satellite server on Centos / Fedora / Scientific Linux. Spacewalk is the upstream project for the source of Red Hat Network Satellite.
It provides a management interface for software content across registered servers. Some of important Features of Spacewalk are mentioned below :
- Manage Inventory of Servers (hardware and software information)
- Install and update software on Servers
- Manage and deploy configuration files to your systems
- Monitor your systems / Servers
Spacewalk Installation Steps on CentOS / RHEL
Step:1 Setup Spacewalk Repo.
# rpm -Uvh http://yum.spacewalkproject.org/1.9/RHEL/6/x86_64/spacewalk-repo-1.9-1.el6.noarch.rpm
Step:2 Setup Additional Repositories.
For Spacewalk on RHEL 6 and Fedora, We nee additional dependencies that are needed from jpackage. Create a file using below command :
cat > /etc/yum.repos.d/jpackage-generic.repo << EOF
Enable EPEL Repository :
Spacewalk requires a Java Virtual Machine with version 1.6.0 or greater. EPEL – Extra Packages for Enterprise Linux contains a version of the openjdk that works with Spacewalk.
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
Step:3 Spacewalk Database Server Installation
Spacewalk uses database to store its primary data , it supports either PostgreSQL or Oracle RDBMS. In our case we are using postgresql.
# yum install spacewalk-setup-embedded-postgresql
Step:4 Installing Spacewalk
# yum install spacewalk-postgresql
Create a file under /root called “answer” with below contents :
# vi /root/answers
admin-email = root@localhost
ssl-set-org = Nextstep4it
ssl-set-org-unit = IT
ssl-set-city = Delhi
ssl-set-state = Delhi
ssl-set-country = IN
ssl-password = spacewalkpasswd
ssl-set-email = root@localhost
ssl-config-sslvhost = Y
Configure Spacewalk with an Answer File
# spacewalk-setup –disconnected –answer-file=/root/answers
After spacewalk-setup is complete , application is ready to use. Above command will create the postgresql database environment for spacewalk and will create ssl certificates and will start the services like tomcat.
Step:5 Access the Spacewalk using below URL and set administrative account .
Open Web browser and type “https://<Hostname / IP>“, replace hostname or ip address according to your setup
After Setting the Administrative account , we can login to spacewalk admin GUI:
# /usr/sbin/spacewalk-service [stop|start|restart]
In this tutorial I am assuming that Spacewalk server is already installed & Configured. Click Here to go through the spacewalk installation steps. In my scenario I have more than 100 Linux Servers (Centos 6) , I will do the patching using spacewalk tool. For this i have to register all linux servers in spacewalk and will push all updates from the admin panel
Follow the Below Steps to Register CentOS 6.4 servers in Spacewalk.
Step:1 Login To admin Panel of Spacewalk and add a Channel.
Click on channel —> then click on Manage software Channel —> Click on Create New Channel
Also select option “Public and may be accessed by any of the trusted organizations trusted by this organization” which is under Channel Access Control . Leave all other fields as it is and click on Create channel.
Step:2 Now Create & add repository to the Channel
Go To Channel —-> click on Manage Repository
Specify the Repository Label and Path of Repository and Click on Create Repository, in my I have put the repository on ftp server.
Add Repository to Channel :
Now Click on Manage Software channel —-> then click on the channel Name —> then click on Repository —-> then select the repository that we have created in above step and then click on update repository
Step:3 Now Upload the Packages / RPMS to Channel using below command
# spacewalk-repo-sync –channel centos6_x86_all –type yum
Step:4 Now Generate Activation Key , which will be used for Client Registration with Spacewalk
From the Overview , click on the Activation Key —-> then click on Create Key
Click on Create Activation Key , this will create a key which we will used on the client to regsiter with spacewalk.
Step:5 Install Spacewalk client’s packages on CentOS 6 Servers.
# yum install -y rhn-client-tools rhn-check rhn-setup rhnsd m2crypto yum-rhn-plugin rhncfg rhncfg-actions rhncfg-client
Now Register Linux Server with Spacwalk
# rhnreg_ks –force –serverUrl=http://192.168.2.51/XMLRPC –activationkey=1-6f0183f8cb1815adeebe38f4ffd445d6
# rhn-actions-control –enable-all
Above commands will register your linux box with Spacewalk , just replace ip address of spacewalk server and activation key according to your setup.
Step:6 Now See , are there any updates available for Register System ?
Now Login to Spacewalk admin panel , click on System , then click on Register Server Name , in my case it is “space-client.nsitmail.com “ As we can see updates are available.
Step:7 Schedule to install all the updates
Select all the packages and Click on Upgrade Package.
When We click on “Upgrade Package” , then it will ask to schedule upgrade as shown below
click on Confirm. When we select “as soon as possible” option , then it will apply these updates after 4 hours. This interval is specified in the file “/etc/sysconfig/rhn/rhnsd”