How to Mirror OES and SLES9 patches using ZENworks 7
Novell Cool Solutions: Feature
By Scott Flowers
Digg This -
Posted: 16 Feb 2006
I have been working with ZENworks Linux Management (ZLM) while deploying our new IBM Bladecenter with a bunch of SUSE Linux Enterprise Server 9 (SLES9) and Open Enterprise Server (OES) servers. During the process of figuring it out for myself, I wrote two short articles about deploying SUSE Linux Enterprise Server (SLES) and Open Enterprise Server (OES) patches with ZLM.
Using the information in these two articles, it is possible to use ZLM to keep your SLES9 and OES servers up to date.
- How to Mirror OES and SLES9 patches using ZENworks 7
- Using ZLM Mirrors of OES and SLES to Update Local Servers
The documentation is rather scarce regarding mirroring Novell's update services locally using ZENworks 7 in order to provide localized patch services for your network servers. This document covers the creation and use of a local ZLM7 server which will be able to update OES Linux, SLES9_i586 and SLES9_x86-64 servers.
The first step is to prepare a ZLM server. This is not difficult, and the manuals for ZLM are pretty descriptive, so just follow the manual and set up a ZLM serer in your network. Note that OES Linux is not supported as a server to host ZLM7 as of this writing. You will have to start with a basic SLES9 non-64-bit server, and install ZLM7 on that. You also cannot install ZLM on an existing server with eDirectory already installed, because ZLM uses its own "embedded" eDirectory, so it will overwrite eDirectory if you have it already on your SLES9 server.
Once your ZLM server is setup, you will need a Novell login that is authorized to receive updates for SLES9, and you will need to have an OES Linux server that has already been activated to receive updates directly from Novell. The reason you need an already-activated OES server is that you have to copy some authentication data from the activated OES server to the ZLM server so that the ZLM server can login and get updates for OES from Novell.
To create an update server for SLES9 servers on your network, you have to create a catalog for SLES9 for each architecture you use. For example, if you have x86 32-bit servers and 64-bit servers based in Intel or AMD, you will need two catalogs in ZLM: One for SLES9_i586, and one for SLES9_x86_64. You also need to create a catalog for OES server. Fortunately, ZLM includes a tool that will locate the patches, mirror them locally, and automatically create the catalogs in ZLM. The tool is zlmmirror.
To use zlmmirror, you need to create a configuration file in plain XML, that contains the information needed for it to authenticate to Novell's update servers and get the correct data. You can create a skeleton configuration file that you can then edit, by logging on as root, and typing:
/opt/novell/ZENworks/bin/zlmmirror config-generate mirror-sles9.xml
Do this twice, with two different output files, one for SLES9 and one for OES.
Edit your SLES9 configuration file using your favorite editor, like emacs. Make it look something like the following:
(Note that the created file will have more fields than are shown here. I've omitted fields that can be left empty. You don't need them and if you like they can be deleted from your XML configuration file.)
<ZLMMirrorConf> <Session> <RemoteServer> <Base>https://you.novell.com/update</Base> <Type>YAST</Type> <User>YOUR NOVELL LOGIN ID</User> <Password>YOUR NOVELL LOGIN PASSWORD</Password> </RemoteServer> <LocalServer> <Type>zlm</Type> <User>YOUR ZLM ADMIN USER ID</User> <Password>YOUR ZLM ADMIN PASSWORD</Password> </LocalServer> <Catalog> <Name>sles-9-x86_64</Name> <Folder>sles9_64</Folder> </Catalog> <Catalog> <Name>sles-9-i586</Name> <Folder>sles9_32</Folder> </Catalog> </Session> </ZLMMirrorConf>
This configuration file will allow zlmmirror to mirror the sles-9-x86_64 channel and the sles-9-i586 channel to your ZLM server, and will automatically create catalogs on your ZLM server so you can redistribute the channels to your local servers. If you use other architectures of SLES9, like Power or zSeries, add <Catalog> sections for those architectures to your xml file.
The next step you have to follow is to go to your already-activated OES server, and look inside two files in /etc/ximian. You need the contents of /etc/ximian/partnernet and /etc/ximian/mcookie. Edit your OES configuration file to look like this:<ZLMMirrorConf> <Session> <RemoteServer> <Base>https://update.novell.com/data</Base> <Type>RCE</Type> <User>CONTENTS OF mcookie FILE</User> <Password>CONTENTS OF partnernet FILE</Password> </RemoteServer> <LocalServer> <Type>zlm</Type> <User>YOUR ZLM ADMIN USER ID</User> <Password>YOUR ZLM ADMIN PASSWORD</Password> </LocalServer> <Catalog> <Name>oes</Name> <Folder>oes_linux</Folder> </Catalog> </Session> </ZLMMirrorConf>
This configuration file will allow zlmirror to mirror the OES server locally, and will automatically create the catalog that you can redistribute to your local servers. Note that the <Folder> attribute in the configuration files refers to a container in the ZLM directory, into which the catalog will be placed. It is much easier to navigate your ZLM server's directory if you use folders to separate your catalogs.
Once you have your configurations set up, create a shell script to execute zlmmirror with your configuration files as input. Here are the contents of my shell script.
#!/bin/bash # # This shell script mirrors sles9 and oes update channels locally and # creates catalogs for internal redistribution. # /opt/novell/ZENworks/bin/zlmmirror mirror -c /root/zlm-mirror-sles9-conf.xml /opt/novell/ZENworks/bin/zlmmirror mirror -c /root/zlm-mirror-oes-conf.xml
When you run this script, zlmmirror downloads all the rpm packages for updates to SLES9 and OES server, and stores them in /var/opt/novell/ZENworks/pkg-repo/. The downloads as of this writing were several gigabytes. If the partition on your ZLM server that contains /var/ is small, it might be a good idea to relocate /var/opt/novell/ZENworks/pkg-repo by moving the contents of that directory to a volume with lots of space, and then making a symlink to it. I have a large volume mounted as /data/vol1, so on my server, I used the following commands to relocate the package repository:
mkdir /data/vol1/ZENworks mv /var/opt/novell/ZENworks/pkg-repo /data/vol1/ZENworks/ ln -s /data/vol1/ZENworks/pkg-repo /var/opt/novell/ZENworks/pkg-repo
Add the mirroring script listed above to a cron job to periodically update your ZLM server's mirrors. I am updating weekly. Your update frequency needs may vary.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com