Patch Management of Linux Servers Using Spacewalk

Installation

Spacewalk is an open source configuration management tool sponsored by Red Hat. Spacewalk is alternate of Redhat network satellite server on Centos / Fedora / Scientific Linux. Spacewalk is the upstream project for the source of Red Hat Network Satellite.

It provides a management interface for software content across registered servers. Some of important Features of Spacewalk are mentioned below :

  • Manage Inventory of Servers (hardware and software information)
  • Install and update software on Servers
  • Manage and deploy configuration files to your systems
  • Monitor your systems / Servers

Spacewalk Installation Steps on CentOS / RHEL

Step:1  Setup Spacewalk Repo.

rpm -Uvh http://yum.spacewalkproject.org/1.9/RHEL/6/x86_64/spacewalk-repo-1.9-1.el6.noarch.rpm

Step:2 Setup Additional Repositories.

For Spacewalk on RHEL 6 and Fedora, We nee  additional dependencies that are needed from jpackage. Create  a file using below command :

cat > /etc/yum.repos.d/jpackage-generic.repo << EOF
[jpackage-generic]
name=JPackage generic
#baseurl=http://mirrors.dotsrc.org/pub/jpackage/5.0/generic/free/
mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=generic&type=free&release=5.0
enabled=1
gpgcheck=1
gpgkey=http://www.jpackage.org/jpackage.asc
EOF

Enable EPEL Repository :

Spacewalk requires a Java Virtual Machine with version 1.6.0 or greater. EPEL – Extra Packages for Enterprise Linux contains a version of the openjdk that works with Spacewalk.

# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

Step:3 Spacewalk Database Server Installation

Spacewalk uses database to store its primary data , it supports either  PostgreSQL  or Oracle RDBMS. In our case we are using postgresql.

# yum install spacewalk-setup-embedded-postgresql

Step:4 Installing Spacewalk

# yum install spacewalk-postgresql

Create a file under /root called “answer” with below contents :

# vi /root/answers

admin-email = root@localhost

ssl-set-org = Nextstep4it

ssl-set-org-unit = IT

ssl-set-city = Delhi

ssl-set-state = Delhi

ssl-set-country = IN

ssl-password = spacewalkpasswd

ssl-set-email = root@localhost

ssl-config-sslvhost = Y

db-backend=postgresql

db-name=spacewalkdb

db-user=spacewalk

db-password=spacewalkpasswd

db-host=localhost
db-port=5432

enable-tftp=Y

Configure Spacewalk with an Answer File

# spacewalk-setup –disconnected –answer-file=/root/answers

After spacewalk-setup is complete , application is ready to use. Above command will create the postgresql database environment for spacewalk and will create ssl certificates and will start the services like tomcat.

Step:5 Access the Spacewalk using below URL and set administrative account .

Open Web browser and type “https://<Hostname / IP>“, replace hostname or ip address according to your setup

After Setting the Administrative account , we can login to spacewalk admin GUI:

Spacewalk Admin panel

Spacewalk Service

# /usr/sbin/spacewalk-service [stop|start|restart]

Overview :

In this tutorial I am assuming that Spacewalk  server is already installed & Configured. Click Here to go through the spacewalk installation steps. In my scenario I have more than 100 Linux Servers (Centos 6) , I will do the patching using spacewalk tool. For this i have to register all linux servers in spacewalk and will push all updates from the admin panel

Follow the Below Steps to Register CentOS 6.4  servers in Spacewalk.

Step:1 Login To admin Panel of Spacewalk and add a Channel.

Click on channel —> then click on Manage software Channel —>  Click on Create New Channel

Spacewalk1

Also select option “Public and may be accessed by any of the trusted organizations trusted by this organization” which is under Channel Access Control . Leave all other  fields as it is and click on Create channel.

Step:2 Now Create & add repository to the Channel 

Go To Channel —-> click on Manage Repository

Spacewalk2

Specify the Repository Label and Path of Repository and Click on Create Repository, in my I have put the repository on ftp server.

Add Repository to Channel :

Now Click on Manage Software channel —-> then click on the channel Name —> then click on Repository —-> then select the repository that we have created in above step and then click on update repository

Spacewalk3

Step:3 Now Upload the Packages / RPMS to Channel using below command

# spacewalk-repo-sync –channel centos6_x86_all  –type yum

Step:4  Now Generate Activation Key , which will be used for Client Registration with Spacewalk

From the Overview , click on the Activation Key —-> then click on Create Key

Spacewalk4

Click on Create Activation Key , this will create a key which we will used on the client to regsiter with spacewalk.

Step:5 Install Spacewalk client’s packages  on CentOS 6 Servers.

# yum install -y rhn-client-tools rhn-check rhn-setup rhnsd m2crypto yum-rhn-plugin rhncfg rhncfg-actions rhncfg-client

Now Register Linux Server with Spacwalk

# rhnreg_ks –force –serverUrl=http://192.168.2.51/XMLRPC –activationkey=1-6f0183f8cb1815adeebe38f4ffd445d6

# rhn-actions-control –enable-all

Above commands will register your linux box with  Spacewalk , just replace ip address of spacewalk server and activation key according to your setup.

Step:6 Now See , are there any updates available for Register System ?

Now Login to Spacewalk admin panel , click on System , then click on Register Server Name , in my case it is “space-client.nsitmail.com “ As we can see updates are available.

Spacewalk5

Step:7 Schedule to install  all the updates

Spacewalk6

Select all the packages and Click on Upgrade Package.

When We click on “Upgrade Package” , then it will ask to schedule upgrade as shown below

Spacewalk7

click on Confirm. When we select “as soon as possible” option , then it will apply these updates after 4 hours. This interval is specified in the file “/etc/sysconfig/rhn/rhnsd

Leave a Reply