Skip to content
This repository has been archived by the owner on Oct 3, 2020. It is now read-only.

simple setup

Jump to bottom
Christian Stankowic edited this page Dec 21, 2015 · 8 revisions

This page contains a simple example about the implementation of satprep.

#Scenario This example consists of the following hosts:

  • VMware ESXi host (myesx.localdomain.loc, 192.168.1.10, free license)
  • Spacewalk server (space.localdomain.loc, 192.168.1.20)
  • Icinga server (icinga.localdomain.loc, 192.158.1.30)
  • some client systems registered to Spacewalk (hostA and hostB)

This guide includes the installation and configuration of Spacewalk, VMware ESXi and Icinga to enable automatic creation of VM snapshots and downtimes. It also demonstrates how to use the particular scripts of the satprep toolkit. #Installation In accordance with the installation guide all required dependencies and packages are installed:

# yum install -y texlive-latex rhnlib libvirt-python python-{requests,unidecode}

The current satprep master is downloaded and installed under /opt/tools on the Spacewalk server:

# mkdir /opt/tools
# cd /opt/tools
# wget https://github.com/stdevel/satprep/archive/master.zip
# unzip master.zip
# mv satprep-master satprep
# cd satprep
# chmod +x *.py

Afterwards all required custom keys are created using the satprep_install_custominfos.py script:

$ /opt/tools/satprep/satprep_install_custominfos.py 
Satellite Username: admin
Satellite Password:
INFO:satprep_install_custominfos:successfully created/updated information key 'SYSTEM_OWNER'
INFO:satprep_install_custominfos:successfully created/updated information key 'SYSTEM_MONITORING'
...

#Configuration On the ESXi host a local role satprep is created, the following permissions are assigned:

  • Sessions
    • Validate sessions
  • Virtual machine
    • Interaction
      • Consolidate hard disks
    • Snapshot management
      • Create Snapshot
      • Remove Snapshot

Afterwards a local user su-satprep is created, the user is granted for access on the host level using the previously created role satprep.

On the Spacewalk server custom keys are assigned to the registered systems:

Variable Description Value
SYSTEM_OWNER System owner Max Mustermann
SYSTEM_MONITORING Flag for activated monitoring 1
SYSTEM_PROD Flag for productive host 1
SYSTEM_VIRT_SNAPSHOT Flag whether a VM snapshot should be created before maintenance 1

#First test As a first test a errata snapshot including conventional patches is created:

$ ./satprep_snapshot.py
Satellite Username: admin
Satellite Password:
...

Afterwards the maintenance is prepared. During this VM snapshots and monitoring downtimes are created:

$ ./satprep_prepare_maintenance.py errata-snapshot-report*.csv -u "http://icinga/icinga" -H "esx://myesx?no_verify=1"
Monitoring Username:
Monitoring Password:
INFO:satprep_prepare_maintenance:Scheduling downtime for host 'myHostA' (hours=2, comment=System maintenance scheduled by satprep)...
Virtualization Username:
Virtualization Password:
INFO:satprep_prepare_maintenance:Creating a snapshot ('20151603_satprep') for VM 'myHostA')...

Before patching the systems a verification log is created. This log includes information about created VM snapshots and downtimes. This log will be used later to pre-select the appropriate checkboxes in PDF reports. It is created automatically during the maintenance preparation. In case you're stumbling upon issues (e.g. errors while creating VM snapshots) you can re-create this verification log using the -V / --verify-only parameter:

$ ./satprep_prepare_maintenance.py errata-snapshot-report*.csv -u "http://icinga/icinga" -H "esx://myesx?no_verify=1" -V
Monitoring Username:
Monitoring Password:
INFO:satprep_prepare_maintenance:Scheduling downtime for host 'myHostA' (hours=2, comment=System maintenance scheduled by satprep)...
INFO:satprep_prepare_maintenance:Scheduling downtime for host 'myHostB' (hours=2, comment=System maintenance scheduled by satprep)...
Virtualization Username:
Virtualization Password:
INFO:satprep_prepare_maintenance:Creating a snapshot ('20151603_satprep') for VM 'myHostA')...
INFO:satprep_prepare_maintenance:Creating a snapshot ('20151603_satprep') for VM 'myHostB')...

Afterwards the system patches are installed using the Spacewalk UI or the system's shells:

myHostA # yum update -y
myHostB # yum update -y

After patching the systems another errata snapshot is created:

$ ./satprep/satprep_snapshot.py
Satellite Username: admin
Satellite Password:
...

Notice that afterwards two CSV reports have been created:

$ ls *.csv
errata-snapshot-report-localhost-20151603-2200.csv
errata-snapshot-report-localhost-20151603-2210.csv

Finally the difference reports are created:

$ ./satprep_diff.py errata-snapshot-report*.csv

Note that two PDF reports are stored under /tmp:

$ ls /tmp/*.pdf
hostA.pdf
hostB.pdf

To remove VM snapshots and scheduled downtimes the script satprep_prepare_maintenance.py is executed. One of the two snapshots is chosed:

$ ./satprep_prepare_maintenance.py errata-snapshot-report-localhost-20151603-2210.csv -u "http://icinga/icinga" -H "esx://myesx?no_verify=1" -T

#Additional steps To make entering login credentials for the Spacewalk, Icinga and the ESXi host obsolete you can create auth files:

# cd /opt/tools/satprep
# vi space.auth
admin
password
# vi myesx.auth
su-satprep
password
# vi icinga.auth
admin
password
# chmod 0600 *.auth

To assign these files to the hosts managed by Spacewalk the following custom keys are added:

Variable Description Value
SYSTEM_MONITORING_HOST Monitoring host http://icinga/icinga
SYSTEM_MONITORING_HOST_AUTH Auth file for monitoring host /opt/tools/satprep/icinga.auth
SYSTEM_VIRT_HOST Virtualization host esx://myesx?no_verify=1
SYSTEM_VIRT_HOST_AUTH Auth file for virtualization host /opt/tools/satprep/myesx.auth

For the satprep_snapshot.py script the -a / --authfile parameter is set to use the Spacewalk auth file:

$ cd /opt/tools
$ ./satprep_snapshot.py -a space.auth
...
Clone this wiki locally