Set Up the SUSE Manager for Retail Environment using containerized proxy

To set up the SUSE Manager for Retail environment, you will need to have already installed and configured:

  • SUSE Manager for Retail Server 4.3 or newer

  • one or more SUSE Manager for Retail containerized proxies

  • one or more SUSE Manager build host

This section covers how to configure your environment using containerized SUSE Manager Proxy for Saltboot deployment.

Containerized workflow requires POS images build using SUSE Manager Server 4.3 or newer. Older images will not work.

Containerized workflow not longer implicitly configure DHCP for PXE booting. See DHCPd Formula how to use DHCP formula to configure DHCP server.

Without using DHCP formula, make sure your DHCP server has correct PXE booting setting pointing to containerized proxy. See below for example.

1. Assumptions

In this example we are going to use branch id B0001.

As a terminal we assume to have one terminal with hardware manufacturer TerminalOEM and model T1000.

For POS image we assume to have one with name POS_Image_JeOS7.

2. Create required system groups

Follow guide 系统组 to create the system groups:

  • TERMINALS

  • HWType:TerminalOEM-T1000

  • B0001

First group is generic optional group for collecting all POS terminals. Second group is hardware type group for our POS terminal. Third group is mandatory branch group.

For more information about Saltboot groups, see Set Up the SUSE Manager for Retail Environment.

We assign Saltboot Group formula to group B0001 we just created. With this, our branch group is converted to Saltboot Group.

3. Saltboot group

Containerized SUSE Manager for Retail is configured in Saltboot Group.

Saltboot Groups are branch groups, system group with branch id as its name, with Saltboot Group formula enabled.

saltboot group

Saltboot Group formula is a successor of Branch Network formula, PXE formula and TFTP formula used in regular SUSE Manager for Retail setups.

Name of the Saltboot group is automatically used as a branch id, an identifier for group of machines booted through particular containerized SUSE Manager Proxy.

All Saltboot deployed machines though containerized proxy will automatically became members of its Saltboot group.

To connect Saltboot group with containerized proxy fill Image Download Server entry with Fully Qualified Domain Name (FQDN) of the containerized proxy.

With this, mandatory configuration is finished. The rest of configuration is optional.

3.1. Default boot image

Configure Default boot image for new registrations to specify what boot image should be booted by not yet registered POS terminal. This is useful when stable boot image is wanted for initial deployments. Without this setting, newest built boot image is used as default boot image.

If Default boot image for new registrations is set, option to set its version appears under name Default boot image version where specific image version can be set.

3.2. Kernel option for the Saltboot group

Option Kernel parameters for the group can be used to pass extra kernel options to all POS terminals registered withing this Saltboot group.

3.3. Naming scheme for new registrations

Last three options are related to how will be newly registered machine visible in SUSE Manager Server.

See Terminal Names for explanation of possible configurations.

4. Comparing containerized and non-containerized workflows

External DHCP service must be used with containerized Saltboot.

For more information about how to enable PXE booting in DHCP service, see Set Up the SUSE Manager for Retail Environment.

Containerized workflow relies on updated image building in SUSE Manager Server 4.3 where PXE images are no longer collected as bundle, but kernel, initrd and filesystem image are collected individually.

Containerized workflow uses new TFTP container which instead of providing files present on the proxy, routes TFTP requests as HTTP requests through local proxy to SUSE Manager Server.

Containerized proxy is not a Salt client, it is not possible to call image-sync state.

Once POS image is build and made available on SUSE Manager Server, it is immediately available to the Saltboot clients as well. Image synchronization is not needed, nor available. This may have implications on how images are deployed to production.

The following sections differentiate between containerized and regular workflow. Both are assuming proxy (containerized or in form of SUSE Manager for Retail Branch Server) are available.

Containerized workflow:

  1. Build POS image

  2. Configure DHCP server for PXE booting for given network

  3. Create Saltboot group and configure it for existing containerized proxy

  4. Boot system to be deployed

Non-Containerized workflow:

  1. Build POS image

  2. Configure and apply Retail formulas on SUSE Manager for Retail Branch server

  3. Apply highstate state on the Branch server

  4. Create branch group with the name of Branch ID as set in retail formulas

  5. Apply image-sync state on configured SUSE Manager for Retail Branch server

  6. Boot system to be deployed

5. Validating Saltboot group configuration

Containerized Saltboot utilizes Cobbler system underneath for managing PXE and UEFI configuration.

When new PXE image is built (such as SUSE Manager for Retail POS_Image_JeOS images) cobbler distro and cobbler profile are automatically generated for this image.

For example when first image POS_Image_JeOS version 7.0.0 is build under organization with number 1 cobbler list will show:

# cobbler list

distros:
   1-POS_Image_JeOS7-7.0.0-1

profiles:
   1-POS_Image_JeOS7-7.0.0-1

These entries contain information about kernel and initrd. These entries are however not yet available for PXE booting.

Only when Saltboot group is created, new Cobbler profile is created for this Saltboot group which points to cobbler distro based on default boot image configuration.

For example, when system group B0001 is created and Saltboot group formula is assigned and configured for this group, new Cobbler profile is created.

# cobbler list

distros:
   1-POS_Image_JeOS7-7.0.0-1

profiles:
   1-POS_Image_JeOS7-7.0.0-1
   1-B0001

When inspecting this new group using command cobbler profile report --name 1-B0001 details of this profile reveal configuration of this Saltboot group.

# cobbler profile report --name 1-B0001

Name                           : 1-B0001
Comment                        : Saltboot group B0001 of organization SUSE default profile
Distribution                   : 1-POS_Image_JeOS7-7.0.0-1
Kernel Options                 : {'MASTER': ['downloadserver.example.org'], 'MINION_ID_PREFIX': ['B0001']}

Kernel options in example are always present and are internal for Saltboot functionality.

With this information Cobbler is able to generate required PXE and UEFI Grub configurations which can be checked in /srv/tftpboot/pxelinux.cfg/default and /srv/tftpboot/grub/x86_64_menu_items.cfg.

These files contain the end result which will be used by PXE client when determining what to boot and with what parameters.