Set Up the SUSE Manager for Retail Environment
To set up the SUSE Manager for Retail environment, you will need to have already installed and configured:
-
SUSE Manager for Retail Server
-
one or more SUSE Manager for Retail branch server proxies, or containerized proxy
-
one or more SUSE Manager build hosts
This section covers how to configure your SUSE Manager for Retail environment, including:
-
Prepare POS images
-
Prepare system groups
-
Configure services for Saltboot
-
Synchronize POS images to the branch servers
The very first time you set up the SUSE Manager for Retail environment, you will need to perform all configuration steps. You will need to revisit some of these steps later on as you are working with SUSE Manager for Retail.
For example, the first time you configure the branch server, you will need to have images prepared for synchronization. If you are configuring more than one branch server, you can use the same images across different branch servers.
If you have an existing environment, and need to build new images, you do not need to re-initialize the branches. You will need to synchronize the images, and can skip setting up the services on the branch server.
Usually, POS images are rebuild when updated packages are available, and synchronized to the branch servers before the update window opens.
1. Prepare and Build Terminal Images
For information about SUSE Manager image building, see 映像构建和管理.
SUSE Manager for Retail POS images are images specifically tailored for SUSE Manager for Retail environment and designed to be deployed using PXE booting mechanism.
1.1. POS Image Templates
As starting point, SUSE provides basic templates at https://github.com/SUSE/manager-build-profiles/tree/master/OSImage. These templates need to be adapted for specific usecases, for example by including specific applications, configuration settings, and users.
By default, POS templates do not include a system user. You will not be able to login as a user to a system that has been installed with a SUSE provided template. However you can use Salt to manage clients without a system user. You can use Salt to install a system user after the terminal has been deployed. |
1.2. SLES 11 SP 3 Terminals
SLES 11 reached end of life and is no longer supported and can stop working at any moment. |
POS Terminals based on SUSE Linux Enterprise Server 11 SP 3 can be deployed in much the same way as other terminals, with a few differences.
-
You must use the SLES 11 template
-
SLES 11 images need to be activated with the
SLES11 SP3 i586
andSLEPOS 11 SP3 i586
channels
Ensure that SLES 11 images are built on the SLES 11 build host. Building on the incorrect build host will cause your build to fail. If you are building images for SLES 11 using profiles from an HTTPS git repository that uses TLS 1.0 or greater, it will fail. SLES 11 does not support later versions of TLS. You will need to clone the repository locally to use it for building. |
2. Branch identification and architecture topology
Before you configure the branch server, ensure you have decided on networking topology and you choose branch id
.
For information about the possible network topologies, see Network Architecture.
As a branch id
select any alphanumerical string.
3. Required System Groups
SUSE Manager for Retail requires:
-
branch system group for every branch server proxy, using
branch id
as its name -
hardware type system group for every used hardware type, using
HWTYPE:
prefix in its name
For more information about hardware type groups, see Deployment basics.
Missing mandatory system group will cause terminal bootstrap to fail. |
SUSE Manager for Retail also recognizes two optional groups for better overview:
-
TERMINALS
-
SERVERS
You can create system groups using the SUSE Manager Web UI. Navigate to
and click Create System Group.For more information about system groups, see 系统组.
During terminal bootstrap terminal automatically joins:
-
branch system group based on received
branch_id
. This will make branch group formulas available to the terminal. -
HWType group based on SMBios information received from terminal. This will make Saltboot partitioning pillar available to the terminal.
-
TERMINALS
if this group exists.
SUSE Manager for Retail command line tools create required system groups and branch group automatically. |
In case you plan to use the branch server as a monitoring server with Prometheus, be aware that Prometheus demands additional hardware resources. For more information about installing Prometheus, see 使用 Prometheus 和 Grafana 进行监视. |
In case you plan to use the branch server with Ansible software, be aware that Ansible demands additional hardware resources. For more information about installing Ansible, see Ansible 集成. |
4. Configure Services for Saltboot
Saltboot technology is used to deploy POS images to the terminals. Saltboot consists of Saltboot enabled initrd (build as part of POS images) and Saltboot Salt states.
This section covers general information about generic Saltboot requirements. For configuration examples, see Example configurations.
4.1. Enable PXE network boot in the terminal network
Saltboot is usually used in network boot environment. For this to work DHCP
service for the network terminal is connected to must have PXE
or sometimes called BOOTP
support enabled.
if substring (option vendor-class-identifier, 0, 10) = "HTTPClient" { option vendor-class-identifier "HTTPClient"; filename "<FQDN of branch server proxy>/saltboot/shim.efi"; } else { if option arch = 00:07 { filename "boot/shim.efi"; next-server <IP address of branch server proxy>; } else { filename "boot/pxelinux.0"; next-server <IP address of branch server proxy>; } }
Notice two important options, next-server
which is set to the branch server IP address and filename
set to the boot/pxelinux.0
for BIOS based system and boot/shim.efi
for UEFI systems with SecureBoot support.
Containerized branch proxy uses different For containerized branch proxy set |
4.2. Saltboot service discovery
Saltboot requires some information where the Salt master is and from where to download the image. Saltboot tries multiple discoveries to obtain this information, described below.
For successful terminal deployment, both service discoveries must be successful. Depending on your architecture, choose what strategy works for you best.
4.2.1. Salt master discovery
During Saltboot initrd
start, integrated Salt client needs to find branch server proxy to connect to. This discovery is trying following steps:
-
MASTER
kernel command line option is set, then this is used as Salt master -
resolve
salt
CNAME, if successful then resolved value is used as Salt master -
use
salt
as a Salt master
Once Salt master is determined, Salt client configuration is generated and started.
Using fully qualified domain name in If used fully qualified domain name is different from fully qualified domain name of branch server proxy known to SUSE Manager, Saltboot may work correctly, however proxy detection of terminal will not work. |
4.2.2. Download server discovery
Before POS image is downloaded to the terminal, download server discovery is done to find where to download image from:
-
saltboot_download_server
pillar is set for terminal, then its value is used -
saltboot:download_server
pillar is set for terminal, then its value is used -
resolve
ftp
hostname
Value obtained by download server discovery is then used together with POS image pillar to fetch correct image from correct location.
4.3. Terminal partitioning and image selection
Last piece for Saltboot is to provide partitioning for terminal. This is done individually for each hardware type of terminals. For more information about hardware types, see Deployment basics.
Above mentioned steps are mandatory minimum for successful Saltboot deployment. For configuration examples, see Example configurations.
5. Synchronize Images to the Branch Server
The OS image you use on the SUSE Manager server must be synchronized for use to the branch server. You can do this with the Salt image-sync
state, part of the Image Synchronization Formula
.
-
On the SUSE Manager server, run this command:
salt <branch_server_minion_id> state.apply image-sync
-
The image details will be transferred to
/srv/saltboot
on the branch server.
You can also set synchronization to run automatically on the branch server. Configure the image synchronization formula to apply the highstate regularly. For more information about Image Synchronization Formula
, see Image Synchronization Formula.