Register on the Command Line (Salt)

Instead of the Web UI, you can use the command line to register a Salt client. This procedure requires that you have installed the Salt package on the Salt client before registration. For SLE 12 based clients, you also must have activated the Advanced Systems Management module.

Registring on the command line is also possible with traditional clients, but it requires more steps. It is not covered here. Use the bootstrap script procedure to register traditional clients. For more information, see registration-bootstrap.adoc.
Procedure: Registering Clients Using the Command Line

  1. Choose a client configuration file located at:

    /etc/salt/minion

    or:

    /etc/salt/minion.d/NAME.conf

    This is sometimes also called a minion file.

  2. Add the Uyuni Server or Proxy FQDN as the master, and the activation key, to the client configuration file:

    master: SERVER.EXAMPLE.COM
server_id_use_src: adler32
enable_legacy_startup_events: False
enable_fqdns_grains: False
grains:
  susemanager:
    activation-key: "<Activation_Key_Name>"

  3. Restart the salt-minion service:

    systemctl restart salt-minion

  4. On the Uyuni Server, accept the new client key; replace <client> with the name of your client:

    salt-key -a '<client>'

SLES 11 SSL errors

SLES 11 clients can sometimes have SSL errors which make some operations unusable, including package management and bootstrapping. In this case, you will see an error like this:

Repository 'SLES11-SP4-SUSE-Manager-Tools x86_64' is invalid.
[|] Valid metadata not found at specified URL(s)
Please check if the URIs defined for this repository are pointing to a valid repository.
Skipping repository 'SLES11-SP4-SUSE-Manager-Tools x86_64' because of the above error.
Download (curl) error for 'www.example.com':
Error code: Unrecognized error
Error message: error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version

This occurs because Apache requires TLS v1.2, but older versions of SLES do not support this version of the TLS protocol. To fix this error, you need to force Apache to accept a greater range of protocol versions. Open the /etc/apache2/ssl-global.conf configuration file, locate the SSLProtocol line, and update it to read:

SSLProtocol all -SSLv2 -SSLv3

This will need to be done manually on the server, and with a Salt state on the Proxy. Restart the apache service on each system after making the changes.