Este conteúdo não está disponível no idioma selecionado.
2.4. Additional Requirements
			Red Hat Satellite has some additional considerations before installation. These additional requirements must be met before starting the Satellite installation.
		
2.4.1. Firewall
Copiar o linkLink copiado para a área de transferência!
				Protect your Red Hat Satellite environment with a firewall by blocking all unnecessary and unused ports.
			
				The following table provides a list of port requirements for Red Hat Satellite.
			
| Port | Protocol | Direction | Reason | 
|---|---|---|---|
| 67 | TCP/UDP | Inbound | Open this port to configure the Red Hat Satellite as a DHCP server for systems requesting IP addresses. | 
| 69 | TCP/UDP | Inbound | Open this port to configure Red Hat Satellite as a PXE server and allow installation and re-installation of PXE-boot enabled systems. | 
| 80 | TCP | Inbound | Web UI and client requests come in via HTTP. | 
| 443 | TCP | Inbound | Web UI and client requests come in via HTTPS. | 
| 443 | TCP | Outbound | Red Hat Satellite uses this port to reach Red Hat Subscription Manager (unless running in a disconnected mode for Satellite). | 
| 4545 | TCP | Inbound and Outbound | Red Hat Satellite Monitoring makes connections to rhnmdrunning on client systems, if Monitoring is enabled and probes are configured for registered systems. | 
| 5222 | TCP | Inbound | This port pushes actions to client systems. | 
| 5269 | TCP | Inbound and Outbound | This port pushes actions to Red Hat Proxy Server. | 
| 5432 | TCP | Inbound and Outbound | This is a requirement for communication with a PostgreSQL database server if using an External Database or Managed Database. | 
				Open your firewall to the following hosts for access to Red Hat's Content Delivery Network (CDN):
			
- subscription.rhsm.redhat.com
- cdn.redhat.com
- cert-api.access.redhat.com(if using Red Hat Insights)
- api.access.redhat.com(if using Red Hat Insights)
2.4.2. File Permissions
Copiar o linkLink copiado para a área de transferência!
				The 
umask command sets file permissions mask for new files. This helps secure the file permissions for new files created on a system. Users with a restrictive umask value might experience problems with installation and operation of Red Hat Satellite. Use the recommended umask value of 022.
			2.4.3. SELinux Policy
Copiar o linkLink copiado para a área de transferência!
				SELinux is a set of secure software policies that implement mandatory access control to Red Hat Enterprise Linux and other operating systems. Red Hat Satellite supports SELinux 
targeted policy in enforcing or permissive mode on Red Hat Enterprise Linux 5 and 6.
			2.4.4. Bandwidth
Copiar o linkLink copiado para a área de transferência!
				Network bandwith is important for communication among Satellites, Proxies, and Clients. To accomodate high volume traffic, Red Hat recommends a high bandwidth on a network capable of delivering packages to many systems and clients. As a guide, Red Hat provides a set of estimates for package transfer from one system to another over various speeds.
			
|  | 
								Single Package (10Mb)
							 | 
								Minor Release (750Mb)
							 | 
								Major Release (6Gb)
							 | 
|---|---|---|---|
| 
								256Kbps
							 | 
								5 Mins 27 Secs
							 | 
								6 Hrs 49 Mins 36 Secs
							 | 
								2 Days 7 Hrs 55 Mins
							 | 
| 
								512Kbps
							 | 
								2 Mins 43.84 Secs
							 | 
								3 Hrs 24 Mins 48 Secs
							 | 
								1 Day 3 Hrs 57 Mins
							 | 
| 
								T1 (1.5Mbps)
							 | 
								54.33 Secs
							 | 
								1 Hr 7 Mins 54.78 Secs
							 | 
								9 Hrs 16 Mins 20.57 Secs
							 | 
| 
								10Mbps
							 | 
								8.39 Secs
							 | 
								10 Mins 29.15 Secs
							 | 
								1 Hr 25 Mins 53.96 Secs
							 | 
| 
								100Mbps
							 | 
								0.84 Secs
							 | 
								1 Min 2.91 Secs
							 | 
								8 Mins 35.4 Secs
							 | 
| 
								1000Mbps
							 | 
								0.08 Secs
							 | 
								6.29 Secs
							 | 
								51.54 Secs
							 | 
				Red Hat recommends at least a 100Mbps network speed for minor and major releases. This avoids timeouts for transfers longer than 10 minutes. All speeds are relative to your network setup.
			
2.4.5. Caching
Copiar o linkLink copiado para a área de transferência!
				Beyond the space needed for the Red Hat Enterprise Linux installation and 
/var/satellite/, Red Hat Satellite requires space to generate cache files. These cache files are constantly regenerated as they become needed, even if the cache files are deleted. These cache files are stored within /var/cache/rhn, and the storage needs of this directory depend on the following factors:
			- How many channels you synchronize or import from Red Hat or Channel dumps.
- How many custom packages and channels you have.
- Whether or not you are using Red Hat Satellite Synchronization.
				Provide at least 10 GB of space for 
/var/cache/rhn/ on a Red Hat Satellite server. For very large environments with numerous channels, packages, and using Inter Satellite Sync, usage can grow to as much as 100 GB of space for cache files in /var/cache/rhn.
			2.4.6. Synchronized System Times
Copiar o linkLink copiado para a área de transferência!
				The time settings on the server and clients need to be synchronized so the SSL certificate does not expire before or during use. Red Hat requires the Red Hat Satellite and all client systems to use Network Time Protocol (NTP). This also applies to the separate database machine in Red Hat Satellite with External Database or Managed Database, which must also be set to the same time zone as the Red Hat Satellite.
			
2.4.7. Setting System Language and Locale
Copiar o linkLink copiado para a área de transferência!
				Set the UTF-8 encoding for your language and locale on your Red Hat Satellite system via the 
/etc/sysconfig/i18n file. The LANG setting in the file must be in the following format:
			LANG="[language_TERRITORY].UTF-8"
LANG="[language_TERRITORY].UTF-8"
				The 
language and TERRITORY are entered as two-letter codes. For example if your language is English and your locale is the United States, you set your LANG setting to en_US.UTF-8.
			2.4.8. Fully Qualified Domain Name (FQDN)
Copiar o linkLink copiado para a área de transferência!
				Red Hat Satellite requires the installation to resolve its own FQDN properly. If this is not the case, cookies will not work properly on the web interface.
			
Important
					It is important that the hostname of a Red Hat Satellite contains no uppercase letters. A hostname that includes uppercase letters can cause Satellite Proxy communications (through 
jabberd) to fail.
				
					Section 12.3, “Changing the Red Hat Satellite Hostname” contains instructions if you change your Red Hat Satellite hostname in the future.
				
2.4.9. Functioning Domain Name Service (DNS)
Copiar o linkLink copiado para a área de transferência!
				Ensure all clients resolve Red Hat Satellite's domain name. All systems, both servers and clients, require connection to a working DNS server in the Satellite environment.
			
2.4.10. Red Hat Network Account
Copiar o linkLink copiado para a área de transferência!
				Customers aiming to connect with central Red Hat Network servers to receive incremental updates require an external account with Red Hat Network. This account is set up at the time of purchase with the sales representative.
			
Warning
					Do not subscribe your Red Hat Satellite to any of the following child channels:
				
- Red Hat Enterprise Linux - Optional Packages
- Red Hat Enterprise Linux - Supplementary Packages
- Red Hat Developer Suite
- Red Hat Application Server
- Red Hat Extras
- JBoss product channels
					Subscribing to these channels and updating Red Hat Satellite might install incompatible versions of critical software components, causing Red Hat Satellite to fail. Make sure to subscribe Red Hat Satellite to only the Red Hat Network Tools channel.
				
2.4.11. Backups of Login Information
Copiar o linkLink copiado para a área de transferência!
				It is imperative that customers keep track of all primary login information. For Red Hat Satellite, this includes usernames and passwords for the Organization Administrator account on 
access.redhat.com, the primary administrator account on the Red Hat Satellite itself, SSL certificate generation, and database connection (which also requires an SID, or net service name). Red Hat strongly recommends you copy this information to removable storage media, print out on paper, and store in a fireproof safe.
			2.4.12. Channel Content ISOs
Copiar o linkLink copiado para a área de transferência!
				An Internet connection is not required for Red Hat Satellites running in completely disconnected environments. This feature instead uses Channel Content ISOs to synchronize Red Hat Satellite with the central Red Hat Network Servers. All other Red Hat Satellites should synchronize directly over the Internet.
			
2.4.13. Service Access
Copiar o linkLink copiado para a área de transferência!
				No system components should be directly, publicly available. No user, other than the system administrators, should have shell access to these machines.
			
				All unnecessary services should be disabled using ntsysv or 
chkconfig.
			
				The following services should be enabled.
			
- jabberd
- postgresql (for Embedded Database Installation)
- tomcat6 (for installation on Red Hat Enterprise Linux 6)
- httpd
- osa-dispatcher
- Monitoring
- MonitoringScout
- rhn-search
- cobblerd
- taskomatic
				If Red Hat Satellite serves Monitoring-entitled systems and you wish to acknowledge via email the alert notifications you receive, configure sendmail or postfix to properly handle incoming mail.