Red Hat SummitChapter 2. Configuring Client Applications
In order to use most enterprise-class features of Red Hat Network, such as registering with Red Hat Satellite, configuration of the latest client applications is required. Obtaining these applications before the client has registered with Red Hat Network can be difficult. This paradox is especially problematic for customers migrating large numbers of older systems to Red Hat Network. This chapter identifies techniques to resolve this dilemma.
Important
Red Hat strongly recommends that clients connected to a Red Hat Proxy Server or Red Hat Satellite Server be running the latest update of Red Hat Enterprise Linux to ensure proper connectivity.
Additionally, if client firewalls are configured, ports 80 and 443 should be open for proper functionality with Red Hat Network.
Not every customer must connect securely to a Red Hat Satellite or Red Hat Proxy within their organization, nor build and deploy a GPG key for custom packages, but every customer who uses these products must reconfigure the following:
- Red Hat Update Agent - This is the update mechanism for Red Hat channels. Use of the Update Agent differs for certain operating systems:
- On Red Hat Enterprise Linux 5, 6, and 7 - As a
yumplugin (yum-rhn-plugin) - On Red Hat Enterprise Linux 3 and 4 - As a standalone application (
up2date)
- Red Hat Network Registration Client (rhn_register) - This is the mechanism to register clients. By default,
rhn_registerregisters to the main Red Hat Network servers. You need to reconfigure client systems to register to Red Hat Satellite or Red Hat Proxy.
Important
By default, the
yum command on Red Hat Enterprise Linux 5, 6, and 7 uses SSL for communication with remote repositories. Consequently, you should ensure that firewalls allow connections over port 443.
To bypass SSL, change the value of
serverURL from https to http in the /etc/sysconfig/rhn/up2date file. Similarly, to use Red Hat Network's Monitoring feature and probes requiring the Red Hat Network Monitoring Daemon, client systems must allow connections on port 4545 (or port 22, if it is using sshd instead).
The latest versions of Red Hat Update Agent can be configured to accommodate several Red Hat Satellite servers, which provides failover protection in case the primary server is inaccessible. See Section 2.4, “Implementing Server Failover” for instructions on enabling this feature.
The following sections describe different methods of configuring the client systems to access your Red Hat Satellite or Proxy. See the Red Hat Satellite Getting Started Guide for information about scripting configuration commands.
2.1. Registering Clients with Red Hat Satellite Server
The following procedure describes how to use the
rhn_register command to register a system with Red Hat Satellite. Ensure you replace the example host names and domain names with those that apply to your configuration.
Procedure 2.1. To Use rhn_register to Register a System with Red Hat Satellite:
- Change into the
/usr/share/rhn/directory and download the SSL certificate to the client:# cd /usr/share/rhn/# wget http://satellite.example.com/pub/RHN-ORG-TRUSTED-SSL-CERT - Edit the
/etc/sysconfig/rhn/up2datefile and ensure that it contains the following entries:serverURL=https://satellite.example.com/XMLRPC noSSLServerURL=http://satellite.example.com/XMLRPC sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
- Use the
rhn_registercommand to register the machine:# rhn_register
