Chapter 10. Working with RHUI 4 commands
The screens within the Red Hat Update Infrastructure Management Tool, accessed from the RHUpdate, provide menu options that allow you to configure and update the various Red Hat Update Infrastructure 4 components.
10.2. Using RHUI 4 CLI options
The majority of administrative tasks for Red Hat Update Infrastructure 4 are in its installation. After installation, it runs on its own, periodically getting updated packages from the Red Hat CDN and automatically making those packages available to clients.
A command line interface called Red Hat Update Infrastructure Management Tool (run with rhui-manager
) facilitates the installation. This tool provides interactive prompts for the necessary configuration elements for each RHUI component: RHUA, CDS, and load-balancer. This tool also provides a means for taking the content certificate provided by Red Hat for use when connecting to the Red Hat CDN and generating internal, cloud-specific certificates that clients use to connect to RHUI. The Red Hat Update Infrastructure Management Tool allows the cloud provider to generate a client configuration bundle to install on client RHEL instances. This bundle allows the clients to get updates from the RHUI installation.
Red Hat Update Infrastructure Management Tool uses an interactive shell; some functions can also run from a shell prompt. The Red Hat Update Infrastructure Management Tool uses seven main commands. For each command’s subcommand, a list of options is provided if the subcommand expects one or more options other than -h
and --help
.
View all options and commands.
[root@ip-10-141-150-145 ~]# rhui-manager --help Usage: rhui-manager [options] OPTIONS -h/--help show this help message and exit --debug enables debug logging --noninteractive prevents console input, used for scripting --config absolute path to the configuration file; defaults to /etc/rhui/rhui-tools.conf --server location of the RHUA server (overrides the config file) --username if specified, previously saved authentication credentials are ignored and this username is used to login --password used in conjunction with --username --logout logout from the active session COMMANDS cert : Red Hat content certificate management packages : package manipulation on repositories repo : repository listing and manipulation cds : CDS listing and manipulation migrate : Migrate from {RHUI3} haproxy : Load balancer listing and manipulation status : RHUI status and health information client : Red Hat client management
10.2.1. cert
Red Hat content certificate management upload : uploads a new content certificate info : display information about the current content certificate
# rhui-manager cert upload upload: uploads a new content certificate --cert - full path to the new content certificate (required) --key - full path to the new content certificate's key
10.2.2. packages
package manipulation on repositories list : lists all packages in a repository remove : removes a package from a custom repository upload : uploads a package or directory of packages to a custom repository remote : uploads RPM content from a remote URL to a custom repository
list: lists all packages in a repository --repo_id - id of the repository to list packages for (required)
remove: removes a package from a custom repository --repo_id - id of the custom repository to remove a package from (required) --package - name of the package to be removed (required) --vr - if specified, only the supplied version-release of the package will be removed --force - don't ask for confirmation
upload: uploads a package or directory of packages to a custom repository --repo_id - id of the custom repository where the packages will be uploaded (required) --packages - path to an .rpm file or directory of RPMs that will be uploaded (required)
remote: uploads RPM content from a remote URL to a custom repository --repo_id - id of the custom repository where the packages will be uploaded (required) --url - remote URL of the package or a web page that will be scraped for RPM content (required)
10.2.3. repo
repository listing and manipulation list : lists all repositories in the RHUI info : displays information on an individual repo add : add a Red Hat repository to the RHUA add_by_repo: add Red Hat repositories to the RHUA via repo ID add_by_file: add Red Hat repositories to the RHUA using an input file add_errata: associate errata metadata with a repository delete : delete a repository sync : sync a repository set_retain_versions: limits the number of older repository versions kept in database orphan_cleanup: submits a background task to remove orphaned artifacts from storage export : export a repository to the filesystem enable_sync: enable scheduled synchronization of a repository disable_sync: disable scheduled synchronization of a repository sync_all : sync all repositories metadata : ensure metadata is generated for the latest version of repositories enable_autopublish: enable automatic publishing of a new repository version disable_autopublish: disable automatic publishing of a new repository version create_custom: create a custom repository unused : list of products available but not synced to the RHUA
info: displays information on an individual repo --repo_id - identifies the repository to display (required)
add: add a Red Hat repository to the RHUA --product_name - product to add the RHUA (required)
add_by_repo: add Red Hat repositories to the RHUA via repo ID --repo_ids - repo IDs to add, comma-separated (required) --sync-now - Use to sync any repos that are added (optional)
add_by_file: add Red Hat repositories to the RHUA using an input file --file - file containing repo IDs to add, one per line (required) --sync_now - Use to sync any repos that are added (optional)
add_errata: associate errata metadata with a repository --repo_id - repo ID to associate the metadata with (required) --updateinfo - updateinfo file to be applied (required)
delete: delete a repository --repo_id - identifies the repository to delete (required)
sync: sync a repository --repo_id - identifies the repository to sync (required)
set_retain_versions: limits the number of older repository versions kept in database --repo_id - identifies the repository to operate on --all - operate on all repositories (either --repo_id or --all must be provided, but not both) --versions - number of versions to keep (required) --dry_run - display what will be executed without actually executing
orphan_cleanup: submits a background task to remove orphaned artifacts from storage
export: export a repository to the filesystem --repo_id - identifies the repository to export (required)
metadata : ensure metadata is generated for the latest version of repositories --repo_id - explicit repo ID to generate metadata for
enable_sync: enable scheduled synchronization of a repository --repo_id - identifies the repository to enable scheduled synchronization for (required) --verbose - if present, info on last/next synchronization tasks will be displayed
disable_sync: disable scheduled synchronization of a repository --repo_id - identifies the repository to disable scheduled synchronization for (required) --verbose - if present, info on last/next synchronization tasks will be displayed
enable_autopublish: enable automatic publishing of a new repository version --repo_id - identifies the repository to enable automatic publishing for (required)
disable_autopublish: disable automatic publishing of a new repository version --repo_id - identifies the repository to disable automatic publishing for (required)
create_custom: create a custom repository --repo_id - identifies the repository to add (required) --path - path to the content being served by CDS; defaults to repo_id --display_name - display name for the custom repository --entitlement - path used in the entitlement certificate; may use yum variable substitutions --legacy_md - if present, the repo will use SHA1, otherwise default value is used (SHA256) --redhat_content - repository will host Red Hat GPG signed content --protected - make the content protected by entitlement certificate --gpg_public_keys - comma separated list of public keys used to sign the served content; the filenames must not contain comma
unused: list all unused Red Hat repositories Loading latest entitled products from Red Hat... ... listings loaded Available Repositories --------------------
10.2.4. cds
CDS listing and manipulation list : lists all cds instances in the RHUI add : register a cds instance to the RHUI reinstall : reinstalls an already registered cds instance delete : unregisters cds instances from the RHUI
add: register a cds instance to the RHUI --hostname - The hostname of the instance to add. (required) --ssh_user - Username with SSH access to the instance and sudo privileges. (required) --keyfile_path - Absolute path to an SSH private key to use with the given user. (required) --hostfile - Absolute path to a known_hosts file to use to determine the identity of the instance; if this is not provided and the instance hostkey is not in the system-wide known_hosts file, this command will fail. --user_supplied_ssl_key - Optional absolute path to the user supplied SSL key file. --user_supplied_ssl_crt - Optional absolute path to the user supplied SSL crt file. --force - Add the system even if the hostname is already registered. --unsafe - Proceed even if the instance host key is not in the known_hosts file. This is not secure! --no_update - Use this flag to prevent the final dnf update; it must be specified every time this functionality is desired.
reinstall: reinstalls an already registered cds instance --hostname - The hostname of the instance to reinstall on; this instance must be registered already. --all - Reinstall all the registered instances. --no_update - Use this flag to prevent the final dnf update; it must be specified every time this functionality is desired.
delete: unregisters cds instances from the RHUI --force - Delete the system, even if it is the last of its kind. --hostnames - Comma-separated list of hostnames to delete (unregister) from RHUI. (required)
10.2.5. migrate
Migrate from {RHUI3} --hostname : the {RHUI3} hostname --password : <your_password> --keyfile_path : ~/.ssh/id_rsa_rhua*
10.2.6. haproxy
Load balancer listing and manipulation list : lists all haproxy instances in the RHUI add : register a haproxy instance to the RHUI reinstall : reinstalls an already registered haproxy instance delete : unregisters haproxy instances from the RHUI
add: register a haproxy instance to the RHUI --hostname - The hostname of the instance to add. (required) --ssh_user - Username with SSH access to the instance and sudo privileges. (required) --keyfile_path - Absolute path to an SSH private key to use with the given user. (required) --hostfile - Absolute path to a known_hosts file to use to determine the identity of the instance; if this is not provided and the instance hostkey is not in the system-wide known_hosts file, this command will fail. --config - Optional absolute path to a user supplied HAProxy config file. --force - Add the system even if the hostname is already registered. --unsafe - Proceed even if the instance host key is not in the known_hosts file. This is not secure! --no_update - Use this flag to prevent the final dnf update; it must be specified every time this functionality is desired.
reinstall: reinstalls an already registered haproxy instance --hostname - The hostname of the instance to reinstall on; this instance must be registered already. --all - Reinstall all the registered instances. --no_update - Use this flag to prevent the final dnf update; it must be specified every time this functionality is desired.
delete: unregisters haproxy instances from the RHUI --force - Delete the system, even if it is the last of its kind. --hostnames - Comma-separated list of hostnames to delete (unregister) from RHUI. (required)
10.2.7. status
status: RHUI status and health information --code - if specified, only a numeric code for the result will be displayed --repo_json - Name of the JSON file for a repo status
10.2.8. client
Red Hat client management labels : list the labels required for client certificate creation cert : create a content certificate for a rhui client rpm : create a client config rpm content_source: create an alternate source config rpm acs_config: output a JSON representation of the alternate source config
cert: create a content certificate for a rhui client --repo_label - identifies the repositories to add. Comma delimited string of repo labels (required) --name - identifies the certificate name (required) --days - number of days cert will be valid (required) --dir - directory where the certificate will be stored (required)
rpm: create a client config rpm --private_key - entitlement private key --entitlement_cert - entitlement certificate --rpm_version - version number of the client config rpm --rpm_release - release of rpm package. Default is 1 --rpm_name - name of the client config rpm (required) --dir - directory where the rpm will be created (required) --unprotected_repos - comma-separated list of unprotected repos to include --cert - generate certificate also before building client config rpm if given --ca_cert - full path to the certificate authority of CDS servers --repo_label - identifies the repositories to add. Comma delimited string of repo labels --name - identifies the certificate name if it is different from rpm name --days - number of days cert will be valid --proxy - url/string in case proxy option is necessary in yum repo file
content_source: create an alternate source config rpm --private_key - entitlement private key --entitlement_cert - entitlement certificate --rpm_version - version number of the client config rpm --rpm_name - name of the client config rpm (required) --dir - directory where the rpm will be created (required) --unprotected_repos - comma-separated list of unprotected repos to include --cert - generate certificate also before building client config rpm if given --ca_cert - full path to the certificate authority of CDS servers --repo_label - identifies the repositories to add. Comma delimited string of repo labels --name - identifies the certificate name if it is different from rpm name --days - number of days cert will be valid
acs_config: output a JSON representation of the alternate source config --dir - directory where the JSON representation will be stored (required) --private_key - entitlement private key --entitlement_cert - entitlement certificate --cert - generate certificate based on the the repos supplied via --repo_label --ssl_ca_cert - full path to the certificate authority of CDS servers (defaults to ssl_ca_crt specified in rhui-tools.conf) --repo_label - identifies the repositories to add. Comma delimited string of repo labels --days - number of days cert will be valid if new cert is generated