Default Contact Method
The default contact method using the Salt protocol is recommended unless there are specific needs.
By default, the Salt Bundle implementation (venv-salt-minion
) will be deployed.
For more information about Salt in general, see Salt Guide Overview.
The default contact method (Default
) is the best scaling method.
All new SUSE Manager features are supported.
The so-called traditional contact protocol is no longer supported with SUSE Manager 5.0 and later. Before upgrading from SUSE Manager 4 to 5, any existing traditional clients including the traditional proxies must be migrated to Salt or replaced with Salt proxies. For more information about migrating traditional SUSE Manager 4 clients to Salt clients, see https://documentation.suse.com/suma/4.3/en/suse-manager/client-configuration/contact-methods-migrate-traditional.html |
Software updates are generally pushed from the server to the client. Connections are initiated from the client. This means you must open ports on the server, not on clients. The Salt clients are also known as Salt minions. SUSE Manager Server installs a daemon on every client.
If you need to use Salt clients in a disconnected setup you can configure SSH Push as a contact method. With this contact method, clients can be located in a firewall-protected zone called a DMZ. For more information about SSH Push, see SSH Push Contact Method.
1. Onboarding Details
Salt has its own database to keep the keys for the minions. This needs to be kept in sync with the SUSE Manager database. As soon as the key is accepted in Salt, the onboarding process in SUSE Manager starts.
The onboarding process will look for existing systems in the SUSE Manager database by searching for the minion_id
and the machine-id
.
Depending on the outcome, the following scenarios are possible:
-
If nothing is found, the new system gets created.
-
In case an entry with the
minion_id
or themachine-id
is found, that system will be migrated to match the new system. -
In case there is a match for both entries, and they are not the same system, the onboarding will be aborted with an error.
-
In this case the administrator needs to resolve the conflict by removing at least one of the systems.