1 Introduction
This quick-start provides guidance on setting up SUSE Manager server with KVM. You will learn the fundamentals of managing both traditional SUSE Manager clients and Salt clients. This guide is intended for system administrators.
Note: SUSE Manager Version Information
In this manual if not other specified, SUSE Manager version 3.2 is assumed and this version is required if a feature is discussed. {susemgr} 3.2 and SUSE Manager 3.2 Proxy were originally released as a SLES 12 SP3 extension. Whenever features of the SUSE Manager{productnumber} host operating system are documented and not other specified version 12 SP3 is assumed.
1.1 What is SUSE Manager? #
SUSE Manager lets you manage large sets of Linux systems and keep them up to date. It provides automated software management, asset management, and system provisioning. {susemgr} is a solution for organizations requiring absolute control of maintenance and package deployment on their servers. {susemgr} allows administrators to maintain a high level of security while facilitating and advancing an organizations system life-cycle requirements.
- Salt
The inclusion of Salt in SUSE Manager 3 provides powerful event-driven configuration and management capabilities for fine grained control of any modern infrastructure.
- Salt-master
SUSE Manager takes a commanding role as a Salt-master capable of orchestrating thousands of Salt-minions (SUSE Manager Clients) via remote execution.
- Distribution Management
SUSE Manager is fully compatible with Red Hat Satellite Server and offers seamless management of both SUSE Linux Enterprise and Red Hat Enterprise Linux client systems.
1.2 Overview #
SUSE Manager may be integrated within your network infrastructure in multiple ways. In this guide you will perform the following steps for an initial test setup.
Install SUSE Linux Enterprise Server with SUSE Manager as an extension
Setup SUSE Manager Server via YaST
Register SUSE Manager with SCC (SUSE Customer Center)
Synchronize a repository channel for use with both traditional clients and Salt minions
Create an authentication key to act as an ID for the synced repository channel
Add the new authentication key to a bootstrap template script and connect a traditional client
Register a Salt minion with SUSE Manager (salt-master) and assign it a channel with an authentication key
1.3 Prerequisites for Installation #
This guide requires that you have created an account with SCC (SUSE Customer Center). During installation of both SUSE Linux Enterprise Server (SLES) and SUSE Manager, SCC credentials will be requested and you must enter them to receive the latest packages and updates. The following procedure will guide you through obtaining your SCC Organizational Credentials.
Procedure: Obtaining Your SCC Organization Credentials #
Open a browser and direct it to https://scc.suse.com/login.
If you have not done so, create an account now.
Log in to your new SCC account.
Under the widget select .
Click the tab.
Keep this information handy during SUSE Manager setup.
1.4 Obtaining Installation Media #
After logging into your SCC account, you can find the installation images provided at the following addresses.
Select one and continue reading:
Just Enough Operating System (JeOS) 290 MB JeOS - Media Download
SLES DVD image 3 GB SUSE Linux Enterprise Server - Media Download
Note: Just Enough Operating System (JeOS) vs. Full Media Image
The SLES JeOS image provides the quickest route for setup of a test environment. The JeOS image total size is about 290 MB. The alternative would be the 3 GB SLES DVD image. Both installation media are appropriate, but depend upon available bandwidth or your application needs. Both methods of installation will be covered in this guide.
1.5 Hardware Requirements #
Review the following table for SUSE Manager hardware and software requirements. For installation on z Systems, see:
Table 1.1: Hardware Requirements #
Hardware | Recommended |
|---|---|
CPU | Multi-core 64-bit CPU (x86_64, IBM POWER) |
RAM: | Test Server Minimum 4 GB |
Base Installation Minimum 16 GB | |
Production Server Minimum 32 GB | |
Disk Space: |
|
| |
|
1.6 Base Host Operating System #
SUSE Manager 3.2 is based on SLES {sles-version} {sp-version} as the host operating system.
1.7 Supported Client Systems #
Clients with the following operating systems are supported for registration with SUSE Manager. If you plan on using the new Salt features, ensure your clients are supported.
Note: Supported Versions and SP Levels
Client operating system versions and SP levels must be under general support (normal or LTSS) to be supported with SUSE Manager.
For details on the Expanded Support Lifecycle and minor Red Hat Enterprise Linux release versions, see https://www.suse.com/lifecycleSUSE Linux Enterprise Server with Expanded Support .
Table 1.2: Supported Client Systems #
Operating Systems | Architecture | Traditional Clients | Salt Clients |
|---|---|---|---|
SUSE Linux Enterprise 11 SP4 | x86, x86_64, Itanium, IBM POWER, z Systems | Supported | Supported |
SUSE Linux Enterprise 12 SP1, SP2, SP3 | x86_64, IBM POWER(ppc64le), z Systems | Supported | Supported |
Latest minor release Red Hat Enterprise Linux Server 6 | x86, x86_64 | Supported | Supported |
Latest minor release Red Hat Enterprise Linux Server 7 | x86, x86_64 | Supported | Supported |
Novell Open Enterprise Server 11, SP1, SP2, SP3 LTSS | x86, x86_64 | Supported | Supported |
Open Enterprise Server 2015, 2015 SP1, 2018 | x86, x86_64 | Supported | Supported |
1.8 Network Requirements #
To successfully complete this guide some network requirements must be met. The following section will walk you through these requirements.
- Fully Qualified Domain Name (FQDN)
The SUSE Manager server must resolve its FQDN correctly or cookies will not work properly on the WebUI.
- Hostname and IP Address
To ensure that the SUSE Manager domain name can be resolved by its clients, both server and client machines must be connected to a working Domain Name System (DNS) server. This guide assumes the required infrastructure exists within your environment. For more information on setting up a (DNS) server see:
- Using a Proxy When Installing from SUSE Linux Enterprise Media
If you are on an internal network and do not have access to SUSE Customer Center, you can setup and use a proxy during a SUSE Linux Enterprise installation. For more information on configuring a proxy for access to SUSE Customer Center during a SUSE Linux Enterprise installation see:
Important: Naming Your Server
The hostname of SUSE Manager must not contain uppercase letters as this may cause jabberd to fail. Choose the hostname of your SUSE Manager server carefully. Although changing the server name is possible, it is a complex process and unsupported.
1.9 Firewall Port Rules #
In a production environment SUSE Manager server and its clients should always utilize firewall rules. The following table provides an overview of required ports.
Traditional client systems connect to SUSE Manager via port 443. In addition, enabling push actions from SUSE Manager to client systems, requires inbound connections on port 5222. If SUSE Manager will also push to a SUSE Manager proxy, you must allow inbound connections on port 5269.
Table 1.3: Required Ports on SUSE Manager Server #
Port | Direction | Reason |
|---|---|---|
67 | Inbound | Required when configured as a DHCP server for systems requesting IP addresses |
69 | Inbound | Used when configured as a PXE server and allows installation and re-installation of PXE-boot enabled systems |
80 | Outbound | Used to contact SUSE Customer Center |
443 | Inbound | All WebUI, traditional client, and proxy server requests and SUSE Manager uses this port for SUSE Customer Center inbound traffic |
443 | Outbound | SUSE Manager uses this port to reach SUSE Customer Center unless running in disconnected mode with RMT or SMT |
4505 | Inbound | Required by the Salt-master to accept communication requests via TCP from minions |
4506 | Inbound | Required by the Salt-master to accept communication requests via TCP from minions |
5222 | Inbound | When you wish to push actions to clients this port is required by the osad daemon running on the client systems |
5269 | Inbound/Outbound | Needed if you push actions to or via a SUSE Manager Proxy |
Outbound | Squid HTTP proxy for outgoing connections. It could be any port you configure |
For more information on disconnected setup and port configuration, see: