1 Introduction

This document describes SUSE recommended best practices for Uyuni. This information has been collected from a large number of successful Uyuni real world implementations and includes feedback provided by product management, sales and engineering.

Note: Uyuni Version Information

In this manual if not other specified, Uyuni version 3.2 is assumed and this version is required if a feature is discussed. Uyuni 3.2 and Uyuni 3.2 Proxy were originally released as a SLES 12 SP3 extension. Whenever features of the Uyuni3.2 host operating system are documented and not other specified version 12 SP3 is assumed.

This chapter will discuss the following topics:

Purchased Registration Keys. During initial setup Uyuni will request a product Registration Key. This key will be provided to you after purchasing the product. You can find your key located under your SUSE Customer Center account. Log-in with your SUSE Customer Center credentials or register for a new account. -https://scc.suse.com

Evaluation Keys. If you wish to run a test system (non-production) a 60 day evaluation key may be obtained. On the Uyuni product page click TRY SUSE MANAGER. The evaluation key limits the number of systems that may be registered with SUSE Manager to 10. For more information see:

SCC Organization Credentials. During setup you will also be asked to enter your SUSE Customer Center Organization Credentials.

Users and Passwords. During both the SUSE Linux Enterprise installation and setup of Uyuni several users and passwords will be created:

Tip: Safe Passwords

Maintain security by creating safe passwords. Store passwords within a secure location. Use the following guidelines when creating your passwords.

• At least 8 characters long

• Should contain uppercase characters A B C

• Should contain lowercase characters a b c

• Should contain numbers 1 2 3

• Should contain symbols ~ ! @ #

Uyuni and SUSE Manager Proxy both contact several external addresses in order to maintain updates and subscriptions. The following lists provide the up-to-date hostnames for each service requiring permission when used in combination with corporate firewall and content filters.

For Uyuni to function properly it requires the following pre-configured components within your network.

Important: Websocket Support

If SUSE Manager is accessed via an HTTP proxy (Squid, etc) the proxy must support websocket connections.

Networking Hardware. The following table provides networking hardware info. As Uyuni will likely be managing a large number of systems (quite possibly numbering in hundreds or even thousands), networking hardware that increases bandwidth becomes increasingly more valuable.

DHCP Server. The purpose of the Dynamic Host Configuration Protocol (DHCP) is to assign network settings centrally (from a server) rather than configuring them locally on each and every workstation. A host configured to use DHCP does not have control over its own static address. It is enabled to configure itself completely and automatically according to directions from the server. A DHCP server supplies not only the IP address and the netmask, but also the host name, domain name, gateway, and name server addresses for the client to use. For more information on configuring DHCP see also:

FQDN (Fully Qualified Domain Name). DNS assists in assigning an IP address to one or more names and assigning a name to an IP address. In Linux, this conversion is usually carried out by a special type of software known as bind. The machine that takes care of this conversion is called a name server. The names make up a hierarchical system in which each name component is separated by a period. The name hierarchy is, however, independent of the IP address hierarchy described above. Consider a complete name, such as jupiter.example.com, written in the format hostname.domain. A full name, referred to as a fully qualified domain name (FQDN), consists of a host name and a domain name (example.com). For more information on configuring a name server see also:

DNS (Dynamic Name System) Server. A DNS Server is required for resolving domain names and host names into IP addresses. For example, the IP address 192.168.2.100 could be assigned to the host name jupiter. In the case of Uyuni the DNS server must be resolvable both via DNS and reverse lookup. For more information on configuring DNS see also:

Important: Microsoft NT Lan Manager Compatibility

Microsoft NT Lan Manager can be configured for use with basic authentication and will work with Uyuni but authentication using native (NTLM) Microsoft protocols is not supported.

Open Port List. During the setup process of Uyuni all required ports will be opened automatically. The following tables provide you with an overview of ports which are used by Uyuni.

For more information, see Port Listing.

Tip: Denying External Network Access

When your network requires denying external network access to and from Uyuni, an RMT or SMT Server may be registered against Uyuni. The RMT or SMT server can then be used to synchronize the necessary SUSE repositories. For more information on utilizing an RMT or SMT Server, see: Section 2.2, “Disconnected Setup with RMT or SMT (DMZ)”.

Note: Blocking Port 80

Port 80 may be blocked as traffic is automatically redirected through port 443. It should be noted you will lose redirection. Keep in mind you will need additional ports open when using traditional clients in combination with osad (XMPP TCP 5222).

This section provides tested production recommendations for small to mid size networks that will be managed by Uyuni.

Advised Number of CPUs. Review the following list for CPU recommendations.

Disk Space. Uyuni stores information in several directories. For these directories it is strongly recommend that you create separate file-systems or use an NFS share. During installation one VG will be created that contains all disks selected during installation. Therefore the first disk should be large enough to contain the OS. Normally 20GB - 50GB is sufficient. A 50 GB partition would be the recommended size. The following directories should be created on a separate file-system.

Supported Databases. Uyuni 3 and later no longer provides support for an external Oracle database. The default database is an embedded PostgreSQL. During Uyuni setup the database will be created and configured.