Configuration Management

You can use configuration files and channels to manage configuration for your clients, rather than configuring each client manually.

Configuration parameters are scripted and stored in configuration files. You can write configuration files directly using the SUSE Manager Web UI, or you can upload or link to files that exist in other locations.

Configuration files can be centrally managed, or locally managed. Centrally managed configuration files are provided by global configuration channels and can be applied to any client subscribed to the SUSE Manager Server. Locally managed configuration files are used to override centrally managed configuration settings. They are especially useful for SUSE Manager users who do not have configuration administration privileges, but need to make changes to the clients that they manage.

Configuration channels are used to organise configuration files. You can subscribe clients to configuration channels, and deploy configuration files as required.

Configuration files are version-controlled, so you can add configuration settings, test them on your clients, and roll back to a previous revision as required. When you have created your configuration channels, you can also perform comparisons between various configuration files, and between revisions of the same configuration file.

Configuration files can be centrally managed, or locally managed. Centrally managed configuration files are provided by global configuration channels. Locally managed configuration files are created or uploaded to SUSE Manager directly.

The available configuration management features are different for Salt and traditional clients. This table shows the supported features on different client types:

Table 1. Configuration Management Supported Features
Feature Salt Traditional

Global Configuration Channels

Deploying Files

Comparing Files

Locally Managed Files

Sandbox Files

Applying the Highstate

File Import from a Client

Configuration Macros

Prepare Traditional Clients for Configuration Management

Traditional clients require some extra preparation to use configuration management. If you installed your traditional client with AutoYaST or Kickstart you probably already have the appropriate packages. For other traditional clients, ensure you have installed the relevant tools child channel for your client operating system. For more information about software channels, see client-configuration:channels.adoc.

The packages you require are:

  • mgr-cfg: base libraries and functions needed by all mgr-cfg-* packages

  • mgr-cfg-actions: required to run configuration actions scheduled via SUSE Manager.

  • mgr-cfg-client: provides a command line interface to the client features of the configuration management system.

  • mgr-cfg-management: provides a command line interface to manage SUSE Manager configuration.

You can install these packages during the bootstrap process by navigating to Systems  Activation Keys, clicking the activation key you intend to use during bootstrap, and checking the Configuration File Deployment option. For more information about activation keys, see client-configuration:activation-keys.adoc.

Create Configuration Channels

To create a new central configuration channel:

Procedure: Creating Central Configuration Channel

  1. In the SUSE Manager Web UI, navigate to Configuration  Channels, and click Create Config Channel.

  2. Type a name for the channel.

  3. Type a label for the channel. This field must contain only letters, numbers, hyphens (-) and underscores (_).

  4. Type a description for the channel that allows you to distinguish it from other channels.

  5. Click Create Config Channel to create the new channel.

You can also use a configuration channel to manage Salt states on Salt clients.

Procedure: Creating a Salt State Channel

  1. In the SUSE Manager Web UI, navigate to Configuration  Channels, and click Create State Channel.

  2. Type a name for the channel.

  3. Type a label for the channel. This field must contain only letters, numbers, hyphens (-) and underscores (_).

  4. Type a description for the channel that allows you to distinguish it from other channels.

  5. Type the SLS Contents for the init.sls file.

  6. Click Create Config Channel to create the new channel.

Add Configuration Files, Directories, or Symbolic Links

When you have created a configuration channel you can add a configuration file, directory, or symbolic link:

Procedure: Adding a Configuration File, Directory, or Symbolic Link

  1. In the SUSE Manager Web UI, navigate to Configuration  Channels, and click the name of the configuration channel that you want to add a configuration file to, and navigate to the Add Files  Create File subtab.

  2. In the File Type field, choose whether you want to create a text file, directory, or symbolic link.

  3. In the Filename/Path field, type the absolute path to the location where the file should be deployed.

  4. If you are creating a symbolic link, type the target file and path in the Symbolic Link Target Filename/Path field.

  5. Type the User name and Group name for the file in the Ownership field, and the File Permissions Mode.

  6. If the client has SELinux enabled, you can configure SELinux contexts to enable the required file attributes (for example: user, role, and file type).

  7. If the configuration file includes a macro, enter the symbol that marks the beginning and end of the macro.

  8. Enter the configuration file contents in the File Contents text box, using the script drop-down box to choose the appropriate scripting language.

  9. Click Create Configuration File.

Subscribe Clients to Configuration Channels

You can subscribe individual clients to configuration channels by navigating to Systems  System List, selecting the client you want to subscribe, and navigating to the Configuration tab. To subscribe multiple clients to a configuration channel, you can use the system set manager (SSM).

Procedure: Subscribing Multiple Clients to Configuration Channels

  1. In the SUSE Manager Web UI, navigate to Systems  Systems List and select the clients you want to work with.

  2. Navigate to Systems  System Set Manager, and go to the Configuration  Subscribe to Channels subtab to see the list of available configuration channels.

  3. OPTIONAL: Click the number in the Systems currently subscribed column to see which clients are currently subscribed to the configuration channel.

  4. Check the configuration channels you want to subscribe to, and click Continue.

  5. Rank the configuration channels using the up and down arrows. Where settings conflicts occur between configuration channels, channels closer to the top of the list take precedence.

  6. Determine how the channels are applied to the selected clients. Click Subscribe With Lowest Priority to add the new channels at a lower priority than currently subscribed channels. Click Subscribe with Highest Priority to add the new channels at a higher priority than currently subscribed channels. Click Replace Existing Subscriptions to remove existing channels and replace them with the new channels.

  7. Click Apply Subscriptions.

If new configuration channel priorities conflict with existing channels, the duplicate channel is removed and replaced according to the new priority. If the client’s configuration priorities are going to be reordered by an action, the Web UI requires you to confirm the change before proceeding.

Compare Configuration Files

You can also use the system set manager (SSM) to compare the configuration file deployed on clients with the configuration file stored on the SUSE Manager Server.

Procedure: Comparing Configuration Files

  1. In the SUSE Manager Web UI, navigate to Systems  Systems List and select the clients subscribed to the configuration files you want to compare.

  2. Navigate to Systems  System Set Manager, and go to the Configuration  Compare Files subtab to the list of available configuration files.

  3. OPTIONAL: Click the number in the Systems column to see which clients are currently subscribed to the configuration file.

  4. Check the configuration files to compare, and click Schedule File Comparison.

Keep Clients Updated

Example: SLS State for Keeping Clients Updated
include:
  - channels

int_keep_system_up2date_updatestack:
  pkg.latest:
    - pkgs:
      - salt
      - salt-minion
{%- if grains.os_family == 'Suse'%}
      - zypper
      - libzypp
{%- elif grains['os_family'] == 'RedHat' %}
{%- if grains['osmajorrelease'] >= 8 %}
      - dnf
{%- else %}
      - yum
{%- endif %}
{%- endif %}
    - require:
      - sls: channels
    - order: last

int_keep_system_up2date_pkgs:
  pkg.uptodate:
    - require:
      - sls: channels
      - pkg: int_keep_system_up2date_updatestack
    - order: last

int_reboot_if_needed:
  cmd.run:
    - name: shutdown -r +5
{%- if grains['os_family'] == 'RedHat' and grains['osmajorrelease'] >= 8 %}
    - onlyif: 'dnf -q needs-restarting -r; [ $? -eq 1 ]'
{%- elif grains['os_family'] == 'RedHat' and grains['osmajorrelease'] <= 7 %}
    - onlyif: 'needs-restarting -r; [ $? -eq 1 ]'
{%- elif grains['os_family'] == 'Debian' %}
    - onlyif:
      - test -e /var/run/reboot-required
{%- else %}
    - onlyif: 'zypper ps -s; [ $? -eq 102 ]'
{%- endif %}