Skip to content
This repository has been archived by the owner on Jan 10, 2023. It is now read-only.

bflad/chef-rhn

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

93 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

chef-rhn Build Status

Redhat is in the process of transitioning their hosted managment from RHN to RHSM (https://access.redhat.com/rhn-to-rhsm) this cook books focus is on configuring clients of the RHN product (rhn.redhat.com, redhat satellite 5.x, and spacewalk). On December 9th, 2015, Chef announced a new redhat_subscription_manager cookbook for configuring clients of their RHSM products (satellite 6.x, katello, SAM, etc). Please see their blog post for more information!

https://www.chef.io/blog/2015/12/09/managing-red-hat-subscriptions-with-chef-2/

Description

Registers node with Red Hat Network (rhn.redhat.com or RHN Satellite) and configures client.

Requirements

Active RHN system entitlement for node.

Platforms

  • RHEL 5
  • RHEL 6
  • RHEL 7

Cookbooks

  • None

Usage

Register Node with Hosted RHN (rhn.redhat.com)

Securely with encrypted data bag:

  • Create wrapper cookbook which:
    • Sets node['rhn']['register'] to false
    • Reads encrypted data bag
    • Calls default recipe (or customize)
    • Calls rhn_system LWRP

Less securely with attributes:

  • Set node['rhn']['username'] and node['rhn']['password']
  • Add recipe[rhn] to your run_list

Register Node with RHN Satellite (satellite.example.com)

  • Add at least one activation key to node['rhn']['activation_keys']
  • Set your RHN Satellite FQDN in node['rhn']['hostname']
  • Add recipe[rhn] to your run_list

Attributes

These attributes are under the node['rhn'] namespace.

Attribute Description Type Default
activation_keys Comma-separated activation keys for Satellite registration String nil
cmd_timeout Timeout in seconds for remote RHN commands Fixnum 300
hostname Hosted RHN XMLRPC hostname or your RHN Satellite hostname String xmlrpc.rhn.redhat.com
password RHN password for hosted RHN operations String changeme
register Register system with RHN Boolean true
retries Network retries for package commands Fixnum 1
ssl Enable SSL Boolean true
username RHN username for hosted RHN operations String rhnuser

Actions Attributes

These attributes are under the node['rhn']['actions'] namespace.

Attribute Description Type Default
disabled RHN allowed system actions to be disabled Array of Strings []
enabled RHN allowed system actions to be enabled Array of Strings []

Organization CA Certificate Attributes

These attributes are under the node['rhn']['org_ca_cert'] namespace.

Attribute Description Type Default
action Only install or upgrade CA certificate String install
name Filename of certificate String RHNS-CA-CERT
url URL to certificate file or RPM for CA certificate String https://#{node['rhn']['hostname']}/pub/#{node['rhn']['org_ca_cert']['name']}

Organization GPG Key Attributes

These attributes are under the node['rhn']['org_gpg_key'] namespace.

Attribute Description Type Default
name Filename of GPG key String ORG-GPG-KEY
pub GPG public key signature String nil
url URL for GPG key String nil

Proxy Attributes

These attributes are under the node['rhn']['proxy'] namespace.

Attribute Description Type Default
password Password for authenticated RHN HTTP proxying String nil
url hostname:port for RHN HTTP proxy String nil
username Username for authenticated RHN HTTP proxying String nil

RHN Config Client Attributes

These attributes are under the node['rhn']['rhncfg-client'] namespace.

Attribute Description Type Default
server_url Custom URL for config client String https://%(server_name)s%(server_handler)s
script_log_file_enable Enable action logging Boolean false

RHN Sync Daemon Attributes

These attributes are under the node['rhn']['rhnsd'] namespace.

Attribute Description Type Default
enabled Enable sync daemon Boolean false
interval Sync interval in minutes (must be above 60) Fixnum 240

LWRPs

  • system: Register node with RHN
  • system_action: Enable/disable RHN system action on node
  • rhn_channel: Enable/disable channels on node

rhn_system

Below are the available actions for the LWRP, default being register.

These attributes are associated with all LWRP actions.

Attribute Description Type Default
cmd_timeout Timeout for remote RHN commands (catchable exception: Chef::Provider::RhnSystem::CommandTimeout) Fixnum node['rhn']['cmd_timeout']

rhn_system action :register

These attributes are associated with this LWRP action. The name attribute will set the RHN profile name on registration.

Attribute Description Type Default
activation_keys Activation keys for RHN Satellite registration String node['rhn']['activation_keys']
hostname Hostname passthrough to determine hosted versus RHN Satellite registration String node['rhn']['hostname']
password Password for hosted RHN String node['rhn']['password']
username Username for hosted RHN String node['rhn']['username']

Register with hosted RHN with hostname as profile name and possibly username/password from an encrypted data bag:

rhn_system node['hostname'] do
  password 'myPasswordFromDataBag'
  username 'myUsernameFromDataBag'
end

Register with hosted RHN or Satellite with custom profile name:

rhn_system 'special-snowflake'

rhn_system_action

Below are the available actions for the LWRP, default being enable.

rhn_system_action action :disable

The name attribute is the RHN system action name.

Disable run action from node:

rhn_system_action 'run' do
  action :disable
end

rhn_system_action action :enable

The name attribute is the RHN system action name.

Enable run action on node:

rhn_system_action 'run'

Enable all actions on node:

rhn_system_action 'all'

rhn_channel

Below are the available actions for the LWRP, default being enable.

rhn_channel action :enable

The name attribute is the channel name. Using this LWRP will require credentials similar to the rhn_system LWRP. Enable is the default action. You can disable a channel by explicitly declaring :disable as the resource action.

Enable 'foo' channel on node:

rhn_channel 'foo' do
  action :enable
  username my_encrypted_bag['user']
  password my_encrypted_bag['pass']
end

rhn_channel action :disable

Disable 'foo' channel on node:

rhn_channel 'foo' do
  action :disable
  username my_encrypted_bag['user']
  password my_encrypted_bag['pass']
end

Recipes

  • recipe[rhn] - RHN client configuration and system registration
  • recipe[rhn::actions] - configures RHN system actions on client
  • recipe[rhn::org_ca_cert] - installs organization CA certificate
  • recipe[rhn::org_gpg_key] - installs organization GPG key
  • recipe[rhn::register] - registers node with hosted RHN or Satellite
  • recipe[rhn::rhncfg] - configures RHN client configuration
  • recipe[rhn::rhnsd] - configures RHN sync daemon
  • recipe[rhn::up2date] - configures up2date

Testing and Development

  • Quickly testing with Vagrant: VAGRANT.md
  • Full development and testing workflow with Test Kitchen and friends: TESTING.md

Contributing

Please see contributing information in: CONTRIBUTING.md

Maintainers

License

Please see licensing information in: LICENSE