Install Containerized SUSE Manager Proxy
Only SUSE Linux Enterprise Server 15 SP3 and newer are supported to be used as container host for SUSE Manager Proxy containers. |
1. Container Host Requirements
Hardware | Details | Recommendation |
---|---|---|
CPU |
Minimum 2 dedicated 64-bit CPU cores |
|
RAM |
Test Server |
Minimum 2 GB |
Production Server |
Minimum 8 GB |
|
Disk Space |
Minimum 100 GB |
2. Install Container Services on the host system
Container host used as a base for SUSE Manager Proxy containers needs to be first registered as a Salt client to the SUSE Manager Server. For more information about registering Salt client to the SUSE Manager Server, see client-configuration:registration-overview.adoc. |
|
SUSE Manager Proxy containers are using podman
and systemd
to run and manage all proxy containers.
First step is to install container control files provided by package uyuni-proxy-systemd-services
.
-
Assign
Containers Module
software channel to the container host in the SUSE Manager.For more information about assigning software channels to the system, see administration:channel-management.adoc.
-
Log in as
root
on the container host. -
Manually install SUSE Manager Proxy service package:
zypper install uyuni-proxy-systemd-services
3. Customize SUSE Manager Proxy configuration
SUSE Manager Proxy containers require some volumes to be mounted for long term storage. Paths on container host for those volumes are by default:
-
/var/lib/uyuni/proxy-squid-cache
-
/var/lib/uyuni/proxy-rhn-cache
-
/var/lib/uyuni/proxy-tftpboot
To modify location of those paths, edit /etc/sysconfig/uyuni-proxy-systemd-services.config
.
In this file it is possible to add custom arguments passed to podman container pod:
-
EXTRA_POD_ARGS=''
In this file it is possible to modify path where proxy configuration is expected, however modifying it is strongly discouraged:
-
CONFIG_DIR
=/etc/uyuni/proxy
4. Allow network access for provided services on container host firewall
SUSE Manager Proxy containers work as so called node-port service. This means proxy container pod shares container host network TCP and UDP port space. For this reason container host firewall must be configured to accept incoming traffic on ports used by SUSE Manager Proxy containers. Those ports are:
-
69/UDP - TFTP
-
80/TCP - HTTP
-
443/TCP - HTTPS
-
4505/TCP - Salt
-
4506/TCP - Salt
-
8022/TCP - SSH
Continue with setting up the installed SUSE Manager Proxy as a containers at proxy-container-setup.adoc.