Appendix B. Red Hat Update Infrastructure command line interface

The majority of RHUI’s administrative tasks are in its installation. After installation, it runs on its own, periodically getting updated packages from the Red Hat CDN and automatically making those packages available to clients.

A command line interface called Red Hat Update Infrastructure Management Tool (run with the rhui-manager command) facilitates the installation. This tool provides interactive prompts for the necessary configuration elements for each RHUI component: RHUA, CDS, and load balancer. This tool also provides a means for taking the content certificate provided by Red Hat for use when connecting to the Red Hat CDN and generating internal, cloud-specific certificates that clients use to connect to RHUI. The Red Hat Update Infrastructure Management Tool allows the cloud provider to generate a client configuration bundle to install on client RHEL instances. This bundle allows the clients to get updates from the RHUI installation.

Red Hat Update Infrastructure Management Tool is designed to be run using the interactive shell; some functions can also be run from a standard shell prompt. The Red Hat Update Infrastructure Management Tool uses five main commands. For each command’s subcommand, a list of options is provided if the subcommand expects one or more options other than -h and --help.

View all options and commands.

[root@rhua ~]# rhui-manager --help
Usage: rhui-manager [options]

OPTIONS
   -h/--help  show this help message and exit
   --debug    enables debug logging
   --config   absolute path to the configuration file; defaults to /etc/rhui/rhui-tools.conf
   --server   location of the RHUA server (overrides the config file)
   --username if specified, previously saved authentication credentials are ignored and this username is used to login
   --password used in conjunction with --username

 COMMANDS
   cert          : Red Hat content certificate management
   packages      : package manipulation on repositories
   repo          : repository listing and manipulation
   status        : RHUI status and health information
   client        : Red Hat client management

The following subsections provide more details about the subcommands and options for their associated command.

B.1. cert

  • info: display information about the current content certificate

    • (This subcommand has no options.)
  • upload: uploads a new content certificate

    • --cert - full path to the new content certificate (required)
    • --key - full path to the new content certificate’s key

Example

[root@rhua ~]# rhui-manager cert upload --cert /tmp/extra_rhui_files/rhcert.pem
Red Hat Entitlements

  Valid
    Beta RHEL RHUI Everything 7 Debug
    Expiration: 05-17-2026     Certificate: rhcert.pem

    Beta RHEL RHUI Everything 7 OS
    Expiration: 05-17-2026     Certificate: rhcert.pem

B.2. packages

  • list: lists all packages in a repository

    • --repo_id - id of the repository whose packages you want to list (required)
  • upload: uploads a package or directory of packages to a custom repository

    • --repo_id - id of the custom repository where the packages will be uploaded (required)
    • --packages - path to an .rpm file or directory of RPMs that will be uploaded (required)
  • remote: uploads RPM content from a remote URL to a custom repository

    • --repo_id - id of the custom repository where the packages will be uploaded (required)
    • --url - remote URL of the package or a web page that will be extracted for RPM content (required)

Example

[root@rhua ~]# rhui-manager packages upload --repo_id my_custom_repo --packages /tmp/webalizer-2.21-6.2.x86_64.rpm
Uploading /tmp/webalizer-2.21-6.2.x86_64.rpm...
/tmp/webalizer-2.21-6.2.x86_64.rpm successfully uploaded

B.3. repo

  • sync: sync a repository

    • --repo_id - identifies the repository to display (required)
  • add_by_repo: add Red Hat repositories to the RHUA via repo ID

    • --repo_ids - repo IDs to add, comma-separated (required)
  • unused: list of products available but not synced to the RHUA

    • -by_repo_id - List unused products by repo id
  • list: lists all repositories in the RHUI

    • --ids_only - show only the repo IDs
    • --redhat_only - list only Red Hat repositories
    • --delimiter - a character used to separate the repos. Defaults to newline
  • add: add a Red Hat repository to the RHUA

    • --product_name - product to add the RHUA (required)
  • add_errata: associate errata metadata with a repository

    • --repo_id - repo ID to associate the metadata with (required)
    • --updateinfo - updateinfo file to be applied (required)
  • add_comps: associate comps metadata (group/category/environment/langpacks) with a repository

    • --repo_id - repo ID to associate the metadata with (required)
    • --comps - comps file to be applied (required)
  • info: displays information on an individual repo

    • --repo_id - identifies the repository to display (required)
  • create_custom: create a custom repository

    • repo_id - identifies the repository to add (required)
    • path - path to the content being served by CDS; defaults to repo_id
    • display_name - display name for the custom repository
    • entitlement - path used in the entitlement certificate; may use yum variable substitutions
    • legacy_md - if present, the repo will use SHA1, otherwise default value is used (SHA256)
    • redhat_content - repository will host Red Hat GPG signed content
    • protected - make the content protected by entitlement certificate
    • gpg_public_keys - comma separated list of public keys used to sign the served content; the filenames must not contain comma
  • delete: delete a repository

    • repo_id - identifies the repository to delete (required)

Example

[root@rhua ~]# rhui-manager repo list
ID                             :: Repository Name

Red Hat Repositories
--------------------
rhel-rhui-server-7-rh-gluster-samba-3.1-os-7Server-x86_64 :: RHEL RHUI Server 7 Rh-gluster-samba 3.1 OS (7Server-x86_64)

Custom Repositories
--------------------
my_custom_repo                 :: My Custom Repo

B.4. status

  • (This command has no subcommands.)

    • --code - if specified, only a numeric code for the result will be displayed

Example

[root@rhua ~]# rhui-manager status
RHEL RHUI Server 7 Rh-gluster-samba 3.1 OS (7Server-x86_64) ........... Never


Entitlement CA certificate expiration date = 2038-01-18T10:30:32Z  .... [  OK  ]
0

B.5. client

  • rpm: create a client config rpm

    • --private_key - entitlement private key
    • --entitlement_cert - entitlement certificate
    • --rpm_version - version number of the client config rpm
    • --rpm_release - release of rpm package. Default is 1.
    • --rpm_name - name of the client config rpm (required)
    • --dir - directory where the rpm will be created (required)
    • --unprotected_repos - comma-separated list of unprotected repos to include
    • --cert - generate certificate also before building client config rpm if given
    • --repo_label - identifies the repositories to add. Comma delimited string of repo labels
    • --name - identifies the certificate name if it is different from rpm name
    • --days - number of days cert will be valid
    • --proxy - url/string in case proxy option is necessary in yum repo file
  • labels: list the labels required for client certificate creation

    • (this subcommand has no options)
  • cert: create a content certificate for a rhui client

    • --repo_label - identifies the repositories to add. Comma delimited string of repo labels (required)
    • --name - identifies the certificate name (required)
    • --days - number of days cert will be valid (required)
    • --dir - directory where the certificate will be stored (required)
  • content_source: create an alternate source config rpm

    • --private_key - entitlement private key
    • --entitlement_cert - entitlement certificate
    • --rpm_version - version number of the client config rpm
    • --rpm_name - name of the client config rpm (required)
    • --dir - directory where the rpm will be created (required)
    • --unprotected_repos - comma-separated list of unprotected repos to include
    • --cert - generate certificate also before building client config rpm if given
    • --ca_cert - full path to the certificate authority of CDS servers
    • --repo_label - identifies the repositories to add. Comma delimited string of repo labels
    • --name - identifies the certificate name if it is different from rpm name
    • --days - number of days cert will be valid

Example

# rhui-manager client cert --repo_label rhel-7-server-rhui-rpms,rhel-7-server-rhui-optional-rpms,my_custom_repo --name rhel7 --days 365 --dir /tmp
......+++
.....................................+++
Entitlement certificate created at /tmp/rhel7.crt
Note

Use Red Hat repository labels and not the IDs. To get a list of all labels, run the rhui-manager client labels command. If you are including a protected custom repository in the certificate, use the repository’s ID instead. The example above demonstrates the use of both Red Hat repository labels and a custom repository ID.

Report a bug