Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]

14 Configuration

Only Configuration Administrators or SUSE Manager Administrators see the Main Menu › Configuration pages.

On this configuration pages, manage systems with configuration files, channels offering configuration files, and configartion files themselves. Centrally-managed files are available to multiple systems; locally-managed files are available to individual systems only.

Note
Note: Differences of System Types

Configuration Managment is available for both client system types, traditionally managed clients ([Management]) and Salt minions ([Salt]). Some traditional features are not suitable for Salt minions, and thus not available and excluded from the Web UI.

14.1 Configuration Management for Salt

Configuration Management is now enabled for Salt. The following matrix provides both supported and unsupported configuration management features.

Important
Important: Missing Web UI Options

Several Web UI tabs will be missing for Salt Configuration Management. These features are not suitable for Salt minions.

Table 14.1: Salt Configuration Management
Configuration Management FeaturesSalt Support Status

Global Configuration Channels

Supported

Deploying Files

Supported

Comparing Files

Supported (but the logic is currently inverted)

Locally Managed Files

Unsupported

Sandbox Files

Unsupported

Applying the Highstate

Apply the highstate and configuration channels will be deployed to all subscribed systems.

File Import from a Client

Unsupported

Configuration Macros

Unsupported

14.2 Preparing Systems for Configuration Management [Management]

To manage a traditional client’s configuration with SUSE Manager, it must have the appropriate tools and the config-enable file installed. These tools will be available if you installed the system with the configuration management functionality using AutoYaST or Kickstart. If not, they can be found in the Tools child channel for your distribution. Download and install the latest rhncfg* packages:

  • rhncfg — the base libraries and functions needed by all rhncfg-* packages,

  • rhncfg-actions — the RPM package required to run configuration actions scheduled via SUSE Manager,

  • rhncfg-client — the RPM package with a command line interface to the client features of the Configuration Management system,

  • rhncfg-management — the RPM package with a command line interface used to manage SUSE Manager configuration.

Installation of these packages can also be accomplished during bootstrapping if you enable Configuration File Deployment on the Details page of the activation key after creating that activation key. For more information about activation keys, see Section 7.9.1, “Managing Activation Keys”.

14.3 Overview

The Configuration Overview page shows all of the configuration files that are managed by your organization in SUSE Manager.

configuration overview

This list includes files that are managed centrally in configuration channels and files that are managed locally via individual system profiles.

Configuration Summary

The panel provides quick information about your configuration files. Click the blue text to the right to display relevant systems, channel details, or configuration files.

Configuration Actions

Configuration Actions offers direct access to the most common configuration management tasks. Deploy, compare, or create files on your systems.

Recently Modified Configuration Files

The list shows which files have changed when and to which channel they belong. If no files have been changed, no list appears. Click the name of a file to see its Details page. Click the channel name to see its Channel Details page.

File types that can appear here: * Spacewalk Icon Software Channels — Centrally-managed configuration file provided by a global configuration channel. * FA Desktop — [Management] Locally-managed configuration file, maybe overriding a centrally-managed file. * Spacewalk Icon Sandbox — [Management] Sandbox configuration file.

Recently Scheduled Configuration File Deployments

Each scheduled action is listed along with the status of the action. Any scheduled configuration task, from enabling configuration management on a system to deploying a specific configuration file, is displayed. Here you can quickly assess if all tasks have been successfully carried out or fix any problems. Clicking the blue text displays the System Details › Schedule page for the specified system.

14.4 Configuration Channels

As mentioned above, SUSE Manager manages both central and local configuration channels and files. Central configuration management allows you to deploy configuration files to multiple systems (both traditional clients ([Management]) and Salt minions ([Salt])). Local configuration management is available for traditional clients ([Management]) only and allows you to specify overrides or configuration files that are not changed by subscribing the system to a central channel.

A state channel is a type of a configuration channel but for Salt minion only. For a state channel, the init.sls file is not auto-generated, the user creates and edits it. Additionally, state channels can contain arbitrary configuration files that could be referenced from within the init.sls file. Therefore, state channels effectively replace custom states.

Note
Note: Referencing Configuration Files with Organization ID

You must reference configuration files with the salt:// prefix, the organization ID, and the channel name. For example, to reference /etc/motd use:

file.managed:  - source: salt://manager_org_1/`channel_name`/etc/motd

Central configuration or state channels must be created via the links on this page.

Click the name of the configuration channel to see the details page for that channel. If you click the number of files in the channel, you are taken to the List/Remove Files page of that channel. If you click the number of systems subscribed to the configuration channel, you are taken to the Configuration Channel Details › Systems › Subscribed Systems page for that channel.

To create a new central configuration channel:

Procedure: Creating Central Configuration Channel
  1. Click the Create Config Channel link in the upper right corner of this screen.

  2. Enter a name for the channel.

  3. Enter a label for the channel. This field must contain only letters, numbers, hyphens (-) and underscores (_).

  4. Enter a mandatory description for the channel that allows you to distinguish it from other channels. No character restrictions apply.

  5. Click the Create Config Channel button to create the new channel.

  6. The following page is a subset of the Channel Details page and has three tabs: Overview , Add Files , and Systems . The Channel Details page is discussed in Section 14.4.1, “Main Menu › Configuration › Configuration Channels › Configuration Channel Details.

To create a new state channel with an init.sls file:

Procedure: Creating State Channel [Salt]
  1. Click the Create State Channel link in the upper right corner of this screen.

  2. Enter a name for the channel.

  3. Enter a label for the channel. This field must contain only letters, numbers, hyphens (-) and underscores (_).

  4. Enter a mandatory description for the channel that allows you to distinguish it from other channels. No character restrictions apply.

  5. Enter the SLS Contents for the init.sls file.

  6. Click the Create Config Channel button to create the new channel.

  7. The following page is a subset of the Channel Details page and has four tabs: Overview, List/Remove Files, Add Files, and Systems. The Channel Details page is discussed in Section 14.4.1, “Main Menu › Configuration › Configuration Channels › Configuration Channel Details.

14.4.1 Main Menu › Configuration › Configuration Channels › Configuration Channel Details

Overview

The Overview page of the Configuration Channel Details page is divided into several panels.

Channel Information

The panel provides status information for the contents of the channel.

Configuration Actions

The panel provides access to the most common configuration tasks. For Salt minions, there is a link to edit the init.sls file.

Channel Properties [Management]

By clicking the Edit Properties link, you can edit the name, label, and description of the channel.

List/Remove Files

This page only appears if there are files in the configuration channel. You can remove files or copy the latest versions into a set of local overrides or into other central configuration channels. Check the box next to files you want to manipulate and click the respective action button.

Add Files

The Add Files page has three subtabs of its own, which allow you to Upload, Import, or Create configuration files to be included in the channel.

Upload File

To upload a file into the configuration channel, browse for the file on your local system, populate all fields, and click the Upload Configuration File button. The Filename/Path field is the absolute path where the file will be deployed.

You can set the Ownership via the user name and group name and the Permissions of the file when it is deployed.

If the client has SELinux enabled, you can configure SELinux contexts to enable the required file attributes (such as user, role, and file type).

If the configuration file includes a macro (a variable in a configuration file), enter the symbol that marks the beginning and end of the macro. For more information on using macros, see Section 14.5.2.1, “Including Macros in your Configuration Files”.

Import Files

To import files from other configuration channels, including any locally-managed channels, check the box to the left of any file you want to import. Then click the Import Configuration File(s) button.

Note
Note

A sandbox icon (Spacewalk Icon Sandbox) indicates that the listed file is currently located in a local sandbox. Files in a system’s sandbox are considered experimental and could be unstable. Use caution when selecting them for a central configuration channel.

Create File

Create a configuration file, directory, or symbolic link from scratch to be included in the configuration channel.

Procedure: Creating a Configuration File, Directory, or Symbolic Link From Scratch
  1. Choose whether you want to create a text file, directory, or symbolic link in the File Type section.

  2. In the Filename/Path text box, set the absolute path to where the file should be deployed.

  3. If you are creating a symbolic link, indicate the target file and path in the Symbolic Link Target Filename/Path text box.

  4. Enter the User name and Group name for the file in the Ownership section, and the File Permissions Mode.

  5. If the client has SELinux enabled, you can configure SELinux contexts to enable the required file attributes (such as user, role, and file type).

  6. If the configuration file includes a macro, enter the symbol that marks the beginning and end of the macro.

  7. Then enter the configuration file content in the File Contents field, using the script drop-down box to choose the appropriate scripting language.

  8. Click the Create Configuration File button to create the new file.

Deploy Files

This page only appears when there are files in the channel and a system is subscribed to the channel. Deploy all files by clicking the Deploy All Files button or check selected files and click the Deploy Selected Files button. Select to which systems the file(s) should be applied. All systems subscribed to this channel are listed. If you want to apply the file to a different system, subscribe it to the channel first. To deploy the files, click Confirm & Deploy to Selected Systems.

Systems

Manage systems subscribed to the configuration channel via two subtabs:

Subscribed Systems

All systems subscribed to the current channel are displayed. Click the name of a system to see the System Details page.

Target Systems

This subtab displays a list of systems enabled for configuration management but not yet subscribed to the channel. To add a system to the configuration channel, check the box to the left of the system’s name and click the Subscribe System button.

14.5 Configuration Files

This page allows you to manage your configuration files independently. Both centrally-managed and locally-managed files can be reached from sub-pages.

Note
Note: Maximum Size for Configuration Files

By default, the maximum file size for configuration files is 128 KB (131072 bytes). SUSE supports a configuration file size up to 1 MB; larger values are not guaranteed to work.

To change the file size limit, edit all the following files on the SUSE Manager server and edit or add the following variables:

# /usr/share/rhn/config-defaults/rhn_web.conf
web.maximum_config_file_size = 262144

# /usr/share/rhn/config-defaults/rhn_server.conf
maximum_config_file_size = 262144

# /etc/rhn/rhn.conf
web.maximum_config_file_size=262144
server.maximum_config_file_size=262144

Then restart spacewalk:

# spacewalk-service restart

14.5.1 Main Menu › Configuration › Configuration Files › Centrally-Managed Files

Centrally-managed files are available to multiple systems. Changing a file within a centrally-managed channel may result in changes to several systems. Locally-managed files supersede centrally-managed files. For more information about locally-managed files, see Section 14.5.2, “Main Menu › Configuration › Configuration Files › Locally-Managed Files [Management]”.

This page lists all files currently stored in your central configuration channel. Click the Path of a file to see its Details tab. Click the name of the Configuration Channel to see the channel’s Overview tab. Clicking Systems Subscribed shows you all systems currently subscribed to the channel containing that file. Click Systems Overriding to see all systems that have a local (or override) version of the configuration file. The centrally-managed file will not be deployed to those systems.

14.5.2 Main Menu › Configuration › Configuration Files › Locally-Managed Files [Management]

Locally-managed configuration files apply to only one system. They may be files in the system’s sandbox or files that can be deployed to the system at any time. Local files have higher priority than centrally-managed files. If a system is subscribed to a configuration channel with a given file and additionally has a locally-managed version of that file, the locally-managed version will be deployed.

The list of all local (override) configuration files for your systems includes the local configuration channels and the sandbox channel for each Provisioning-entitled system.

Click the Path of the file to see its Config File Details. Click the name of the system to which it belongs to see its System Details › Configuration › Overview page.

14.5.2.1 Including Macros in your Configuration Files

Being able to store one file and share identical configurations is useful, but what if you have many variations of the same configuration file? What do you do if you have configuration files that differ only in system-specific details, such as host name and MAC address?

Traditional file management would require to upload and distribute each file separately, even if the distinction is nominal and the number of variations is in the hundreds or thousands. SUSE Manager addresses this by allowing the inclusion of macros, or variables, within the configuration files it manages. In addition to variables for custom system information, the following standard macros are supported:

rhn.system.sid
rhn.system.profile_name
rhn.system.description
rhn.system.hostname
rhn.system.ip_address
rhn.system.custom_info(key_name)
rhn.system.net_interface.ip_address(eth_device)
rhn.system.net_interface.netmask(eth_device)
rhn.system.net_interface.broadcast(eth_device)
rhn.system.net_interface.hardware_address(eth_device)
rhn.system.net_interface.driver_module(eth_device)

To use this powerful feature, either upload or create a configuration file via the Configuration Channel Details page. Then open its Configuration File Details page and include the supported macros of your choice. Ensure that the delimiters used to offset your variables match those set in the Macro Start Delimiter and Macro End Delimiter fields and do not conflict with other characters in the file. We recommend that the delimiters be two characters in length and must not contain the percent (%) symbol.

For example, you may have a file applicable to all of your servers that differs only in IP address and host name. Rather than manage a separate configuration file for each server, you may create a single file, such as server.conf, with the IP address and host name macros included.

hostname={| rhn.system.hostname |}
ip_address={| rhn.system.net_interface.ip_address(eth0) |}

Upon delivery of the file to individual systems, whether through a scheduled action in the SUSE Manager Web interface or at the command line with the SUSE Manager Configuration Client (mgrcfg-client), the variables will be replaced with the host name and IP address of the system as recorded in SUSE Manager’s system profile. In the above example configuration file the deployed version resembles the following:

hostname=test.example.domain.com
ip_address=177.18.54.7

To capture custom system information, insert the key label into the custom information macro (rhn.system.custom_info). For example, if you developed a key labeled asset you can add it to the custom information macro in a configuration file to have the value substituted on any system containing it. The macro would look like this:

asset={@ rhn.system.custom_info(asset) @}

When the file is deployed to a system containing a value for that key, the macro gets translated, resulting in a string similar to the following:

asset=Example#456

To include a default value, for example, if one is required to prevent errors, you can append it to the custom information macro, like this:

asset={@ rhn.system.custom_info(asset) = 'Asset #' @}

This default is overridden by the value on any system containing it.

Using the SUSE Manager Configuration Manager (mgrcfg-manager) will not translate or alter files, as this tool is system agnostic. mgrcfg-manager does not depend on system settings. Binary files cannot be interpolated.

14.6 Systems

This page displays status information about your system in relation to configuration. There are two sub-pages: Managed Systems and Target Systems.

14.6.1 Main Menu › Configuration › Systems › Managed Systems

By default the Managed Systems page is displayed. The listed systems have been fully prepared for configuration file deployment. The number of locally- and centrally-managed files is displayed. Clicking the name of a system shows its System Details › Configuration › Overview page. Clicking the number of local files takes you to the System Details › Configuration › View/Modify Files › Locally-Managed Files page, where you manage which local (override) files apply to the system. Clicking the number of centrally-managed files takes you to the System Details › Configuration › Manage Configuration Channels › List/Unsubscribe from Channels page. Here you unsubscribe from any channels you want.

14.6.2 Main Menu › Configuration › Systems › Target Systems

Here you see the systems either not prepared for configuration file deployment or not yet subscribed to a configuration channel. The table has three columns. The first identifies the system name, the second shows whether the system is prepared for configuration file deployment, and the third lists the steps necessary to prepare the system. To prepare a system, check the box to the left of the profile name then click the Enable SUSE Manager Configuration Management button. All of the preparatory steps that can be automatically performed are scheduled by SUSE Manager.

Note
Note

You will need to perform some manual tasks to enable configuration file deployment. Follow the on-screen instructions provided to assist with each step.

Print this page