Redhat is in the process of transitioning their hosted managment from RHN to RHSM (https://access.redhat.com/rhn-to-rhsm) this cook books focus is on configuring clients of the RHN product (rhn.redhat.com, redhat satellite 5.x, and spacewalk). On December 9th, 2015, Chef announced a new redhat_subscription_manager
cookbook for configuring clients of their RHSM products (satellite 6.x, katello, SAM, etc). Please see their blog post for more information!
https://www.chef.io/blog/2015/12/09/managing-red-hat-subscriptions-with-chef-2/
Registers node with Red Hat Network (rhn.redhat.com or RHN Satellite) and configures client.
Active RHN system entitlement for node.
- RHEL 5
- RHEL 6
- RHEL 7
- None
Securely with encrypted data bag:
- Create wrapper cookbook which:
- Sets
node['rhn']['register']
to false - Reads encrypted data bag
- Calls default recipe (or customize)
- Calls
rhn_system
LWRP
- Sets
Less securely with attributes:
- Set
node['rhn']['username']
andnode['rhn']['password']
- Add
recipe[rhn]
to your run_list
- Add at least one activation key to
node['rhn']['activation_keys']
- Set your RHN Satellite FQDN in
node['rhn']['hostname']
- Add
recipe[rhn]
to your run_list
These attributes are under the node['rhn']
namespace.
Attribute | Description | Type | Default |
---|---|---|---|
activation_keys | Comma-separated activation keys for Satellite registration | String | nil |
cmd_timeout | Timeout in seconds for remote RHN commands | Fixnum | 300 |
hostname | Hosted RHN XMLRPC hostname or your RHN Satellite hostname | String | xmlrpc.rhn.redhat.com |
password | RHN password for hosted RHN operations | String | changeme |
register | Register system with RHN | Boolean | true |
retries | Network retries for package commands | Fixnum | 1 |
ssl | Enable SSL | Boolean | true |
username | RHN username for hosted RHN operations | String | rhnuser |
These attributes are under the node['rhn']['actions']
namespace.
Attribute | Description | Type | Default |
---|---|---|---|
disabled | RHN allowed system actions to be disabled | Array of Strings | [] |
enabled | RHN allowed system actions to be enabled | Array of Strings | [] |
These attributes are under the node['rhn']['org_ca_cert']
namespace.
Attribute | Description | Type | Default |
---|---|---|---|
action | Only install or upgrade CA certificate | String | install |
name | Filename of certificate | String | RHNS-CA-CERT |
url | URL to certificate file or RPM for CA certificate | String | https://#{node['rhn']['hostname']}/pub/#{node['rhn']['org_ca_cert']['name']} |
These attributes are under the node['rhn']['org_gpg_key']
namespace.
Attribute | Description | Type | Default |
---|---|---|---|
name | Filename of GPG key | String | ORG-GPG-KEY |
pub | GPG public key signature | String | nil |
url | URL for GPG key | String | nil |
These attributes are under the node['rhn']['proxy']
namespace.
Attribute | Description | Type | Default |
---|---|---|---|
password | Password for authenticated RHN HTTP proxying | String | nil |
url | hostname:port for RHN HTTP proxy | String | nil |
username | Username for authenticated RHN HTTP proxying | String | nil |
These attributes are under the node['rhn']['rhncfg-client']
namespace.
Attribute | Description | Type | Default |
---|---|---|---|
server_url | Custom URL for config client | String | https://%(server_name)s%(server_handler)s |
script_log_file_enable | Enable action logging | Boolean | false |
These attributes are under the node['rhn']['rhnsd']
namespace.
Attribute | Description | Type | Default |
---|---|---|---|
enabled | Enable sync daemon | Boolean | false |
interval | Sync interval in minutes (must be above 60) | Fixnum | 240 |
- system: Register node with RHN
- system_action: Enable/disable RHN system action on node
- rhn_channel: Enable/disable channels on node
Below are the available actions for the LWRP, default being register
.
These attributes are associated with all LWRP actions.
Attribute | Description | Type | Default |
---|---|---|---|
cmd_timeout | Timeout for remote RHN commands (catchable exception: Chef::Provider::RhnSystem::CommandTimeout ) |
Fixnum | node['rhn']['cmd_timeout'] |
These attributes are associated with this LWRP action. The name attribute will set the RHN profile name on registration.
Attribute | Description | Type | Default |
---|---|---|---|
activation_keys | Activation keys for RHN Satellite registration | String | node['rhn']['activation_keys'] |
hostname | Hostname passthrough to determine hosted versus RHN Satellite registration | String | node['rhn']['hostname'] |
password | Password for hosted RHN | String | node['rhn']['password'] |
username | Username for hosted RHN | String | node['rhn']['username'] |
Register with hosted RHN with hostname as profile name and possibly username/password from an encrypted data bag:
rhn_system node['hostname'] do
password 'myPasswordFromDataBag'
username 'myUsernameFromDataBag'
end
Register with hosted RHN or Satellite with custom profile name:
rhn_system 'special-snowflake'
Below are the available actions for the LWRP, default being enable
.
The name attribute is the RHN system action name.
Disable run action from node:
rhn_system_action 'run' do
action :disable
end
The name attribute is the RHN system action name.
Enable run action on node:
rhn_system_action 'run'
Enable all actions on node:
rhn_system_action 'all'
Below are the available actions for the LWRP, default being enable
.
The name attribute is the channel name. Using this LWRP will require credentials similar to the rhn_system LWRP. Enable is the default action. You can disable a channel by explicitly declaring :disable as the resource action.
Enable 'foo' channel on node:
rhn_channel 'foo' do
action :enable
username my_encrypted_bag['user']
password my_encrypted_bag['pass']
end
Disable 'foo' channel on node:
rhn_channel 'foo' do
action :disable
username my_encrypted_bag['user']
password my_encrypted_bag['pass']
end
recipe[rhn]
- RHN client configuration and system registrationrecipe[rhn::actions]
- configures RHN system actions on clientrecipe[rhn::org_ca_cert]
- installs organization CA certificaterecipe[rhn::org_gpg_key]
- installs organization GPG keyrecipe[rhn::register]
- registers node with hosted RHN or Satelliterecipe[rhn::rhncfg]
- configures RHN client configurationrecipe[rhn::rhnsd]
- configures RHN sync daemonrecipe[rhn::up2date]
- configures up2date
- Quickly testing with Vagrant: VAGRANT.md
- Full development and testing workflow with Test Kitchen and friends: TESTING.md
Please see contributing information in: CONTRIBUTING.md
- Brian Flad (bflad417@gmail.com)
Please see licensing information in: LICENSE