4 Configuring Clients to Use RMT #
Any machine running SUSE Linux Enterprise 12 or newer can be configured to register against RMT and download software updates from there, instead of communicating directly with the SUSE Customer Center.
We recommend registering with the RMT server over a secured HTTPS protocol (all examples in this documentation use it). However, you can also register with the RMT server over an insecure HTTP protocol. Use this approach only if your setup benefits from it and only in a trusted environment where security is not crucial.
To configure clients to use the RMT server, use one of the following methods:
Provide the required information with boot parameters. See Section 4.1, “Configuring Clients with Boot Parameters”.
Configure the clients using an AutoYaST profile. See Section 4.2, “Configuring Clients with AutoYaST Profile”.
Use the
rmt-client-setup
command. See Section 4.3, “Configuring Clients withrmt-client-setup
”).Use the YaST registration module during installation or later. See Section 4.4, “Configuring Clients with YaST”.
If you need the CA certificate of the RMT server, find it at
/etc/rmt/ssl/rmt-ca.crt
and
https://RMT_SERVER/rmt.crt
.
4.1 Configuring Clients with Boot Parameters #
Any client can be configured to use RMT by providing the
regurl
parameter during machine boot.
The parameter needs to be entered as
regurl=RMT_SERVER_URL
. The URL
needs to be in the following format:
https://FQDN
with
FQDN being the fully qualified host name of the
RMT server. It must be identical to the FQDN of the server certificate
used on the RMT server. Example:
regurl=https://rmt.example.com
Make sure the values you enter are correct. If regurl
has not been specified correctly, the registration of the update source
will fail.
If the RMT server gets a new certificate from an untrusted CA, the clients need to retrieve the new CA certificate file. YaST displays a dialog for importing a new certificate. If you confirm importing the new certificate, the old one is replaced with the new one.
4.2 Configuring Clients with AutoYaST Profile #
Clients can be configured to register with RMT server via AutoYaST profile. For general information about creating AutoYaST profiles and preparing automatic installation, refer to the AutoYaST Guide. In this section, only RMT specific configuration is described.
To configure RMT specific data using AutoYaST, follow the steps for the relevant version of RMT client.
As
root
, start YaST and select › to start the graphical AutoYaST front-end.From a command line, you can start the graphical AutoYaST front-end with the
yast2 autoyast
command.Open an existing profile using
› , create a profile based on the current system's configuration using › , or work with an empty profile.Select
› . An overview of the current configuration is shown.Click
.Check
, set the URL of the RMT server in , and you can set the . The possible values for the server URL are the same as for the kernel parameterregurl
. For the SSL certificate location, you can use either HTTP or HTTPS based URLs.Perform all other configuration needed for the systems to be deployed, then click
to return to the main screen.Select
› and enter a file name for the profile, such asautoinst.xml
.
4.3 Configuring Clients with rmt-client-setup
#
The /usr/share/rmt/public/tools/rmt-client-setup
script is provided in the package rmt-server.
This script allows you to configure a client machine to use an RMT
server. It can also be used to reconfigure an existing client to use
a different RMT server.
To configure a client machine to use RMT with
rmt-client-setup
, follow these steps:
Download
rmt-client-setup
from the RMT server:#
curl http://RMT_SERVER/tools/rmt-client-setup --output rmt-client-setup
Run the script with the URL of the RMT server as parameter.
#
sh rmt-client-setup https://RMT_SERVER/
Executing this script will import the RMT CA's certificate into the trusted store.
Alternatively, you can specify the correct fingerprint or path to the server certificate. For details, see
sh rmt-client-setup --help
.The script downloads the server's CA certificate. Accept it by pressing Y. The tool now performs all necessary modifications on the client.
Use
SUSEConnect
to add more products. For details, runSUSEConnect --help
.
4.4 Configuring Clients with YaST #
To configure a client to perform the registration against an RMT server
use the YaST yast2 registration
.
On the client, the credentials are not necessary and you may leave the relevant fields empty. Click
and enter its URL. Then click until the exit from the module.4.5 Configuring Clients for Custom Stand-alone Repositories #
If you created a custom stand-alone repository on the RMT server, it will
not be registered on client machines with SUSEConnect
because it has no parent product.
To add the repository manually, follow these steps:
Point your Web browser to the following RMT server URL:
https://RMT_SERVER_HOSTNAME/repo/
Navigate the browser through the directory structure to your custom repository's
repodata/
subdirectory.On the client machine, add the discovered repository URL:
>
sudo
zypper ar CUSTOM_REPO_URL CUSTOM_REPO_NAME
4.6 Listing Accessible Repositories #
To list available modules and repositories, use SUSEConnect
--list-extensions
. Alternatively, you can also browse the
directory listing of the RMT server by visiting
https://RMT_SERVER/repo/
and its subdirectories.
4.7 Online Migration of SUSE Linux Enterprise Clients #
SUSE Linux Enterprise clients registered against RMT can be migrated online to the latest service pack of the same major release the same way as clients registered against SUSE Customer Center. Before starting the migration, make sure that RMT has the required products available and mirrored.
For detailed information on the online migration, see 第1章 「アップグレードパスと方法」.