[rhn-users] RHN Proxy Server

Todd Warner taw at redhat.com
Fri Nov 5 05:04:44 UTC 2004 

On Thu, 4 Nov 2004, Jonathan Fischer wrote:

> I need to migrate our current installation of the RHN Proxy (not
> Satellite) Server onto a different machine than the one I have it on
> now.  Does anyone know if there's a graceful way to do that, or is it
> best just to install it new and re-register all the machines I currently
> have pointing to it?
> 
> Jonathan

Jonathan,

The pleasant thing about the RHN Proxy is that clients merely pass
*through* it. I.e., you can swap out your RHN Proxy, and as long as you
are using the same SSL keys and certs and the same hostname that the
clients expect, you are fine.

Now, if you want to install a whole new RHN Proxy onto a different
machine than the one you have, consider disabling the current RHN Proxy
on the web site, then building out a new RHN Proxy in parallel on the
new box.

If you had custom packages, copy those over to the new machine: probably
in /var/up2date/packages or some such.

On this new RHN Proxy, don't create another set of SSL keys and certs.
Copy /var/pub/<ssl stuff> over from the old machine to the new. Copy
over /etc/syconfig/rhn/ssl over from the old machine to the new. Install
the server-side SSL key and cert:
/etc/sysconfig/rhn/ssl/rhn-org-httpd-ssl-key-pair-MACHINENAME-...noarch.rpm.
And then "service httpd restart". That RPM name may be different,
dependent on which RHN Proxy you had.

Once that is all complete, I would reconfigure DHCP to simply migrate
the hostname so as to be linked to the MAC address of that new RHN
Proxy. If you do that, nothing at all needs to change on the RHN
clients.

If you are going with a new hostname, I would write a shell+sed script
to substitute OLD_HOSTNAME with NEW_HOSTNAME in
/etc/sysconfig/rhn/up2date (and rhn_register on RHEL 2.1 machines) on
all the machines. And then deploy them one at a time to all the machines
using something like...

cat substitution.sh | ssh root@<client-hostname> /bin/bash

Hope this helps.

-- 
____________
 /odd Warner                                    <taw@{redhat,pobox}.com>
             Geek Herder - QA/Sust-Eng/Rel-Eng - Red Hat Network
---------------------gpg info in the message headers--------------------
"When the going gets tough, you're halfway through a cliche" -Greg Dean(?)

More information about the rhn-users mailing list