Novell Documentation: ZENworks Linux Management

The Caching Server

In larger networks and those spread across multiple physical locations, network traffic and performance take on additional importance in the software management process. In those cases, it can become desirable to add a caching server to the network. The zlm-server-proxy is a Squid-based caching server that stands between the client machines and your main ZENworks Linux Management server. Using a cache reduces bandwidth consumption, permits centralized management at a greater distance, and permits tighter control of a each location's firewall for added security.

The ZENworks Linux Management cache functions like the rcmirror command in that it fetches software from a remote repository. However, it does not store packages in a local ZENworks Linux Management server, nor does it fetch software from multiple servers. In the figure below, the ZENworks Linux Management server in the upper left corner pulls software from the Ximian software repository and distributes it to two caches inside separate LANs. Using proxies saves time and network resources by downloading the software only once per site, and the administrator saves time by managing both networks simultaneously from a single location.

The first time a client machine makes a request from the cache server, the cache server requests and fetches it from the main ZENworks Linux Management server. Future requests are honored by the cache without having to download anything from the central server. The cache stores packages and package metadata, and caches authentication for a shorter amount of time, so that clients do not need to authenticate against the central server with every request.

HINT: Caching with Unreliable Networks

Using a cache with ZENworks Linux Management can allow clients to update even if their connection to the central server has failed.

Installing the Caching System

Installation of the ZENworks Linux Management cache is relatively simple:

Configure the computer which will act as the cache as a normal ZENworks Linux Management client.
Install the additional zlm-server-proxy package on the cache machine.
On the Server page in the ZENworks Linux Management server Web interface, click the Cache License Administration link. If your server key includes cache seats, you will see them listed in the Licences table.
If you already have cache licenses listed, skip this step (most server licenses include at least one cache license). Otherwise, click the Add License link and enter the two-part cache license key provided by your sales representative. Then, click the Add button.
Click the Add Server link, and enter the IP address for the cache server. Then, click the Add button. The ZENworks Linux Management server generates an SSL certificate, and displays a link to it next to the IP of the cache server. The file should be saved as:
```
/etc/ximian/rcproxy/client-cert.pem
```
Run the following command to start the proxy:
chkconfig squid on
On the cache server, run the command zlm-server-proxy-init. Enter the requested information (company name, email address, and the host name and port for your primary ZENworks Linux Management server) when prompted.
On your ZENworks Linux Management server, add the following lines to the apache virtual hosts configuration file :
```
Header add Cache-Control "public" 
AddType application/x-rpm .rpm 
ExpiresActive On 
ExpiresByType application/x-rpm "access plus 1 year"
```
The virtual hosts configuration file is located at:
- SUSE: /etc/apache2/vhosts.d/rcserver-vhost.conf
- Red Hat: /etc/httpd/conf.d/rcserver-vhost.conf
Additionally, if your ZENworks Linux Management server is running on SUSE Linux Enterprise Server 9, add the headers module to the APACHE_MODULES list in /etc/sysconfig/apache2:
```
APACHE_MODULES="access actions alias auth auth_dbm autoindex cgi dir  
env expires headers include log_config mime negotiation setenvif ssl suexec userdir php4"
```
IMPORTANT: If you make the change in step 8 and do not add the change contained in step 9, apache fails to load.
Add the caching server as a service for the client machines instead of the central ZENworks Linux Management server. For example:
rug sa https://cachename.example.com/data

Configuring the Caching System

The zlm-server-proxy package installed in Installing the Caching System, has a number of parameters which can be customized to control the size of the cache, the size of individual cached packages, and the amount of time packages are retained on the caching server. These parameters are set in /etc/squid/squid.conf.

The following table describes these parameters:

Parameter Description.

Parameter	Description.
Maximux Cache Size	The maximum cache size is set by modifying the third value in the maximum cache size parameter: cache_dir ufs /var/spool/squid `20000` 16 256 This sets the size of the cache in kilobytes. With this setting, the cache maxes out at 20 GB.
Maximum Package Size	The maximum package size is set by modifying the maximum_object_size parameter: maximum_object_size `300000` KB This sets the maximum package size at 300 MB. This value must be increased to handle larger packages.
Refresh Pattern	This parameter controls how long specific file types are stored in the cache, up to the limit set by the Maximum Cache Size parameter. After this limit is reached, older files are dropped regardless of the refresh pattern settings. Refresh patterns are set using the file_filter, minimum, and maximum values in the refresh parameter: refresh_pattern -i `file_filter` `minimum` 100% `maximum` override-expire `file_filter`: regular expression specifying the file types affected by this refresh setting `minumim`: minumim number of hours to keep a file on the caching server. `maximum`: maximum number of hours to keep a file on the caching server. The following refresh pattern keeps all files with an .rpm extension, regardless of case, for a minimum of 30 days (43200 hours), and a maximum of 300 days (432000 hours): refresh_pattern -i .*\.(rpm\|RPM) 43200 100% 432000 override-expire

Maximux Cache Size

The maximum cache size is set by modifying the third value in the maximum cache size parameter:

cache_dir ufs /var/spool/squid 20000 16 256

This sets the size of the cache in kilobytes. With this setting, the cache maxes out at 20 GB.

Maximum Package Size

The maximum package size is set by modifying the maximum_object_size parameter:

maximum_object_size 300000 KB

This sets the maximum package size at 300 MB. This value must be increased to handle larger packages.

Refresh Pattern

This parameter controls how long specific file types are stored in the cache, up to the limit set by the Maximum Cache Size parameter. After this limit is reached, older files are dropped regardless of the refresh pattern settings.

Refresh patterns are set using the file_filter, minimum, and maximum values in the refresh parameter:

refresh_pattern -i file_filter minimum 100% maximum override-expire

file_filter: regular expression specifying the file types affected by this refresh setting
minumim: minumim number of hours to keep a file on the caching server.
maximum: maximum number of hours to keep a file on the caching server.

The following refresh pattern keeps all files with an .rpm extension, regardless of case, for a minimum of 30 days (43200 hours), and a maximum of 300 days (432000 hours):

refresh_pattern -i .*\.(rpm|RPM) 43200 100% 432000 override-expire