Environment
Novell ZENworks Linux Management Linux Management 7 - ZLM7
Situation
ZENWorks Linux Management 7 is a rich management platform that provides the capability to manage Linux across your enterprise – supporting both SUSE and RedHat distributions. In this paper we will discuss how you can use ZLM 7 to provide package updates to your SLED10 or SLES10 environment – providing a centralized way for administrators to determine what updates they want consumed across their enterprises. Please note that ZLM 7 currently only supports subscription and updates of code 10 boxes. There is no capability to currently schedule updates centrally – other than providing a catalog for the users. This scheduling functionality – along with policy, inventory, imaging, and remote control will all be provided in a future release of ZLM.
Resolution
Overview – steps for getting updates
In order to update SLED / SLES boxes the updates must be obtained from Novell. These updates and the right to use these is dependent on the current status of the subscription for Linux. Updates are only available to valid customers of Novell – subscriptions must be current and updated to continue to receive updates. These updates are now managed and distributed via the Novell Customer Center – this will be introduced and discussed in more detail in the subsequent sections. If a user has a current subscription managed on the Novell Customer Center they can then configure zlmmirror – the included mirror utility for ZLM – to download updates. These updates can then be managed and distributed across the enterprise. The steps for configuring this and for providing these updates are discussed below.
Novell Customer Center and Updates
Novell Customer is the evolution of update.novell.com and provides the foundation for users to manage their Linux licenses and updates with Novell. This site provides the interface for registration, maintaining and updating licenses, and retrieving updates. Users will need to register at least one machine with the Novell Customer Center in order to generate the username and password required for zlmmirror to access updates. To get to the Novell Customer Center go to the following URL:
https://www.novell.com/center
If using ZLM 7.2, make sure the agents have the ZLM 7.2 agent installed.
To install the ZLM 7.2 agent on the managed devices, follow this link:
https://www.novell.com/documentation/zlm72/lm7install/data/bx5ait1.html#bvbghtn
This link talks about automating the install of the ZLM agent.
https://www.novell.com/documentation/zlm72/lm7install/data/b45k6d5.html#b45k6d5
Configuring
zlmmirror
For complete
details on configuring zlmmirror refer to the documentation under
ZENworks 7 | ZENworks Linux Management. For the purposes of this
document a summary of steps will be provided for the required
configuration.
Zlmmirror is a
command line utility that receives its configuration from an XML
configuration file. In order to connect to get updates the file
needs to be modified with the following information.
From the Novell
Customer Center for updates from Novell
User name – see
comment below
Password – see
comment below
URL of the Update
Service – "https://update.novell.com/data”
Type of Update
Server – "rce”
Name of the
catalog – "SLED10-Updates”
or "SLES10-Updates”
The user name and
passwords for the Novell updates are generated by registering a
device with the Novell Customer Center. The way to get these is to
find a client machine that is already registered with Novell
Customer Center. Make note of the deviceid and secret files
(they'll either be in /etc/zmd or/etc/opt/novell/zenworks/zmd/).
Device ID = User
name
Secret =
Password
From
the Local ZLM system
User name and
Password – whatever these are for the ZLM administration
Server type –"zlm”
Local name of
catalog – typically the same as the remote server
A Sample
Configuration File of the proper configuration of this is included
below:
Launching
zlmmirror
Once the zlmmirror.conf
file is configured correctly and a valid subscription is
obtained launch zlmirror and
begin to receive updates. This is done with the following
command on the ZLM server.
3339684: How to load the base SLE 10 packages into ZLM 7
The script from this TID loads the full FCS distribution into one bundle.
Add the bundle into a catalog and then assign the catalog to the device(s) or device folder so the device can resolve dependencies.
The catalog can be set to hidden so users with SLED workstations don't even know it's there but can use it for updates.
Distributing
the Updates
Server
Configuration
Once the
updates are on the local server a ZLM 7.0 server must be configured
to serve the packages to code 10. This is not needed for ZLM
7.2 The distribution was unkown to ZLM7.0 when it shipped so
the distribution will need to be added to the server. Once it
is known you need to prepare the server to receive the requests
from Code 10 devices – this requires configuring the target
platforms and prepping the server to receive the requests from the
included code 10 client. Once completed all that is left is
to configure the clients themselves for updates and then have them
begin to receive the updates. Each of these steps is outlined
in more detail below.
Adding
support for the Distibution for ZLM 7.0. (not needed for ZLM
7.2)
To add
support for code 10 you need to launch the ZENworks Control
Center (ZCC) and then select the "Configuration” tab and select"Platforms” under the Zone Settings. Please Note that you
will need to do this for every Zone that you want to run code 10
platforms in.
Under the "Custom Target” section select "Add” and select "NLD 9” to copy the target platform settings.
Edit the "Add Platform " dialogue to look like the following – this will provide support for SLED 10 for ZLM 7.0 only. Not needed for ZLM 7.2
After clicking"OK” you should see the following as the custom target.
Client Configuration
Adding the service to the SLED/SLES
Now that the distribution has been added before you can register the embedded client with the server you need to configure the following for any devices that will connect to the ZLM server.
Turn off requirement for verified certs
This is required for most demo systems as few if any of you are using verfied certificates for HTTPS.
Open a terminal session and use the following RUG command:
rug set require-verified-certs false
Add the service
The service can be added in the GUI or in a terminal window. Below is the RUG command to add it in a terminal window.