Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
documentation.suse.com / SUSE Linux Enterprise Server Documentation / RMT Guide / RMT installation and configuration
Applies to SUSE Linux Enterprise Server 15 SP4

2 RMT installation and configuration

RMT is included in SUSE Linux Enterprise Server starting with version 15. Install RMT directly during the installation of SUSE Linux Enterprise Server or install it on a running system. After the packages are installed, use YaST to do an initial configuration.

Warning
Warning: RMT server will conflict with installation server

Configuring a server to be an RMT server installs and configures the NGINX Web server, listening on port 80.

However, configuring a machine to be an installation server automatically installs the Apache Web server and configures it to listen on port 80.

Do not try to enable both these functions on the same server. It is not possible for a single server to host both simultaneously.

2.1 Storage requirements

Downloaded packages are stored in /usr/share/rmt/public/repo, which is a symbolic link to /var/lib/rmt/public/repo/.

The amount of storage your RMT server requires is dependent on several variables: the number of repositories and architectures that you mirror, and the number of products that are enabled. As a general guide, 1.5 times the total size of all enabled repositories should be sufficient. This is about 200 GB per SUSE Linux Enterprise release, including all extensions.

2.2 Installation during system installation

To install it during installation, select the rmt-server package. The package selection is available in the Installation Settings step of the installation when selecting Software.

RMT pattern
Figure 2.1: RMT pattern

We recommend to check for available RMT updates immediately after installing SUSE Linux Enterprise Server using the zypper patch command. SUSE continuously releases maintenance updates for RMT, and newer packages are likely to be available.

2.3 Installation on an existing system

To install RMT on a running SUSE Linux Enterprise Server installation, use zypper:

> sudo zypper in rmt-server

2.3.1 Installation on Minimal VM

SUSE Linux Enterprise Server Minimal VM is a minimal customizable operating system that is designed for specific usage scenarios, for example, to be run as:

  • A container host

  • A virtual machine guest

  • An appliance base system

  • A small server image

Therefore, Minimal VM image is a good choice for being used as an RMT server. You can download SUSE Linux Enterprise Server Minimal VM images for KVM, Xen, Microsoft Hyper-V, VMware, and OpenStack from the public SUSE Linux Enterprise Server download page at https://www.suse.com/download/sles/. Find more information on Minimal VM at https://documentation.suse.com/sles/15-SP4/html/SLES-all/article-minimal-vm.html.

The installation of RMT on Minimal VM works identical to installing it on an already installed system (see Section 2.3, “Installation on an existing system”. To install RMT on Minimal VM, run the following command from the Minimal VM command line as root:

# zypper install rmt-server yast2-rmt
Important
Important: Hardware requirements

When installing RMT on Minimal VM, be aware that it requires a minimum of 100 GB disk space, depending on the products you select to mirror. Another requirement is a CPU with at least two cores and 2 GB of RAM memory.

2.4 Deploying RMT on top of the Kubernetes cluster

This section describes how to deploy RMT on top of the Kubernetes cluster. It uses Helm as the package manager to interact with the Kubernetes cluster. Find more details about using Helm at https://helm.sh/docs/intro/using_helm/.

2.4.1 Prerequisites

  • Running Kubernetes cluster

  • helm command configured to interact with the cluster

2.4.2 Application components

Each component of the RMT application is deployed in its own container. RMT consists of the following components:

RMT server

Containerized version of the RMT application server with the ability to pass its configuration via Helm values. Storage is done on a volume that will be allocated on the Kubernetes cluster. You need to adjust the size of the storage depending on the number of repositories you need to mirror.

MariaDB

The database back-end for RMT. RMT creates the required database and tables at start-up, therefore no specific post-installation task is required. If passwords are not specified in the values.yaml file, they are generated automatically.

Nginx

A Web server configured for RMT routes. Having a properly configured Web server allows you to target your Ingress traffic (for RMT) to this Nginx service directly. You do not need to configure Ingress for RMT specific paths handling, as Nginx is configured to take care of this itself.

2.4.3 The values.yaml file

The RMT chart includes the values.yaml file where all parameters are documented and their default values are defined. You can override these values by providing your own values file, for example:

> helm install rmtsle rmt/rmt-helm-0.1 -f myvalues-sle.yaml
Key: app.cronjob.mirror.schedule

Type: string

Default: "30 2 * * *"

Description: schedule for running the rmt-cli mirror command (actual package mirroring)

Key: app.cronjob.sync.schedule

Type: string

Default: "* 1 * * *"

Description: schedule for running the rmt-cli sync command (synchronizing with the SUSE database)

Key: app.image.pullPolicy

Type: string

Default: "Always"

Description:

Key: app.image.repository

Type: string

Default: "registry.suse.com/suse/rmt-server"

Description: RMT server image

Key: app.image.tag

Type: string

Default: "2.7"

Description: RMT server image tag

Key: app.init.image.pullPolicy

Type: string

Default: "Always"

Description:

Key: app.init.image.repository

Type: string

Default: "registry.suse.com/suse/rmt-mariadb-client"

Description:

Key: app.init.image.tag

Type: string

Default: "latest"

Description:

Key: app.mysql.host

Type: string

Default: nil

Description: MariaDB host to connect to (default target is the database container)

Key: app.scc.password

Type: string

Default: nil

Description: SUSE Customer Center password

Key: app.scc.username

Type: string

Default: nil

Description: SUSE Customer Center user name

Key: app.service.port

Type: int

Default: 4224

Description: RMT server port

Key: app.storage.class

Type: string

Default: "local-path"

Description:

Key: app.storage.size

Type: string

Default: "300Mi"

Description: RMT server storage volume requirement. This can vary depending on the number of modules to mirror.

Key: db.autoscaling.enabled

Type: bool

Default: false

Description:

Key: db.autoscaling.maxReplicas

Type: int

Default: 100

Description:

Key: db.autoscaling.minReplicas

Type: int

Default: 1

Description:

Key: db.autoscaling.targetCPUUtilizationPercentage

Type: int

Default: 80

Description:

Key: db.image.pullPolicy

Type: string

Default: "Always"

Description:

Key: db.image.repository

Type: string

Default: "registry.suse.com/suse/rmt-mariadb"

Description: Database image

Key: db.image.tag

Type: string

Default: "10.5"

Description: Database image tag

Key: db.mysql.database

Type: string

Default: "rmt"

Description: Database name

Key: db.mysql.password

Type: string

Default: nil

Description: Database password (automatically created if not specified)

Key: db.mysql.rootPassword

Type: string

Default: nil

Description: Database root password (automatically created if not specified)

Key: db.mysql.user

Type: string

Default: "rmt"

Description: Database user

Key: db.replicaCount

Type: int

Default: 1

Description:

Key: db.storage.class

Type: string

Default: "local-path"

Description:

Key: db.storage.size

Type: string

Default: "100Mi"

Description: Database storage volume space requirement

Key: front.image.pullPolicy

Type: string

Default: "Always"

Description:

Key: front.image.repository

Type: string

Default: "registry.suse.com/suse/rmt-nginx"

Description: Nginx image

Key: front.image.tag

Type: string

Default: "latest"

Description: Nginx image tag

Key: front.init.image.pullPolicy

Type: string

Default: "Always"

Description:

Key: front.init.image.repository

Type: string

Default: "registry.suse.com/bci/bci-micro"

Description:

Key: front.init.image.tag

Type: string

Default: "15.3"

Description:

Key: front.service.port

Type: int

Default: 80

Description: Nginx service port

Key: ingress.annotations

Type: object

Default: {}

Description:

Key: ingress.enabled

Type: bool

Default: false

Description:

Key: ingress.hosts[0]

Type: object

Default: {"host":"chart-example.local","paths":[{"path":"/","pathType":"Prefix"}]}

Description: DNS name at which the RMT service will be accessible from clients

Key: ingress.tls[0].hosts[0]

Type: string

Default: "chart-example.local"

Description: DNS name at which the RMT service will be accessible from clients

Key: ingress.tls[0].secretName

Type: string

Default: "rmt-cert"

Description:

Key: serviceAccount.annotations

Type: object

Default: {}

Description:

Key: serviceAccount.create

Type: bool

Default: true

Description:

Key: serviceAccount.name

Type: string

Default: ""

Description:

2.5 RMT configuration with YaST

Configure RMT with YaST as described in the following procedure. It is assumed that this procedure is executed on a newly installed system.

  1. Start YaST with the rmt module.

    > sudo yast2 rmt

    Alternatively, start YaST and select Network Services / RMT Configuration.

  2. Enter your organization credentials. To retrieve your credentials, refer to Section 4.1, “Mirroring credentials”.

  3. Enter credentials for a new MariaDB user and database name. This user will then be created. Then select Next.

    If a password for the MariaDB root user is already set, you are required to enter it. If no password is set for root, you are asked to enter a new one.

  4. Enter a common name for the SSL certificates. The common name should usually be the fully qualified domain name (FQDN) of the server. Enter all domain names and IP addresses with which you want to reach the RMT server as alternative common names.

    When all common names are entered, select Next.

    Tip
    Tip: Certificate locations for RMT
    • /etc/rmt/ssl/rmt-ca.crt

      This is the CA certificate bundle that yast2 rmt uses to certify the RMT server certificate. yast2 rmt will only create this file if it does not already exist.

    • /etc/rmt/ssl/rmt-server.crt and /etc/rmt/ssl/rmt-server.key

      yast2 rmt will only generate a new server certificate and private key if one does not already exist. To regenerate this certificate, refer to Section 8.1, “Regenerating HTTPS certificates”.

  5. If firewalld is enabled on this system, enable the check box to open the required ports.

    Enabling ports in firewalld
    Figure 2.2: Enabling ports in firewalld

    If firewalld is not enabled now and you plan to enable it later, you can always open relevant ports by running the yast2 rmt module.

    Tip
    Tip: Fine-tuning firewalld settings

    By clicking Firewall Details, you can open the relevant ports for specific network interfaces only.

    Continue with Next.

  6. To view the summary, click Next. Close YaST by clicking Finish. YaST then enables and starts all systemd services and timers.

2.6 Enabling SLP announcements

RMT includes the SLP service description file /etc/slp.reg.d/rmt-server.reg. To enable SLP announcements of the RMT service, follow these steps:

  1. If firewalld is running, open relevant ports and reload the firewalld configuration:

    > sudo firewall-cmd --permanent --add-port=427/tcp
    success
    > sudo firewall-cmd --permanent --add-port=427/udp
    success
    > sudo firewall-cmd --reload
  2. Verify that SLP server is installed and possibly install it:

    > sudo zypper install openslp-server
  3. Enable and start the SLP service:

    > sudo systemctl enable slpd.service
    > sudo systemctl restart slpd.service