Red Hat Training

A Red Hat training course is available for Red Hat Satellite

7.7. Configuration

This tab is the portal to managing your configuration channels and files, whether they are centrally managed or limited to a single system. You must be a Configuration Administrator or an Satellite Administrator to see the Configuration tab. In addition, you must have at least one Provisioning entitlement, or the tab does not appear.
Centrally-managed files are those that are available to multiple systems; changes to a single file in a central configuration channel can affect many systems. In addition, there are local configuration channels. Each system with a Provisioning entitlement has a local configuration channel (also referred to as an override channel) and a Sandbox channel. Both central and local configuration management are discussed in detail later in this chapter.

7.7.1. Preparing Systems for Config Management

For a system to have its configuration managed through RHN, it must have the appropriate tools and config-enable file installed. These tools may already be installed on your system, especially if you kickstarted the system with configuration management functionality. If not, they can be found within the RHN Tools child channel for your distribution. Download and install the latest rhncfg* packages. They are:
  • rhncfg — The base libraries and functions needed by all rhncfg-* packages.
  • rhncfg-actions — The code required to run configuration actions scheduled via the RHN website.
  • rhncfg-client — A command line interface to the client features of the RHN Configuration Management system.
  • rhncfg-management — A command line interface used to manage RHN configuration.
Next, you must enable your system to schedule configuration actions. This is done using the rhn-actions-control command on the client system. This command is included in the rhncfg-actions RPM. The RHN Actions Control (rhn-actions-control) enables or disables specific modes of allowable actions. Refer to Section B.1, “Red Hat Network Actions Control for instructions.

7.7.2. Overview

The Configuration Overview page allows you to assess at a glance the status of your configuration files and the systems that use them.
Configuration Summary
This panel provides quick reference information about your configuration files. Clicking on any of the blue text to the right displays an appropriate list of either relevant systems, channel details, or configuration files.
Configuration Actions
This panel offers direct access to the most common configuration management tasks. You can view or create files or channels, or enable configuration management on your systems.
Recently Modified Configuration Files
The list displayed here indicates which files have changed, to which channel they belong, and when they were changed. If no files have been recently changed, no list appears. Click on the name of the file to be taken to that file's Details page. Click on the channel name to be taken to the Channel Details page for that channel.
Recently Scheduled Configuration Deployments
Each action that has been scheduled is listed here along with the status of the action. Any configuration task that is scheduled, from enabling configuration management on a system to deploying a specific configuration file, is displayed here. This allows you to quickly assess if your tasks have succeeded, and to take action to correct any issues. Clicking on any blue text displays the System DetailsSchedule page for the specified system.

7.7.3. Configuration Channels

As mentioned above, RHN manages both central and local configuration channels and files. Central configuration management allows you to deploy configuration files to multiple systems. Local configuration management allows you to specify overrides, or configuration files that are not changed by subscribing the system to a central channel.
Central configuration channels must be created via the link on this page. Local configuration channels are not created here; they automatically exist for each system to which a Provisioning entitlement has been applied.
Click on the name of the configuration channel to be taken to the details page for that channel. If you click on the number of files in the channel, you are taken to the List/Remove Files page of that channel. If you click on the number of systems subscribed to the configuration channel, you are taken to the SystemsSubscribed Systems page for that channel.
To create a new central configuration channel:
  1. Click the create new config channel link in the upper right of this screen.
  2. Enter a name for the channel.
  3. Enter a label for the channel. This field must contain only alphanumeric characters, "-", "_", and "."
  4. Enter a description for the channel. You must enter a description, though there is no character restriction. This field can contain any brief information that allows you to distinguish this channel from others.
  5. Press the Create Config Channel button to create the new channel.
  6. The following page is a subset of the Channel Details page, and has three sub-tabs: Overview, Add Files, and Systems. The Channel Details page is discussed fully in Section 7.7.3.1, “Configuration ⇒ Configuration Channels ⇒ Configuration Channel Details”.

7.7.3.1. Configuration ⇒ Configuration Channels ⇒ Configuration Channel Details

Overview
This sub-tab is very similar to the Configuration Overview page. The Channel Information panel provides status information for the contents of the channel. The Configuration Actions panel provides access to the most common configuration tasks. The main difference is the Channel Properties panel. By clicking on the Edit Properties link, you can edit the name, label, and description of the channel.
List/Remove Files
This tab, which only appears if there are files in the configuration channel, lists the files that this configuration channel contains. You can remove a file or files, or copy the latest version into a set of local overrides or into other central configuration channels. Check the box next to any files you wish to manipulate and click the button corresponding to the desired action at the bottom of the screen.
Add Files
The Add Files sub-tab has three sub-tabs of its own, which allow you to Upload, Import, or Create configuration files to be included in the channel.
Upload File
To upload a file into the configuration channel, browse for the file on your local system, populate all fields, and click the Upload Configuration File button. The Filename/Path field is the absolute path where the file will be deployed.
You can also indicate the Ownership (the user name and group name) as well as the Permissions to be attached to the file when it is deployed.
If the client has SELinux enabled, you can configure SELinux contexts to enable the required file attributes (such as user, role, and file type) that allow it to be used on the system. For more information about configuring SELinux file context, refer to the Red Hat Enterprise Linux Security-Enhanced Linux User Guide.
Finally, if the configuration file includes a macro, enter the symbol that marks the beginning and end of the macro.
Import Files
From this page you can import files from other configuration channels, including any locally-managed channels. Check the box to the left of any file you wish to import and press the Import Configuration File(s) button.

Note

A sandbox icon indicates that the listed file is currently located in a local sandbox channel. Files in a system's sandbox channel are considered experimental and could be unstable. Use caution when selecting them for a central configuration channel.
Create File
From this page you can create a configuration file, directory, or symbolic link from scratch to be included in the configuration channel.
First, choose whether you want to create a text file, directory, or symbolic link (symlink) in the the File Type section. Indicate the absolute path along which the file should be deployed in the Filename/Path text box. If you are creating a symlink, indicate the target file and path in the Symbolic Link Target Filename/Path text box.
Enter the User name and Group name for the file in the Ownership section, as well as the File Permissions Mode for the file.
If the client has SELinux enabled, you can configure SELinux contexts to enable the required file attributes (such as user, role, and file type) that allow it to be used on the system. For more information about configuring SELinux file context, refer to the Red Hat Enterprise Linux Security-Enhanced Linux User Guide.
If the configuration file includes a macro, enter the symbol that marks the beginning and end of the macro. Then, enter the configuration file content in the File Contents field, using the script dropdown menu to choose the appropriate scripting language. Finally, press the Create Configuration File button to create the new file.
Deploy Files
This sub-tab only appears when there are files present in the channel. You can deploy all files by pressing the Deploy All Files button, or you can check selected files and press the Deploy Selected Files button. You will then be asked to select to which systems the file(s) should be applied. The listed systems are those that are subscribed to this channel. If you wish to apply the file to a system not listed here, first subscribe that system to the channel. When ready, press the Confirm and Deploy to Selected Systems button to deploy the files.
Systems
This tab, which consists of two sub-tabs, allows you to manage the systems that are subscribed to the configuration channel.
Subscribed Systems
This sub-tab displays a list of all systems that are subscribed to the current channel. Clicking on the name of the system takes you to the System Details page for that system.
Target Systems
This sub-tab displays a list of systems that have been enabled for configuration management and that are not yet subscribed to the channel. To add a system to the configuration channel, check the box to the left of the system's name and press the Subscribe System button.

7.7.4. Configuration Files

This tab allows you to manage your configuration files independently. Both centrally-managed and locally-managed files can be reached from sub-tabs.

Note

By default, the maximum file size for configuration files is 128KB. If you need to change that value, find and modify the following line in the /etc/rhn/default/rhn_web.conf file: 
web.maximum_config_file_size=128
You must also find and change the following line in the /etc/rhn/default/rhn_server.conf file to the same value: 
maximum_config_file_size=131072
Change the value in both files from 131072 to the desired value in bytes.

7.7.4.1. Centrally-Managed Files

Centrally-managed files are those that are available to multiple systems. Changing a file within a centrally-managed channel may result in changes to several systems.
This page lists all files that are currently stored in your central configuration channels. Click on the Path of a file to be taken to the Configuration File Details page for that file. Select the name of the configuration channel to be taken to the Channel Details page of the channel that contains the file. Clicking on the number of systems takes you to a listing of systems currently subscribed to the channel containing that file. Finally, clicking on the number of overriding systems displays a list of systems that have a local (or override) version of the configuration files (which means that the centrally-managed file will not be deployed to those systems.)

7.7.5. Locally-Managed Files

Locally-managed configuration files are those files that apply to only one system. They may be files in the system's sandbox or they may be files that can be deployed to the system at any time. Local files have higher priority than centrally-managed files - that is, if a system is subscribed to a configuration channel with a given file, and also has a locally-managed version of that same file, the locally-managed version is the one that will be deployed.
This page lists all of the local (override) configuration files for your systems. This includes the local configuration channels and the sandbox channel for each Provisioning-entitled system.
Click the Path of the file to go to the Config File Details page for the file. Click the name of the system to which it belongs to go to the System DetailsConfigurationConfigurationOverview page for the system.

7.7.5.1. Including Macros in your Configuration Files

Being able to store and share identical configurations is useful, but what if you have many variations of the same configuration file? What do you do if you have configuration files that differ only in system-specific details, such as hostname and MAC address?
In traditional file management, you would be required to upload and distribute each file separately, even if the distinction is nominal and the number of variations is in the hundreds or thousands. RHN addresses this by allowing the inclusion of macros, or variables, within the configuration files it manages for Provisioning-entitled systems. In addition to variables for custom system information, the following standard macros are supported:
  • rhn.system.sid
  • rhn.system.profile_name
  • rhn.system.description
  • rhn.system.hostname
  • rhn.system.ip_address
  • rhn.system.custom_info(key_name)
  • rhn.system.net_interface.ip_address(eth_device)
  • rhn.system.net_interface.netmask(eth_device)
  • rhn.system.net_interface.broadcast(eth_device)
  • rhn.system.net_interface.hardware_address(eth_device)
  • rhn.system.net_interface.driver_module(eth_device)
To use this powerful feature, either upload or create a configuration file through the Configuration Channel Details page. Then, open its Configuration File Details page and include the supported macros of your choosing. Ensure that the delimiters used to offset your variables match those set in the Macro Start Delimiter and Macro End Delimiter fields and do not conflict with other characters in the file. We recommend that the delimiters be two characters in length and must not contain the percent (%) symbol.
As an example, you may have a file applicable to all of your servers that differs only in IP address and hostname. Rather than manage a separate configuration file for each server, you may create a single file, such as server.conf, with the IP address and hostname macros included, like so: 
hostname={| rhn.system.hostname |}
ip_address={| rhn.system.net_interface.ip_address(eth0) |}
Upon delivery of the file to individual systems, whether through a scheduled action in the RHN website or at the command line with the Red Hat Network Configuration Client (rhncfg-client), the variables will be replaced with the hostname and IP address of the system, as recorded in RHN's System Profile. In the above configuration file, for example, the deployed version resembles the following: 
hostname=test.example.domain.com
ip_address=177.18.54.7
To capture custom system information, insert the key label into the custom information macro (rhn.system.custom_info). For instance, if you developed a key labeled "asset" you can add it to the custom information macro in a configuration file to have the value substituted on any system containing it. The macro would look like this: 
 
asset={@ rhn.system.custom_info(asset) @}
Upon deployment of the file to a system containing a value for that key, the macro gets translated, resulting in a string similar to the following: 
asset=Example#456
To include a default value, for instance if one is required to prevent errors, you can append it to the custom information macro, like so: 
asset={@ rhn.system.custom_info(asset) = 'Asset #' @}
This default is overridden by the value on any system containing it.
Using the Red Hat Network Configuration Manager (rhncfg-manager) will not translate or alter files, as that tool is system agnostic — rhncfg-manager does not depend on system settings. Binary files cannot be interpolated.

7.7.6. Systems

This page displays status information about your system in relation to configuration. There are two sub-tabs: Managed Systems and Target Systems.

7.7.6.1. Managed Systems

This page is the default display for the ConfigurationSystems page. The systems displayed here have been fully prepared for configuration file deployment. The number of local and centrally-managed files is displayed. Clicking the name of the system takes you to the System DetailsConfigurationOverview page for the system. Clicking on the number of local files takes you to the System DetailsConfigurationView/Modify FilesLocally-Managed Files page, which allows you to manage which local (override) files apply to the system. Clicking on the number of centrally-managed files takes you to the System DetailsConfigurationManage Configuration ChannelsList/Unsubscribe from Channels page. This allows you to unsubscribe from any channels you wish.

7.7.6.2. Target Systems

This page displays the systems that are either not prepared for configuration file deployment or have not yet been subscribed to a configuration channel. The table has three columns which identify the system name, whether they are prepared for configuration file deployment, and a list of the steps that have yet to be completed before the system is prepared. By selecting the check box to the left of the profile name and then pressing the Enable RHN Configuration Management button, all of the preparatory steps that can be automatically performed are scheduled by RHN.

Note

You will still have to perform a few manual steps to enable configuration file deployment, but on-screen instructions are provided to assist with this step.