Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

Red Hat Open-Sources RHN As "Spacewalk"

Comments Filter:
  • by suck_burners_rice (1258684) on Friday June 20, 2008 @11:44AM (#23874045)
    It's about time! Now every kind of GPLed software, from operating systems to yet another version of colorizing "ls" can provide a nifty "automatic updates" feature without too much extra work on the part of the developers.
    • Re: (Score:3, Insightful)

      by donaldm (919619)
      Automatic updates may be ok for the novice or the person who has no interest in knowing what is being updated until it is actually updated.

      The problem you have in the enterprise is the IT mangers need to know what is being updated and talk to the appropriate application people so they can get approval to do the actual update. In the majority of cases you are going to find a vendor who is not willing to support a particular update so you end up with a political mess on your hands.

      From the Redhat, Fedora
      • Re: (Score:3, Interesting)

        by Gazzonyx (982402)
        Yeah, it sounds silly until yum updates on a Thursday night, samba jumps up ten patch versions and twenty RHEL security patches and users can't access shares because your config has a setting that didn't cause any harm in the past, while blowing up the new samba version.

        True story. It wasn't anyones fault, it was just a disastrous intersection of code bases. Also, Johnny Hughes of the CentOS team, and a regular slashdotter, was nothing short of amazing for email support. I think I heard back from him
        • by Bandman (86149)

          You sound a lot like me, and my justification for moving away from Slack in the enterprise. We're almost all CentOS now, with some RHEL.

          The only difference is that, on my desktop, I use Ubuntu now. I can't get past Slack's (lack of good) package management. It was really frustrating, because I've used it since 1997 and I really liked it. No support for PAM and no networked package management did me in.

          • Good Points (Score:3, Interesting)

            by Gazzonyx (982402)
            Actually, I pushed for Slack at work, but it made my (MSCE trained) boss nervous; I had to give something up as compromise for them allowing me to run Linux... CentOS being RHEL was enough leverage to get it through. Ironically, I prototyped the Samba server using Slack because all I could get together, hardware wise, to mock something up was an old EMachine 600 MHz clunker with a 20Gb 5.25" Quantum Fireball drive. Slack is the only thing (other than BSD) that would run on it.

            At home, I'm a distro hopper
            • by Bandman (86149)

              64bit machines was another sticking point. The servers we started getting needed a derivative Slack source because there wasn't a native Patrick-released version.

  • Caveats (Score:2, Interesting)

    by mattmarlowe (694498)

    Note that their blog entry states that they still expect all real redhat customers to continue purchasing the satellite service from RedHat rather than using this newly released software which is targeted for Fedora primarily with some support for centos. That's a little painful as I know several small businesses that pay for direct redhat updates/support and could use a local satellite install, but just can't afford the pricing and must continue to deal with the clunky/slow rhn web interface.

    • by foobat (954034)

      From the spacewalk website

      "Spacewalk manages software content updates for Red Hat Enterprise Linux and other Linux distributions such as Fedora, CentOS, and Scientific Linux, within your firewall." http://www.redhat.com/spacewalk/ [redhat.com]

      • Re: (Score:3, Informative)

        by mattmarlowe (694498)

        Also from the website:

        Can I use Spacewalk to sync my entitlements for Red Hat Enterprise Linux and other Red Hat software products?

        No. At this time, in order to be able to connect to rhn.redhat.com and satellite-sync Red Hat software content, you will need the Satellite product with an active Satellite certificate.

        Now that Spacewalk is available, does this affect Satellite pricing?

        Basing the Satellite product on a free & open source project wil

  • GPLv2 (Score:2, Interesting)

    by dk90406 (797452)
    Interesting that the chose GPLv2 over the GPLv3. Does anyone have a educated guess to why?
  • Does it support LDAP and Kerberos? I used LDAP and Kerberos to replicate my updates using urpmi on Mandriva to keep all my updates syncronized on all my boxen for Application development. Kerberos is a must.

  • by bwhaley (410361) <[spam4ben] [at] [gmail.com]> on Friday June 20, 2008 @12:06PM (#23874323)

    I'm currently working towards on RHCA, which requires a series of 5 exams, one of which covers "systems management." In the Red Hat world, this means RHN Satellite, Xen, and a few other misc tricks of the trade (packaging RPMs, RHN proxy, etc). The rub is that I'm trying to do this without taking the courses associated with each exam. This is a huge challenge since there is very little official material to study from. I'm currently signed up for EX401, the systems management text, next week.

    I obtained an evaluation satellite license (they quoted around $13k/year as a retail cost) and a bunch of management, provisioning, and virtualization entitlements. I only have the course outline and the exam "prep guide", which is really just 20 or so bullets on what you need to know. I've done all my studying using Red Hat's Satellite documentation and the varoius Xen materials that are publicly available.

    Satellite is a really useful technology for large enterprises with a bunch of Red Hat/CentOS/Fedora servers. It's exactly like the rhn.redhat.com interface. You can create kickstart profiles, provision new systems, manage Xen guests, run system commands, deploy configuration files (centralized syslog.conf, anyone? common /etc/motd? hosts.allow/.deny? very useful.), run commands on a lot of hosts at once, and carefully control patches.

    I've got some beef with it. First, it's currently supported only on RHEL 4, not 5. RHEL5 has been out for about 15 months - what gives? Getting it set up and configured correctly has been very finicky. I still don't understand all the behind-the-scenes services. The jabber service that runs OSAD is a huge mystery to me. And God save you if you try to change your hostname - getting that SSL cert to match again has been a nightmare.

    Some of this is certainly my own lack of knowledge. There's a useful, active mailing list that I see the developers participate in. I'm sure support is excellent as well. I've been mostly impressed with the documentation, but I don't need to see screenshots of every piece of the web interface. Tell me WTF that jabber process does! How can I get OSAD working properly? Plus, the docs can be pretty spread out and tough to find. I wasn't even aware of the mailing list until I read the README that's buried in the Satellite ISO.

    All-in-all, a cool product, but perhaps not useful for organizations with 50 servers or so.

    • by antirelic (1030688) on Friday June 20, 2008 @12:31PM (#23874679) Journal

      This is part of the Red Hat enterprise experience, which in my humble opinion is not that great of an experience. I have used the RHN in the past, and I have been completely underwhelmed by the outdated up2date style gui's (which tend to freeze) and lack of really comprehensive command line support.

      On top of that, your not really getting what you pay for over all. Sure, in corporate world you have a blame line and someone to go back to at least as far as distribution and configuration goes, but RHN is not "far superior" to current 'apt' and 'yum' type solutions that are available to the rest of the "free world". Any given day, I would trade off RHN interface for package management for those managers available on a (brace yourself) Ubuntu desktop.

      Also, if your concerned about the "security' aspect of updating your enteprise from a public source (which is ridiculous in this day and age, just keep off the cutting edge and your fine) you can always create your own "yum" and "apt" repositories for a fraction of the price (price only implies hardware, bandwidth, and maintenance) of RHN.

      On a "btw" I have never been in an environment where I needed to run the "same command" at exactly the "same time" on a variety of different servers. Of course... nothing says lovin like writing a perl script that has a "central server with distributed SSH key" that can "fork" processes off to the background and do a routine on multiple boxes for sans fee....

      So why buy RHN again?

      • Re: (Score:1, Informative)

        by Anonymous Coward

        Red Hat Network (RHN) and Red Hat Network Satellite Server (RHN SS) are dramatically different products. RHN is a hosted solution that only lets you manage updating your systems, RHN SS lets you do provisioning via kickstart, system updating, configuration file management (with multiple levels of overriding configuration channels, including system-only channels), custom package channels and child channels, system grouping, creation and management of multiple organizations, etc. etc..

        Apt/update/yum/emerge/et

      • Re: (Score:1, Informative)

        by Anonymous Coward

        This is part of the Red Hat enterprise experience, which in my humble opinion is not that great of an experience. I have used the RHN in the past, and I have been completely underwhelmed by the outdated up2date style gui's (which tend to freeze) and lack of really comprehensive command line support.

        I've never used the GUI stuff, but I've been using the command line for years and never had a problem (supporting 40 or so servers) with it until RHEL5 stupidly adopted yum. What, exactly, is it that you can't do from the command line?

      • Re: (Score:2, Informative)

        by Anonymous Coward

        Your experiences seems old.

        You used only RHN Hosted and not RHN Satellite. TFA is about RHN Satellite. Also, you do not 'Buy RHN' when using RHN Hosted, as it comes FoC with your Red Hat subscription.

        RHN satellite can run completely disconnected from any network. You can stay like this or open maintenance windows to temporary connect to RHN Hosted to sync updates. If you choose to stay completely disconnected from the internet, Red Hat will send you updates on optical media, you can still patch your servers

    • After 4 years of satellite management, I can say the following:

      The configuration channels suck so much in practice that we are developing our own internal solution to replace it.

      The RHEL5 support is a mystery to me as well, it might be related to the issues encountered running the Sat inside a xen guest. I need to check with my TAM, but the last official message I had was "not supported".

      I'm in the process of migrating from Sat 5.0 to Sat 5.1, to take advantage of the sub-org delegation. That was one of the biggest pains in the previous versions as my customer is split into 20-ish independent entities and I get to manage the satellite that maintains them all. After the migration, I fully intend to just maintain the channel staging, the common custom packages and the kickstart templates. I will delegate the actual kickstart part to the sysadmins without having to give them complete control over all the machines of the site.

      I am also very excited by the new RHN API, maybe I will finally be able to fully automate the errata management with automated regression testing for our supported use cases. As it stands now, the errata staging consumes most of my work week...

      Hint: OSAD is used to push updates or commands to the client from the satellite. The clients subscribe to a jabber channel and do what the satellite tells them to. Chances are the old hostname is still in the jabber configuration file... happened to me during the Sat5 upgrade.

      • Re: (Score:3, Interesting)

        by bwhaley (410361)

        Hint: OSAD is used to push updates or commands to the client from the satellite. The clients subscribe to a jabber channel and do what the satellite tells them to. Chances are the old hostname is still in the jabber configuration file... happened to me during the Sat5 upgrade.
        Thanks. I get the purpose of OSAD, but all I see is errors in the client and server OSAD logs that are completely useless, even with debugging set to high values. I'm pretty sure it's an SSL cert error.

      • Re: (Score:2, Interesting)

        by sirrmt (971078)
        I quite like the configuration channels, but I tend to find that their tools are lacking. The official API is not feature complete, and I've been forced to hack together my own clients for configuration file management to allow nice, orderly, uploading and centralised revision control..

        In my organisation, we also have multiple environments (dev, test, prod) and need to migrate config channels between them. I also had to hack together a way to automatically upload config files to the override channel for

    • by nologin (256407) on Friday June 20, 2008 @12:39PM (#23874797) Homepage

      Hmm, I've worked with RHN satellite quite a bit, and it does have some nice features. My biggest complaint about it is that the interface isn't intuitive as it should be; if you need to find things, some of them are hidden well enough so you have to memorize stuff...

      But to answer your question about OSAD, the RHN satellite server uses this to automatically push instructions to its clients. Without OSAD, the only way that the client verifies that it has tasks to do is through a script called rhn-check. That runs periodically via crontab on the managed system; it initiates a connection to the satellite server and executes any tasks that are listed in its scheduled tasks. If you want to change how often the system checks in with the satellite server, just change the timing on rhn-check in the crontab.

      The OSAD service is a tool that allows you to automatically push changes from the satellite server to the managed systems immediately. You run the osad service on the managed system and the osa-dispatcher service on the satellite server and once you use the webUI on the satellite server to do something (like upgrade a package for example), the managed system will update immediately, rather than wait for the next check in (rhn-check) to run on the managed system. A gross simplification of what OSAD does is that it performs actions in real time, rather than on a regular scheduled check-in basis.

    • by gladish (982899)
      I've seen more and more of this "provisioning" talk lately, and when you really get down to it people mean they want one image (same kernel/config files, etc) on all machines. My first question is "Whatever happened to net booting?
      • Re: (Score:3, Insightful)

        by Wdomburg (141264)

        Net booting is only one aspect of provisioning. What about tracking (servers, virtual machines, assets, images, configs, etc)? Or adding hosts to DNS and DHCP configs? Or keeping machines synced after the initial install? Or password and user management?

    • Novell's Zenworks Linux Management pisses on RHN from a lofty perch. The cost of it also makes RHN look bad.
    • Re: (Score:1, Informative)

      by Anonymous Coward

      Satellite requires an embedded oracle database. That database is only supported on RHEL 4. As for config management I would recommend puppet, http://reductivelabs.com/trac/puppet.

      The greatest value of Satellite is the ability to control which updates will be applied to which server. With yum it is very difficult to do this.

      • Re: (Score:3, Informative)

        by bwhaley (410361)

        False. Satellite supports an external database as well. I suspect the lack of RHEL5 support is due to package incompatibilities.

    • Re: (Score:3, Informative)

      We've been using it for a couple of years now, and I've even taken the class on it. Everyone's gripes here are quite true. I've got three gripes with it. One: the Monitoring module [redhat.com], uses an internal package RedHat bought called NOCPulse. I've got auditing running on our machine and I found that gogo.pl, a piece of NOCPulse, opens /etc/shadow in read/write mode hundreds of times a day. The kicker, is that it's non-obvious from the source code where or how it's doing this, or even why. We've threatened

      • by xsuchy (963813)

        I've got auditing running on our machine and I found that gogo.pl, a piece of NOCPulse, opens /etc/shadow in read/write mode hundreds of times a day. The kicker, is that it's non-obvious from the source code where or how it's doing this, or even why. We've threatened to un-pay for Monitoring unless it gets fixed and now.

        I searched the code and there is really no obvious point where /etc/passwd is open for writing. But I neither can find any reported Bugzilla. Did you report it? Can you point me to Bugzilla number, where I can find additional information about this? Then I can probably fix it.

  • Why use RHN when yum works very well?

    • Re: (Score:2, Informative)

      by Anonymous Coward

      Because YUM doesn't track assets such as activation keys (for RHEL Products) nor does YUM by itself allow you to install a package on multiple systems at the same time without some type of frontend (like Spacewalk for instance).

      I realize this is slashdot, where no one RTFAs before spouting off with an uninformed troll such as yours, but damn, even just a cursory glance of the wiki at the provided link would have answered your question.

      • by kiehlster (844523)
        This is also where no one RTFMs before building or installing anything, so everyone lives on a "Oh, I didn't know that could do that" basis or a "What does this button do" basis.
  • Kudos! (Score:5, Interesting)

    by giminy (94188) on Friday June 20, 2008 @01:13PM (#23875351) Homepage Journal

    I used to be a red hat satellite administrator. There were quite a few bugs in the system that prevented me from doing the things with the network that I would have liked (centralized configuration file management, custom package deployment issues). It took Red Hat about a year and a half to solve each of the bugs, from the time I submitted them to the bug tracker to the time that a patch came out. I'm somewhat competent with Java, and do believe that I could have fixed the problems myself. I was beginning to get a bit frustrated with Red Hat due to the little bugs that cropped up in the server, and the slowness to respond. I understand that software development and testing cycles are tough, but I kind of felt like, for the money (about $15k per year), a quicker fix was in order.

    I also recognize that it's a tough decision for them to open source this thing which raises a lot of money for them. No doubt this will spawn some real service competition for Red Hat, as other companies will able to easily implement their own RedHat-derived operating system complete with a centralized management system. It does fix my "using open source software to sell a closed source service" gripe. It's definitely a brave move, so kudos to them.

  • Oracle? Doh! (Score:4, Interesting)

    by nfsilkey (652484) on Friday June 20, 2008 @01:34PM (#23875709) Homepage

    Too bad it requires Oracle. Im already jumping from RHEL to CentOS to cut operations costs given my broke higher-ed shop. Hopefully the project's codebase will mature to allow for a db backend which doesnt require me to pump a lot of cash I dont have to Papa Ellison in Redwood City.

  • This is great. First the patent protection paid for out of their pockets, now this.

  • Landscape (Score:3, Interesting)

    by sciurus0 (894908) on Friday June 20, 2008 @02:07PM (#23876253)
    I wonder if this will push Canonical to release a version of Landscape [canonical.com], their equivalent service for Ubuntu, as free software. Currently Landscape is hosted by Canonical and costs $150 per node.
    • by Ashcrow (469400)

      Hopefully. I'm sure it will put pressure on them to do so ... if they do the right thing or not is up to them. I personally think in this specific space it has been easy for open source companies to keep this software closed. Now that one of the bigger FLOSS companies decided enough was enough it would be great to see some competition with other FLOSS software.

      Though honestly I don't think it will make Canonical release a FLOSS version of Landscape, at least not any time soon. Take a look at https://bugs.la [launchpad.net]

  • Verbification weirds the language.

Often statistics are used as a drunken man uses lampposts -- for support rather than illumination.

Working...