Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
documentation.suse.com / SUSE Linux Enterprise Server Documentation / RMT Guide / Configuring clients to use RMT
Applies to SUSE Linux Enterprise Server 15 SP3

5 Configuring clients to use RMT

Any machine running SUSE Linux Enterprise 12 or newer can be configured to register against RMT and download software updates from there, instead of communicating directly with the SUSE Customer Center.

Tip
Tip: Register with RMT server over HTTP

We recommend registering with the RMT server over a secured HTTPS protocol (all examples in this documentation use it). However, you can also register with the RMT server over an insecure HTTP protocol. Use this approach only if your setup benefits from it and only in a trusted environment where security is not crucial.

To configure clients to use the RMT server, use one of the following methods:

Tip
Tip: CA certificate

If you need the CA certificate of the RMT server, find it at /etc/rmt/ssl/rmt-ca.crt and https://RMT_SERVER/rmt.crt.

5.1 Configuring clients with boot parameters

Any client can be configured to use RMT by providing the regurl parameter during machine boot.

The parameter needs to be entered as regurl=RMT_SERVER_URL. The URL needs to be in the following format: https://FQDN with FQDN being the fully qualified host name of the RMT server. It must be identical to the FQDN of the server certificate used on the RMT server. Example:

regurl=https://rmt.example.com
Warning
Warning: Beware of typing errors

Make sure the values you enter are correct. If regurl has not been specified correctly, the registration of the update source will fail.

Note
Note: Change of RMT server certificate

If the RMT server gets a new certificate from an untrusted CA, the clients need to retrieve the new CA certificate file. YaST displays a dialog for importing a new certificate. If you confirm importing the new certificate, the old one is replaced with the new one.

5.2 Configuring clients with AutoYaST profile

Clients can be configured to register with RMT server via AutoYaST profile. For general information about creating AutoYaST profiles and preparing automatic installation, refer to the AutoYaST Guide. In this section, only RMT specific configuration is described.

To configure RMT specific data using AutoYaST, follow the steps for the relevant version of RMT client.

  1. As root, start YaST and select Miscellaneous › Autoinstallation to start the graphical AutoYaST front-end.

    From a command line, you can start the graphical AutoYaST front-end with the yast2 autoyast command.

  2. Open an existing profile using File › Open, create a profile based on the current system's configuration using Tools › Create Reference Profile, or work with an empty profile.

  3. Select Software › Product Registration. An overview of the current configuration is shown.

  4. Click Edit.

  5. Check Register the Product, set the URL of the RMT server in Use Specific Server URL Instead of the Default, and you can set the Optional SSL Server Certificate URL. The possible values for the server URL are the same as for the kernel parameter regurl. For the SSL certificate location, you can use either HTTP or HTTPS based URLs.

  6. Perform all other configuration needed for the systems to be deployed, then click Finish to return to the main screen.

  7. Select File › Save As and enter a file name for the profile, such as autoinst.xml.

5.3 Configuring clients with rmt-client-setup

The /usr/share/rmt/public/tools/rmt-client-setup script is provided in the package rmt-server. This script allows you to configure a client machine to use an RMT server. It can also be used to reconfigure an existing client to use a different RMT server.

To configure a client machine to use RMT with rmt-client-setup, follow these steps:

  1. Download rmt-client-setup from the RMT server:

    # curl http://RMT_SERVER/tools/rmt-client-setup --output rmt-client-setup
  2. Run the script with the URL of the RMT server as parameter.

    # sh rmt-client-setup https://RMT_SERVER/

    Executing this script will import the RMT CA's certificate into the trusted store.

    Alternatively, you can specify the correct fingerprint or path to the server certificate. For details, see sh rmt-client-setup --help.

  3. The script downloads the server's CA certificate. Accept it by pressing Y. The tool now performs all necessary modifications on the client.

  4. Use SUSEConnect to add more products. For details, run SUSEConnect --help .

5.4 Configuring clients with YaST

To configure a client to perform the registration against an RMT server use the YaST Product Registration module yast2 registration.

On the client, the credentials are not necessary and you may leave the relevant fields empty. Click Local Registration Server and enter its URL. Then click Next until the exit from the module.

5.5 Configuring clients for custom stand-alone repositories

If you created a custom stand-alone repository on the RMT server, it will not be registered on client machines with SUSEConnect because it has no parent product.

To add the repository manually, follow these steps:

  1. Point your Web browser to the following RMT server URL:

    https://RMT_SERVER_HOSTNAME/repo/
  2. Navigate the browser through the directory structure to your custom repository's repodata/ subdirectory.

  3. On the client machine, add the discovered repository URL:

    > sudo zypper ar CUSTOM_REPO_URL CUSTOM_REPO_NAME

5.6 Listing accessible repositories

To list available modules and repositories, use SUSEConnect --list-extensions. Alternatively, you can also browse the directory listing of the RMT server by visiting https://RMT_SERVER/repo/ and its subdirectories.

5.7 Online migration of SUSE Linux Enterprise clients

SUSE Linux Enterprise clients registered against RMT can be migrated online to the latest service pack of the same major release the same way as clients registered against SUSE Customer Center. Before starting the migration, make sure that RMT has the required products available and mirrored.

For detailed information on the online migration, see Chapter 1, Upgrade paths and methods.