The software described in this documentation is either no longer supported or is in extended support.
Oracle recommends that you upgrade to a current supported release.

1.5 Installing a Spacewalk Server

To install the Spacewalk server software:

  1. Install Oracle Instant Client release 11.2.0.3 or later:

    1. Download the following Instant Client packages. You can find out more about the Instant Client from:

      https://www.oracle.com/database/technologies/instant-client.html

      • Instant Client Package - Basic

      • Instant Client Package - SQL*Plus

    2. Add the library path to ldconfig:

      # echo /usr/lib/oracle/11.2/client64/lib > /etc/ld.so.conf.d/oracle-instantclient11.2.conf 
      # ldconfig
    Note

    The Spacewalk server configuration fails if the Instant Client is missing. Oracle recommends that you install the latest 11gR2 release of the Instant Client.

  2. Ensure that the jta package is not installed and prevent it from being installed when you install Spacewalk.

    To check if the jta package is installed:

    # yum list installed | grep jta

    To remove the jta package:

    # yum remove jta

    To prevent the jta package from being installed, either disable the Oracle Linux 6 Add-ons channel ([ol6_addons]), or add the jta package to the exclude directive in the yum configuration file /etc/yum.conf, for example:

    exclude=jta*
  3. Configure the system firewall, for example:

    # iptables -I INPUT -p udp -m udp --dport 69 -j ACCEPT
    # iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
    # iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
    # iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 5222 -j ACCEPT
    # iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 5269 -j ACCEPT
    # iptables -I OUTPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
    # iptables -I OUTPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
    # service iptables save

  4. Enable access to the Spacewalk Server 2.2 repository on the Oracle Linux yum server server at https://yum.oracle.com.

    Download the latest yum repository configuration file (https://yum.oracle.com/public-yum-ol6.repo) to the yum repositories directory (by default /etc/yum.repos.d) and enable the ol6_spacewalk22_server repository in that file.

    Alternatively, you can create a yum repository configuration file, for example /etc/yum.repos.d/spacewalk22.repo, with the following content:

    [ol6_spacewalk22_server]
    name=Spacewalk Server 2.2 for Oracle Linux 6 ($basearch)
    baseurl=https://yum.oracle.com/repo/OracleLinux/OL6/spacewalk22/server/$basearch/
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
    gpgcheck=1
    enabled=1
  5. Install the Spacewalk server packages that are configured to use Oracle Database:

    # yum install spacewalk-oracle

    You can safely ignore any SELinux restorecon messages that are displayed when the packages are installed.

    Optionally, you can also install the spacewalk-utils and spacecmd packages if you want to use commands such as spacecmd, spacewalk-common-channels, spacewalk-hostname-rename, or spacewalk-sync-setup.

    # yum install spacewalk-utils spacecmd

    spacecmd allows you to administer Spacewalk from the command line. You can manage activation keys, configuration channels, Kickstarts, software channels, systems, and users.

    spacewalk-common-channels allows you to configure the software channels, the Oracle Linux yum server repositories, GPG keys, and activation keys for Oracle Linux from the command line.

    spacewalk-hostname-rename allows you to regenerate the SSL certificate if you change the system's host name.

    spacewalk-sync-setup allows you configure a master-slave relationship between two Spacewalk servers that you want to use in an Inter-Server Synchronization (ISS) configuration. See Chapter 4, Configuring Inter-Server Synchronization.

  6. Configure Spacewalk to use the Oracle database by running spacewalk-setup --disconnected --external-oracle.

    The following example shows an interactive configuration.

    Note

    The value that you specify for Organization Unit must be the FQDN of the server in DNS, which must be the same as the system's host name.

    sw_user and sw_passwd are the Spacewalk user name and password that you configured for Oracle Database.

    The value expected for the database service name (SID) is the global database name and not the value of ORACLE_SID.

    # spacewalk-setup --disconnected --external-oracle
     * Setting up SELinux..
     * Setting up Oracle environment.
     * Setting up database.
     ** Database: Setting up database connection for Oracle backend.
     Database service name (SID)? orcl.mydom.com
     Database hostname [localhost]? spacewalk-db.mydom.com
     Username? sw_user
     Password? sw_passwd 
     Database: Testing database connection. 
     ** Database: Populating database. 
     *** Progress: ############################################################ 
     * Setting up users and groups. 
     ** GPG: Initializing GPG and importing key. 
     ** GPG: Creating /root/.gnupg directory 
     You must enter an email address. 
     Admin Email Address? my.email@mydom.com 
     * Performing initial configuration. 
     * Activating Spacewalk. 
     ** Loading Spacewalk Certificate. 
     ** Verifying certificate locally. 
     ** Activating Spacewalk. 
     * Enabling Monitoring. 
     * Configuring apache SSL virtual host. 
     Should setup configure apache's default ssl server for you (saves original ssl.conf) [Y]? y 
     ** /etc/httpd/conf.d/ssl.conf has been backed up to ssl.conf-swsave 
     * Configuring tomcat. 
     ** /etc/sysconfig//tomcat6 has been backed up to tomcat6-swsave 
     ** /etc/tomcat6//server.xml has been backed up to server.xml-swsave 
     ** /etc/tomcat6//web.xml has been backed up to web.xml-swsave 
     * Configuring jabberd. 
     * Creating SSL certificates. 
     CA certificate password? cert_passwd
     Re-enter CA certificate password? cert_passwd
     Organization? Oracle Demo
     Organization Unit [spacewalk.domain.com]? spacewalk.mydom.com
     Email Address [your.email@domain.com]? my.email@mydom.com
     City? Redwood Shores
     State? CA
     Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? US
     ** SSL: Generating CA certificate. 
     ** SSL: Deploying CA certificate. 
     ** SSL: Generating server certificate. 
     ** SSL: Storing SSL certificates. 
     * Deploying configuration files. 
     * Update configuration in database. 
     * Setting up Cobbler.. 
     Processing /etc/cobbler/modules.conf 
     `/etc/cobbler/modules.conf' -> `/etc/cobbler/modules.conf-swsave' 
     Processing /etc/cobbler/settings `/etc/cobbler/settings' -> `/etc/cobbler/settings-swsave' 
     cobblerd does not appear to be running/accessible 
     Cobbler requires tftp and xinetd services be turned on for PXE provisioning functionality.
     Enable these services [Y]? y
     cobblerd does not appear to be running/accessible 
     * Restarting services. 
     Installation complete. 
     Visit https://spacewalk.mydom.com to create the Spacewalk administrator account.
  7. Verify that the Spacewalk services are running correctly.

    # spacewalk-service status
    router (pid 1556) is running...
    sm (pid 1566) is running...
    c2s (pid 1576) is running...
    s2s (pid 1585) is running...
    tomcat6 (pid 1499) is running...                           [  OK  ]
    httpd (pid  1543) is running...
    osa-dispatcher (pid  1620) is running...
    rhn-search is running (1649).
    cobblerd (pid 1766) is running...
    RHN Taskomatic is running (1797).

    The process IDs on your system are likely to be different from those shown in this example.

  8. Point a browser at the Spacewalk server URL mentioned in the output and create the Spacewalk administrator account.

  9. If you want to use third-party CA-signed SSL certificate instead of the self-signed SSL certificate, follow the procedure given in Chapter 3, Replacing SSL Certificates on Spacewalk Servers or Spacewalk Proxies.

    Note

    Oracle recommends that you replace the self-signed SSL certificate before registering any clients. Otherwise, you must log on separately to each existing client and configure it to use the new SSL certificate. You cannot do this from the Spacewalk server.

  10. Oracle recommends that you register the Spacewalk server as a client of itself after you have set up the software channels. Include the Spacewalk Server 2.2 channel in the list of software channels to which the server is subscribed.