The software described in this documentation is either no longer supported or is in extended support.
Oracle recommends that you upgrade to a current supported release.
To install the Spacewalk server software:
Install Oracle Instant Client release 11.2.0.3 or later:
Download the following Instant Client packages. You can find out more about the Instant Client from:
https://www.oracle.com/database/technologies/instant-client.html
Instant Client Package - Basic
Instant Client Package - SQL*Plus
Add the library path to ldconfig:
#
echo /usr/lib/oracle/11.2/client64/lib > /etc/ld.so.conf.d/oracle-instantclient11.2.conf
#ldconfig
NoteThe Spacewalk server configuration fails if the Instant Client is missing. Oracle recommends that you install the latest 11gR2 release of the Instant Client.
Ensure that the
jta
package is not installed and prevent it from being installed when you install Spacewalk.To check if the
jta
package is installed:#
yum list installed | grep jta
To remove the
jta
package:#
yum remove jta
To prevent the
jta
package from being installed, either disable the Oracle Linux 6 Add-ons channel ([ol6_addons]
), or add thejta
package to theexclude
directive in the yum configuration file/etc/yum.conf
, for example:exclude=jta*
Configure the system firewall, for example:
#
iptables -I INPUT -p udp -m udp --dport 69 -j ACCEPT
#iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
#iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
#iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 5222 -j ACCEPT
#iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 5269 -j ACCEPT
#iptables -I OUTPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
#iptables -I OUTPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
#service iptables save
Enable access to the Spacewalk Server 2.2 repository on the Oracle Linux yum server server at https://yum.oracle.com.
Download the latest yum repository configuration file (https://yum.oracle.com/public-yum-ol6.repo) to the yum repositories directory (by default
/etc/yum.repos.d
) and enable theol6_spacewalk22_server
repository in that file.Alternatively, you can create a yum repository configuration file, for example
/etc/yum.repos.d/spacewalk22.repo
, with the following content:[ol6_spacewalk22_server] name=Spacewalk Server 2.2 for Oracle Linux 6 ($basearch) baseurl=https://yum.oracle.com/repo/OracleLinux/OL6/spacewalk22/server/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle gpgcheck=1 enabled=1
Install the Spacewalk server packages that are configured to use Oracle Database:
#
yum install spacewalk-oracle
You can safely ignore any SELinux
restorecon
messages that are displayed when the packages are installed.Optionally, you can also install the
spacewalk-utils
andspacecmd
packages if you want to use commands such as spacecmd, spacewalk-common-channels, spacewalk-hostname-rename, or spacewalk-sync-setup.#
yum install spacewalk-utils spacecmd
spacecmd allows you to administer Spacewalk from the command line. You can manage activation keys, configuration channels, Kickstarts, software channels, systems, and users.
spacewalk-common-channels allows you to configure the software channels, the Oracle Linux yum server repositories, GPG keys, and activation keys for Oracle Linux from the command line.
spacewalk-hostname-rename allows you to regenerate the SSL certificate if you change the system's host name.
spacewalk-sync-setup allows you configure a master-slave relationship between two Spacewalk servers that you want to use in an Inter-Server Synchronization (ISS) configuration. See Chapter 4, Configuring Inter-Server Synchronization.
Configure Spacewalk to use the Oracle database by running spacewalk-setup --disconnected --external-oracle.
The following example shows an interactive configuration.
NoteThe value that you specify for Organization Unit must be the FQDN of the server in DNS, which must be the same as the system's host name.
sw_user
andsw_passwd
are the Spacewalk user name and password that you configured for Oracle Database.The value expected for the database service name (SID) is the global database name and not the value of
ORACLE_SID
.#
spacewalk-setup --disconnected --external-oracle
* Setting up SELinux.. * Setting up Oracle environment. * Setting up database. ** Database: Setting up database connection for Oracle backend. Database service name (SID)?orcl.mydom.com
Database hostname [localhost]?spacewalk-db.mydom.com
Username?
Password?sw_user
Database: Testing database connection. ** Database: Populating database. *** Progress: ############################################################ * Setting up users and groups. ** GPG: Initializing GPG and importing key. ** GPG: Creating /root/.gnupg directory You must enter an email address. Admin Email Address?sw_passwd
my.email@mydom.com
* Performing initial configuration. * Activating Spacewalk. ** Loading Spacewalk Certificate. ** Verifying certificate locally. ** Activating Spacewalk. * Enabling Monitoring. * Configuring apache SSL virtual host. Should setup configure apache's default ssl server for you (saves original ssl.conf) [Y]?y
** /etc/httpd/conf.d/ssl.conf has been backed up to ssl.conf-swsave * Configuring tomcat. ** /etc/sysconfig//tomcat6 has been backed up to tomcat6-swsave ** /etc/tomcat6//server.xml has been backed up to server.xml-swsave ** /etc/tomcat6//web.xml has been backed up to web.xml-swsave * Configuring jabberd. * Creating SSL certificates. CA certificate password?
Re-enter CA certificate password?cert_passwd
Organization?cert_passwd
Oracle Demo
Organization Unit [spacewalk.domain.com]?spacewalk.mydom.com
Email Address [your.email@domain.com]?my.email@mydom.com
City?Redwood Shores
State?CA
Country code (Examples: "US", "JP", "IN", or type "?" to see a list)?US
** SSL: Generating CA certificate. ** SSL: Deploying CA certificate. ** SSL: Generating server certificate. ** SSL: Storing SSL certificates. * Deploying configuration files. * Update configuration in database. * Setting up Cobbler.. Processing /etc/cobbler/modules.conf `/etc/cobbler/modules.conf' -> `/etc/cobbler/modules.conf-swsave' Processing /etc/cobbler/settings `/etc/cobbler/settings' -> `/etc/cobbler/settings-swsave' cobblerd does not appear to be running/accessible Cobbler requires tftp and xinetd services be turned on for PXE provisioning functionality. Enable these services [Y]?y
cobblerd does not appear to be running/accessible * Restarting services. Installation complete. Visit https://spacewalk.mydom.com to create the Spacewalk administrator account.Verify that the Spacewalk services are running correctly.
#
spacewalk-service status
router (pid 1556) is running... sm (pid 1566) is running... c2s (pid 1576) is running... s2s (pid 1585) is running... tomcat6 (pid 1499) is running... [ OK ] httpd (pid 1543) is running... osa-dispatcher (pid 1620) is running... rhn-search is running (1649). cobblerd (pid 1766) is running... RHN Taskomatic is running (1797).The process IDs on your system are likely to be different from those shown in this example.
Point a browser at the Spacewalk server URL mentioned in the output and create the Spacewalk administrator account.
If you want to use third-party CA-signed SSL certificate instead of the self-signed SSL certificate, follow the procedure given in Chapter 3, Replacing SSL Certificates on Spacewalk Servers or Spacewalk Proxies.
NoteOracle recommends that you replace the self-signed SSL certificate before registering any clients. Otherwise, you must log on separately to each existing client and configure it to use the new SSL certificate. You cannot do this from the Spacewalk server.
Oracle recommends that you register the Spacewalk server as a client of itself after you have set up the software channels. Include the Spacewalk Server 2.2 channel in the list of software channels to which the server is subscribed.