How to Install Spacewalker RHN Sattelite + PostgresSQL on Centos 6.3

I have got a few test machines running different Linux distributions. All these installations want updates and a network installation source. While it’s possible to just use the repositories on the Internet, it’s a waste of bandwidth.

I decided to install Spacewalk, the open source project sponsored by Red Hat on which the commercial Red Hat Network Satellite Server is based, to mirror the repositories I require and to later also enable management functions for my server.

The base for this is a minimal CentOS 6.3 x86_64 installation, but of course Red Hat Enterprise Linux Server 6 will also work.

Prerequisites :

yum update

rpm -Uvh http://spacewalk.redhat.com/yum/latest/RHEL/6/x86_64/spacewalk-repo-1.7-5.el6.noarch.rpm
yum install yum-plugin-priorities
rpm -Uvh http://www.jpackage.org/jpackage50.repo
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
rpm -Uvh http://spacewalk.redhat.com/yum/1.7-client/RHEL/6/x86_64/spacewalk-client-repo-1.7-5.el6.noarch.rpm

Install PostgresSQL

yum clean all
yum install postgresql postgresql-contrib postgresql-devel postgresql-server
chkconfig postgresql on
service postgresql initdb
service postgresql start
su - postgres -c 'PGPASSWORD=spacepw; createdb spacedb ; createlang plpgsql spacedb ; yes $PGPASSWORD | createuser -P -sDR spaceuser'

Adjust postgres config 

vim /var/lib/pgsql/data/pg_hba.conf

Adjust the bottom to resemble :

# TYPE DATABASE USER CIDR-ADDRESS METHOD
# local spacewalk info
local spacedb spaceuser md5
host spacedb spaceuser 127.0.0.1/8 md5
host spacedb spaceuser ::1/128 md5
local spacedb postgres ident
# "local" is for Unix domain socket connections only
local all all ident
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident

Install SPACEWALK

service postgresql reload
yum install spacewalk-postgresql
spacewalk-setup --disconnected
chkconfig osa-dispatcher on
service osa-dispatcher start

NOTES :
You should be done right ? Not so fast. Here are some notes to deal with issues that came up with the install.

After creating channels and syncing repos, and subscribing a few hosts, I could not schedule updates to hosts. The logs complained about a priority constraint in the db. After snooping around some of the tables, here is the ‘patch’. If you have another way to resolve this, please leave a comment.

psql spacedb spaceuser
ALTER TABLE qrtz_fired_triggers ALTER COLUMN priority SET DEFAULT 10;

Configure SPACEWALK

cat > answers.txt << EOF 
admin-email = root@spacewalk.fite.cat 
ssl-set-org = Spacewalk Org 
ssl-set-org-unit = spacewalk 
ssl-set-city = Barcelona 
ssl-set-state = Catalonia 
ssl-set-country = AD 
ssl-password = spacewd 
ssl-set-email = root@spacewalk.fite.cat 
ssl-config-sslvhost = Y 
db-backend=postgresql 
db-name=spaceschema 
db-user=spaceuser 
db-password=spacepw 
db-host=localhost 
db-port=5432 
enable-tftp=Y 
EOF
spacewalk-setup --disconnected --answer-file=answers.txt

Add IPTABLES RULES

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT 
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT 
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 5222 -j ACCEPT 
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 5269 -j ACCEPT 
iptables -A INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT 
service iptables save

Create Default Channels for Spacewalk

spacewalk-common-channels -v -u admin -p redhat -a x86_64 -k unlimited 'centos6*' 
spacewalk-common-channels -v -u admin -p redhat -a x86_64 -k unlimited 'fedora16*' 
spacewalk-common-channels -v -u admin -p redhat -a x86_64 -k unlimited 'epel6' 
spacewalk-common-channels -v -u admin -p redhat -a x86_64 -k unlimited 'spacewalk17-client-centos6' 'spacewalk17-client-fedora16'

Sync Channels

spacewalk-repo-sync -c <channel label> for i in $(spacewalk-report channels | awk 'BEGIN { FS = "," } ; { print $1 }' | grep -v channel_label); do spacewalk-repo-sync -c $i;

Install osa-dispatcher

yum install osa-dispatcher 
chkconfig osa-dispatcher on 
service osa-dispatcher start

Client Setup 

rpm -Uvh http://spacewalk.redhat.com/yum/1.7/RHEL/6/x86_64/spacewalk-client-repo-1.7-5.el6.noarch.rpm
yum install rhncfg* rhnmd rhn-; 
yum install osad

Change osa_ssl_cert in /etc/sysconfig/rhn/osad.conf to:

osa_ssl_cert = /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT

If you haven’t already, download the trusted cert to your client

cd /usr/share/rhn/ 
wget http://space.fccn.pt/pub/RHN-ORG-TRUSTED-SSL-CERT
service osad start
chkconfig osad on

Congratulations! The Spacewalk installation is completed! Just visit the Spacewalk website once to create the administrator login.