documentation.suse.com / SUSE Linux Enterprise Server Documentation / RMT Guide / RMT tools and configuration files
Applies to SUSE Linux Enterprise Server 15 SP3

6 RMT tools and configuration files

  

This chapter describes the most important scripts, configuration files and certificates shipped with RMT.

The rmt-cli command and its sub-commands are used to manage the mirroring of repositories, registration of clients, and reporting. systemd is used for starting, stopping, restarting the RMT service and for checking its status.

The basic configuration for RMT is stored in the /etc/rmt.conf.

6.1 RMT command line interface (rmt-cli)

  

6.1.1 Overview

  

The key command to manage the RMT is rmt-cli (/usr/bin/rmt-cli). The rmt-cli command should be used together with the sub-commands described in this section. If the rmt-cli command is used alone, it prints a list of all available sub-commands. To get help for individual sub-commands, use man rmt-cli or rmt-cli help [subcommand].

The following sub-commands are available:

rmt-cli sync

Synchronize database with SUSE Customer Center.

rmt-cli products

List and modify products.

rmt-cli repos

List and modify repositories.

rmt-cli mirror

Mirror repositories.

rmt-cli systems

List and modify systems.

rmt-cli import

Import commands for the offline mode.

rmt-cli export

Export commands for the offline mode.

rmt-cli version

Show RMT version.

The following sections explain each sub-command in detail.

6.1.2 sync

  

This command triggers synchronization with the SUSE Customer Center instantly. The command has no further options. Synchronization is also triggered each night by the systemd timer rmt-server-sync.timer.

During synchronization, no data is uploaded to the SUSE Customer Center. This command for example updates local product definitions and repository data.

6.1.3 products

  

List and modify products.

rmt-cli products list [--all] [--csv]

Lists the products that are enabled for mirroring. Use the --all flag to list all available products. Use the --csv flag to output the list in CSV format. ls can be used as a shortcut for list.

rmt-cli products enable [id | string] [--all-modules]

Enables mandatory repositories of a product by its ID or product string. The --all-modules flag enables all modules of a product instead of only the recommended ones.

rmt-cli products disable [id | string]

Disables all repositories of a product by its ID or product string.

6.1.4 repos

  
rmt-cli repos list [--all] [--csv]

Lists the repositories that are enabled for mirroring. Use the --all flag to list all available repositories. Use the --csv flag to output the list in CSV format. ls can be used as a shortcut for list.

rmt-cli repos enable [id]

Enables mirroring of a single repository by its ID.

rmt-cli repos disable [id]

Disables mirroring of a single repository by its ID.

rmt-cli repos clean

This command removes locally mirrored files of repositories that are not marked to be mirrored.

6.1.5 repos custom

  
rmt-cli repos custom list [--csv]

Lists all your custom repositories. Use the --csv flag to output the list in CSV format. ls can be used as a shortcut for list.

rmt-cli repos custom add [url] [name] [--id]

Adds a new custom repository. Use the --id flag to specify a custom alphanumeric ID.

rmt-cli repos custom enable [id]

Enables mirroring of a custom repository.

rmt-cli repos custom disable [id]

Disables mirroring of a custom repository.

rmt-cli repos custom remove [id]

Removes a custom repository.

rmt-cli repos custom products [id]

Lists the products attached to the custom repository with the given ID.

rmt-cli repos custom attach [id] [product id]

Attaches an existing custom repository to a product.

rmt-cli repos custom detach [id] [product id]

Detaches an existing custom repository from a product.

6.1.6 mirror

  
rmt-cli mirror

This command starts the mirroring process manually.

rmt-cli mirror all

This command mirrors all enabled repositories.

rmt-cli mirror repository [IDs]

This command mirrors enabled repositories by a list of IDs.

rmt-cli mirror product [IDs]

This command mirrors enabled repositories for a product by a list of IDs.

6.1.7 systems

  
rmt-cli systems list

This command lists registered systems.

rmt-cli systems scc-sync

This command forwards registered systems' data to SCC.

rmt-cli systems remove [TARGET]

This command removes a system from RMT as identified by the Login column of the output of the rmt-cli systems list command.

rmt-cli systems purge

This command lists and optionally deletes inactive systems. It has the following options:

  • --before DATE—lists systems that have been inactive since DATE until now. Default is the last 3 months.

  • --no-confirmation—allows the administrator to delete matching systems without confirmation. 

# rmt-cli systems purge --before 2021-06-16
+------------+----------+---------------------+---------------------+----------+
| Login      | Hostname | Registration time   | Last seen           | Products |
+------------+----------+---------------------+---------------------+----------+
| SCC_c5b0.. | 6e485e48b| 2021-06-11 13:38:07 | 2021-06-11 13:52:01 | SLES/15..|
| SCC_5fcf.. | node52   | 2021-06-15 13:29:24 | 2021-06-15 13:31:25 | SLES/15..|
+------------+----------+---------------------+---------------------+----------+
Do you want to delete these systems? (y/n) y
Purged systems that have not contacted this RMT since 2021-06-16.

6.1.8 import

  

This command is required for the offline mode. For details, see Section 4.7, “Exporting and importing repositories”.

rmt-cli import data [path]

Run this on the offline RMT to read the JSON files from the given path and fill the local database with data.

rmt-cli import repos [path]

Run this on the offline RMT to import RPM packages.

6.1.9 export

  

This command is required for the offline mode. For details, see Section 4.7, “Exporting and importing repositories”.

rmt-cli export data [path]

Run this on an online RMT to get the latest data from SUSE Customer Center and save the result as JSON files at the specified path.

rmt-cli export settings [path]

Run this on the offline RMT to save the settings for enabled repositories at a given path as repos.json.

rmt-cli export repos [path]

Run this regularly on the online RMT to mirror the set of repositories specified in the repos.json at the given path. The mirrored repository files are stored in subdirectories of the same path.

6.1.10 clean packages

  

The rmt-cli clean packages command removes locally mirrored dangling files and their database entries. A file is considered to be dangling if it matches all the following characteristics:

  • It exists in a repository directory with primary and metadata repomd.xml files.

  • It is no longer referenced in the metadata files.

  • It is at least 2 days old.

You can pass the following options to the rmt-cli clean packages command:

--dry-run

Generates a report of all affected files without actually cleaning them or their database entries.

--verbose

Prints detailed information about each cleaned file.

--non-interactive

Skips confirmation before proceeding with the cleaning process.

6.1.11 version

  

Display the version of rmt-cli.

6.2 RMT systemd commands

  

You can manage RMT-related services with the standard systemd commands. The RMT server has the following services and timers:

rmt-server.target

A systemd target that starts all required RMT components.

rmt-server.service

The RMT server.

rmt-server-migration.service

This service migrates the database to the newest schema, if required. There is no need to manually interact with this service.

rmt-server-sync.timer

This timer is responsible for periodically synchronizing all repository product data from the SUSE Customer Center.

rmt-server-mirror.timer

This timer is responsible for periodically synchronizing all RPMs from the SUSE Customer Center.

Use systemctl to control the RMT services and timers.

6.3 RMT configuration files

  

The main RMT configuration file is /etc/rmt.conf. You can set most of the options with the YaST RMT Server module.

6.3.1 /etc/rmt.conf

  

The only supported way of doing the initial configuration is with yast2 rmt as described in Section 2.4, “RMT configuration with YaST”. Only the proxy configuration needs to be entered manually. The other configuration parameters are documented for reference.

All available configuration options can be found in the /etc/rmt.conf file.

6.3.1.1 Mirroring settings

  

The mirroring section lets you adjust mirroring behavior.

mirror_src

Decides whether to mirror source RPM packages (architecture is src).

dedup_method

Creates hard links during mirroring when set to hardlink. If the file system does not support hard links, it can be set to copy instead. Possible values: hardlink, copy.

6.3.1.2 HTTP client settings

  

The http_client section defines the global HTTP connection settings of RMT.

verbose

Enables additional debug output to the systemd journal.

proxy

The proxy server URL including the protocol and the port number. For example: http://proxy_url:8080.

noproxy

A list of domains that should not go through the proxy, separated by commas. For example: localhost,.mylocaldomain.

proxy_auth

This setting determines the proxy authentication mechanism. Possible values are: none, basic, digest, gssnegotiate, ntlm, digest_ie, ntlm_wb.

proxy_user

The proxy server user name.

proxy_password

The proxy server password.

low_speed_limit

Lower speed limit when a download should be aborted in bytes/sec.

low_speed_time

Time until a download gets aborted, when download speed is below low_speed_limit.

6.3.1.3 Settings for accessing SUSE repositories

  

The scc section contains your mirroring credentials for contacting the SUSE Customer Center. To obtain your mirroring credentials, see Section 4.1, “Mirroring credentials”.

Valid configuration keys for the section are:

username

Mirroring credentials user name.

password

Mirroring credentials password.

6.3.1.4 Web server settings

  

The web_server section lets you tune the performance of your RMT server.

min_threads

Specifies the minimum number of threads that an RMT server worker should spawn.

Acceptable values: Integer greater than or equal to 1.

max_threads

Specifies the maximum number of threads that an RMT server worker should spawn.

Acceptable values: Integer greater than or equal to 1.

workers

Specifies the number of Web workers for RMT.

Acceptable values: Integer greater than or equal to 1.

6.3.2 SSL certificates and HTTPS

  

By default access to API endpoints consumed by SUSEConnect is limited to HTTPS only. nginx is configured to use an SSL certificate and a private key from the following locations:

  • Certificate: /etc/rmt/ssl/rmt-server.crt

  • Private key: /etc/rmt/ssl/rmt-server.key

The YaST RMT module generates a custom certificate authority which is used to sign HTTPS certificates. This means that to register, this certificate authority must be trusted by the client machines:

  • For registrations during installation from the media or with YaST Registration module, a message will appear, prompting to trust the server certificate.

  • For registering a client system on the command line, use the rmt-client-setup script. For details, see Section 5.3, “Configuring clients with rmt-client-setup.