Difference between revisions of "SUSE Manager/SaltProxy"

From MicroFocusInternationalWiki
Jump to: navigation, search
(Created page with "= Summary = Add functionality to the SUSE Manager Proxy product to act as a broker and package cache for Salt minions. = Setup = For new proxies, make sure the <code>spacew...")
 
(Replaced content with "= Moved = This functionality has been documented in the official manual: https://www.suse.com/documentation/suse-manager-3/singlehtml/book_suma_advanced_topics/book_suma...")
 
Line 1: Line 1:
= Summary =
+
= Moved =
  
Add functionality to the SUSE Manager Proxy product to act as a broker and package cache for Salt minions.
+
This functionality has been documented in the official manual:
  
= Setup =
+
https://www.suse.com/documentation/suse-manager-3/singlehtml/book_suma_advanced_topics/book_suma_advanced_topics.html
 
+
For new proxies, make sure the <code>spacewalk-proxy</code> package is installed with version 2.5.1.3 or later.
+
 
+
For existing proxies, update the <code>spacewalk-proxy</code> package to version 2.5.1.3 or later, along with its dependencies. The new salt-broker service will be automatically started at the end of the upgrade.
+
 
+
It is possible to arrange proxies in a chain.
+
 
+
Make sure your proxy has TCP ports 4505 and 4506 opened, and can reach the SUSE Manager server (or the upstream proxy) at those same ports as well.
+
 
+
= Usage =
+
 
+
To register a minion through a proxy, add the proxy FQDN as the master in the minion configuration (either <code>/etc/salt/minion</code> or <code>/etc/salt/minion.d/<NAME>.conf</code>):
+
 
+
<pre>
+
master: proxy123.mycompany.com
+
</pre>
+
 
+
Then start or restart the salt-minion service and accept the minion key on the SUSE Manager server as per normal minions.
+
 
+
The minion will, at this point, connect to the proxy exclusively both for Salt operations and regular HTTP downloads (eg. package downloads).
+
 
+
In the Web UI, standard proxy pages will show information about minions just like regular clients (a list of all proxies is available in ''Systems -> Systems -> Proxy'', a list of clients connected to a proxy is available in ''Systems -> <proxy name> -> Details -> Proxy'' and the list of chained proxies for a minion is available in ''Systems -> <minion name> -> Details -> Connection'').
+
 
+
= Moving minions between Proxies and Server =
+
 
+
You have to repeat the registration process from scratch in order to move a minion from behind a Proxy to the Server, vice versa, or between different Proxies.
+
 
+
= Limitations =
+
 
+
The salt broker SUSE Manager Proxy functionality is only supported if the same SSL certificate generated for SUSE Manager Server was used when setting up the Proxy.
+
 
+
Using different certificates for Proxies and Server is at the moment not supported.
+
 
+
= Technical blueprint =
+
 
+
[https://github.com/SUSE/susemanager-rfc/blob/master/text/00022-proxy-for-salt-clients.md This document is the project blueprint followed to implement this feature].
+

Latest revision as of 09:53, 10 January 2017

Moved

This functionality has been documented in the official manual:

https://www.suse.com/documentation/suse-manager-3/singlehtml/book_suma_advanced_topics/book_suma_advanced_topics.html