SUSE Multi-Linux Manager 5.1 Server Deployment
This guide shows you how to install and configure a SUSE Multi-Linux Manager 5.1 container on SL Micro 6.1 or SUSE Linux Enterprise Server 15 SP7.
1. SUSE Multi-Linux Manager 的硬件要求
下表显示了在裸机上部署 SUSE Multi-Linux Manager 服务器所要满足的软件和硬件要求。在本指南中,您的计算机应具有 16 GB RAM 和至少 200 GB 磁盘空间。有关磁盘空间的背景信息,请参见 硬件要求。
Software and Hardware | Recommended |
---|---|
Operating System |
SL Micro 6.1 or SUSE Linux Enterprise Server 15 SP7 |
Architecture |
x86-64, ARM, s390x, ppc64le |
Processor (CPU) |
Minimum of four (4) 64-bit CPU cores |
RAM |
16 GB |
Disk Space |
200 GB |
Channel Requirements |
50 GB per SUSE or openSUSE product 360 GB per Red Hat product |
Swap space: |
8 to 12 GB |
服务器容器主机支持的操作系统
The supported operating system for the container host is SL Micro 6.1 or SUSE Linux Enterprise Server 15 SP7.
|
必须使用完全限定的域名 (FQDN) 才能完成服务器部署。如果您的路由器或网络无法为 FQDN 提供自动 DNS 置备,则部署过程将无法成功进行。FQDN 通常采用 <主机>.<域>.com 格式。 例如:
有关详细信息,请参见 网络要求 中有关网络要求的章节。 |
2. 永久性卷
SUSE Multi-Linux Manager 5.1 默认会定义所需的永久性存储卷。如果尚不存在,在安装期间 mgradm
工具将创建这些卷。
将在 /var/lib/containers/storage/volumes/
中创建这些卷,默认情况下,Podman
也会将其卷存储到此路径。
建议
您可以通过将外部存储设备挂载到此目录来利用存储的简便性。由于这样会存储 PostgreSQL 数据库、储存库的二进制软件包、缓存、操作系统映像、自动安装发行套件和配置文件,我们提出了三项建议:
|
有关容器中所有永久性卷的列表,请参见 Persistent Container Volumes。
3. Prepare SUSE Multi-Linux Manager Server Host
You can deploy SUSE Multi-Linux Manager on SL Micro 6.1 or SUSE Linux Enterprise Server 15 SP7. SL Micro is a transactional system, while SUSE Linux Enterprise Server is a full server operating system.
Depending on your decision, either continue with Prepare SL Micro 6.1 Host or with Prepare SUSE Linux Enterprise Server 15 SP7 Host and skip the not selected section.
3.1. Prepare SL Micro 6.1 Host
3.1.1. Download the installation media
-
Locate the SL Micro 6.1 installation media at https://www.suse.com/download/sle-micro/, and download the appropriate media file.
-
将下载下来的
.iso
映像放入一个 DVD 或 USB 闪存盘以进行安装。
3.1.2. Install SL Micro 6.1
For more information about preparing your machines (virtual or physical), see the SL Micro Deployment Guide.
-
Insert the DVD or USB flash drive (USB disk or key) containing the installation image for SLE Micro 6.1.
-
引导或重引导您的系统。
-
使用箭头键选择
安装
。 -
Adjust Keyboard and language.
-
单击
复选框
接受许可协议。 -
单击
下一步
继续。 -
选择注册方法。在本示例中,我们将在 SUSE Customer Center 中注册服务器。
SUSE Multi-Linux Manager 5.1 容器会安装为扩展。根据以下列出的所需特定扩展,您还需要有各个扩展的 SUSE Customer Center 注册代码。
-
SUSE Multi-Linux Manager 5.1 服务器
-
SUSE Multi-Linux Manager 5.1 代理
-
SUSE Multi-Linux Manager 5.1 Retail Branch Server
The SL Micro 6.1 entitlement is included within the SUSE Multi-Linux Manager entitlement, so it does not require a separate registration code.
-
-
输入您的 SUSE Customer Center 电子邮件地址。
-
Enter your registration code for SL Micro 6.1.
-
单击
下一步
继续。 -
To install a proxy, select the SUSE Multi-Linux Manager 5.1 Proxy extension; to install a server, select the SUSE Multi-Linux Manager 5.1 Server extension
Checkbox
. -
单击
下一步
继续。 -
Enter your SUSE Multi-Linux Manager 5.1 extension registration code.
-
单击 下一步 继续。
-
在
NTP 配置
页面上,单击 下一步。 -
在
系统身份验证
页面上,输入 root 用户的口令。单击 下一步。 -
在
安装设置
页面上单击 安装。
This concludes installation of SL Micro 6.1 and SUSE Multi-Linux Manager 5.1 as an extension.
3.1.3. OPTIONAL: Registration from the command line
If you added SUSE Multi-Linux Manager 5.1 as an extension during SL Micro 6.1 installation then you can skip this procedure. However, optionally you may skip registration during SL Micro 6.1 installation by selecting the Skip Registration button. This section provides steps on registering your products after SL Micro 6.1 installation.
The following steps register a SUSE Multi-Linux Manager 5.1 extension with the x86-64 architecture and thus require a registration code for the x86-64 architecture. To register ARM or s390x architectures use the correct registration code. |
-
List available extensions with the following command:
transactional-update --quiet register --list-extensions
-
From the list of available extensions, select the one you wish to install:
-
If installing the Server, use your SUSE Multi-Linux Manager Server Extension 5.1 x86_64 registration code with following command:
transactional-update register -p Multi-Linux-Manager-Server/5.1/x86_64 -r <reg_code>
-
If installing the Proxy, use your SUSE Multi-Linux Manager Proxy Extension 5.1 x86_64 registration code with following command:
transactional-update register -p Multi-Linux-Manager-Proxy/5.1/x86_64 -r <reg_code>
-
-
重引导。
3.1.4. 更新系统
-
以 root 身份登录。
-
运行 transactional-update:
transactional-update
-
重引导。
SL Micro is designed to update itself automatically by default and will reboot after applying updates. However, this behavior is not desirable for the SUSE Multi-Linux Manager environment. To prevent automatic updates on your server, SUSE Multi-Linux Manager disables the transactional-update timer during the bootstrap process. If you prefer the SL Micro default behavior, enable the timer by running the following command:
|
To continue with deployment, see 配置自定义永久性存储.
3.2. Prepare SUSE Linux Enterprise Server 15 SP7 Host
Alternatively, you can deploy SUSE Multi-Linux Manager on SUSE Linux Enterprise Server 15 SP7.
The following procedure describes the main steps of the installation process.
-
Locate and download SUSE Linux Enterprise Server 15 SP7
.iso
at https://www.suse.com/download/sles/. -
Make sure that you have regsistration codes both for the host operating system (SUSE Linux Enterprise Server 15 SP7) and extensions
-
Start the installation of SUSE Linux Enterprise Server 15 SP7.
-
On the
Language, keyboard and product selection
select the product to install. -
On the
License agreement
read the agreement and checkI Agree to the License Terms
.
-
-
Select the registration method. For this example, we will register the server with SUSE Customer Center.
-
输入您的 SUSE Customer Center 电子邮件地址。
-
Enter your registration code for SUSE Linux Enterprise Server 15 SP7.
-
单击
下一步
继续。Please note that for SUSE Linux Enterprise Server 15 SP7, you are required to have a valid SUSE Linux Enterprise Server subscription and corresponding registration code, which you must provide on this screen. You will be required to enter the SUSE Multi-Linux Manager Extension registration code below.
-
In the screen
Extensions and Modules Selection
check the following:-
Select the SUSE Multi-Linux Manager Server Extension to install the Server, or the SUSE Multi-Linux Manager Proxy Extension to install the Proxy.
-
Basesystem Module
-
Containers Module
-
-
单击
下一步
继续。 -
Enter your SUSE Multi-Linux Manager 5.1 extension registration code.
-
单击 下一步 继续。
-
完成安装。
-
When the installation completes, log in to the newly installed server as root.
-
Update the System (optional, if the system was not set to download updates during install):
zypper up
-
重引导。
-
Log in as root and install
podman
plusmgradm
andmgradm-bash-completion
(if not already automatically installed):zypper install podman mgradm mgradm-bash-completion
-
Start the Podman service by rebooting the system, or running a command:
systemctl enable --now podman.service
To continue with deployment, see 配置自定义永久性存储.
4. 配置自定义永久性存储
配置永久性存储空间并非强制性要求,但这是唯一可避免在容器全盘空间用尽的情况下出现严重问题的方法。强烈建议您使用 mgr-storage-server
工具来配置自定义永久性存储空间。
有关详细信息,请参见 mgr-storage-server --help
。此工具可以简化容器存储和数据库卷的创建。
+
如下所示使用命令:
+
mgr-storage-server <storage-disk-device> [<database-disk-device>]
+
例如:
+
mgr-storage-server /dev/nvme1n1 /dev/nvme2n1
+
此命令将在 有关详细信息,请参见 |
5. Deploy SUSE Multi-Linux Manager with mgradm
If you want to use third-party SSL certificates instead of the self-signed certificates, import them in the run of the following deployment procedure. For more information about the requirements of third-party SSL certificates, see 导入 SSL 证书. |
SUSE Multi-Linux Manager server hosts that are hardened for security may restrict execution of files from the
In SUSE Multi-Linux Manager updates, tools will be changed to make this workaround unnecessary. |
mgradm
部署 SUSE Multi-Linux Manager 5.1-
以 root 身份登录。
-
Execute one of the following commands, depending on the SSL certificate variant (self-signed or third-party). Replace
<FQDN>
with your fully qualified domain name of the SUSE Multi-Linux Manager Server:-
Using self-signed certificates provided by SUSE Multi-Linux Manager:
mgradm install podman <FQDN>
-
With importing SSL certificates using third-party SSL certificate flags (the example can adjusted if not all these certificates are needed):
mgradm install podman <FQDN> \ --ssl-ca-intermediate <strings> \ --ssl-ca-root <string> \ --ssl-server-cert <string> \ --ssl-server-key <string> \ --ssl-db-ca-intermediate <strings> \ --ssl-db-ca-root <string> \ --ssl-db-cert <string> \ --ssl-db-key <string>
For more information, see
mgradm install podman --help
.
If the executed command fails ensure that you have registered SUSE Multi-Linux Manager 5.1. If you skipped registration during installation and now need to register from the command line, follow the steps below to log in to the registry:
podman login-u <电子邮件地址> -p <注册代码> registry.suse.com
根据提示使用 SUSE Multi-Linux Manager 5.1 注册密钥。
-
-
Enter CA key (certificate authority) and administrator account password when prompted.
管理员帐户口令长度必须至少为 5 个字符且不超过 48 个字符。
-
按 Enter。
-
输入管理帐户的电子邮件地址。按 Enter。
-
等待部署完成。
-
打开浏览器并访问您的服务器 FQDN。
-
输入您的用户名(默认为
admin
)以及在部署过程中设置的口令。
在本指南中,您已将 SUSE Multi-Linux Manager 5.1 服务器部署为容器。请继续阅读下一节来添加您的组织身份凭证,以便与 SUSE Customer Center 同步。
6. 将 SUSE Multi-Linux Manager 5.1 连接到 SUSE Customer Center
本节介绍如何通过 Web UI 与 SCC 同步,以及如何添加第一个客户端通道。
-
打开浏览器并访问您的服务器 FQDN。
-
输入您的用户名(默认为
admin
)以及在部署过程中设置的口令。 -
在 SUSE Multi-Linux Manager Web UI 中,选择
。 -
在
安装向导
页中,选择 组织身份凭证 选项卡。 -
单击 添加新身份凭证。
-
在浏览器中访问 SUSE Customer Center。
-
在左侧导航栏中选择您的组织。
-
在页面顶部选择用户选项卡,然后单击 组织身份凭证。
-
记下您的镜像身份凭证。
-
返回 SUSE Multi-Linux Manager Web UI,输入
用户名
和口令
,然后单击 保存 确认。
在系统以绿色打勾图标的形式确认身份凭证后,请继续执行过程:与 SUSE Customer Center 同步。
-
在 Web UI 中,导航到
。 -
在
安装向导
页面中选择SUSE 产品
选项卡。如果您最近在 SUSE Customer Center 中注册过产品,则表格中将开始填充产品列表。此操作可能需要几分钟时间才会完成。您可在右侧的从 SUSE Customer Center 刷新产品目录
部分监控该操作的进度。该产品表格会列出体系结构、通道和状态信息。有关详细信息,请参见 向导。 -
使用
按产品说明过滤
和按体系结构过滤
来过滤显示的产品列表。产品 页面上列出的通道将为客户端提供储存库。-
选中每个通道左侧的复选框将相应通道添加到 SUSE Multi-Linux Manager。单击说明左侧的箭头符号可以展开产品并列出可用模块。
-
单击页面顶部的 添加产品 开始产品同步。
-
添加通道后,SUSE Multi-Linux Manager 将安排该通道的同步。这可能需要较长时间,因为 SUSE Multi-Linux Manager 会将通道软件源从 SUSE Customer Center 中的 SUSE 储存库复制到您服务器本地的 /var/lib/containers/storage/volumes/var-spacewalk/
目录。
通道完全同步后,将自动为其生成引导储存库。此步骤对于成功引导客户端至关重要,可确保通道同步和分发能够在客户端正常运行。SUSE Multi-Linux Manager 的安装和配置,以及为引导客户端准备所需通道的过程到此完成。
通道同步过程完成后,可以继续注册 SUSE Multi-Linux Manager 5.1 代理或其他客户端。
有关详细说明,请参见 客户端注册。
7. 进入容器进行管理
要在容器内访问外壳,请在容器主机上运行以下命令:
mgrctl term