A step-by-Step Guide to Installing Spacewalk on CentOS 7

It would appear that during an upgrade of my blog at some point over the past year, I have managed to wipe out the original how to guide to installing Spacewalk on CentOS 7, so here we go again.

A step-by-step guide to installing Spacewalk on CentOS 7.  Just in case you weren’t aware Spacewalk is the upstream project for Red Hat Satellite Server.

Assumptions

  • You know the basic idea behind Spacewalk, if not see here
  • You have a vanilla VM with CentOS 7.2 installed which was deployed as a “minimal” installation
  • You have subsequently run an update to make sure you have the latest patches
  • You have root access or equivalent via sudo
  • You have got vim installed (if not run the following command should fix that)
    yum install vim -y
  • The machine you intend to install Spacewalk onto has access to the internet

Preparation

Firstly, we need to install and/or create the necessary YUM repo files that will be used to install Spacewalk directly from the Spacewalk official yum repository and all it’s associated dependencies.

  1. Run the following command as root on your spacewalk VM
    rpm -Uvh http://yum.spacewalkproject.org/2.5/RHEL/7/x86_64/spacewalk-repo-2.5-3.el7.noarch.rpm
  2. You then need to manually configure another yum repository for JPackage which is a dependency for Spacewalk, by running the following (you will need to be the root user to do this);
    sudo -i
    cat > /etc/yum.repos.d/jpackage-generic.repo << EOF
    [jpackage-generic]
    name=JPackage generic
    baseurl=ftp://ftp.rediris.es/mirror/jpackage/5.0/generic/free/
    enabled=1
    gpgcheck=1
    gpgkey=http://www.jpackage.org/jpackage.asc
    EOF
  3. And then we also need to install the EPEL yum repository configuration for CentOS 7;
    rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Installation: Embedded Database

Spacewalk utilises a database back end to store the required information about your environment.  The two options are PostgreSQL and Oracle.  Neither would be my preference but I always opt for the lesser of two evils – PostgreSQL.

The installation is a piece of cake, and can be performed by issuing the following command at the command line;

yum install spacewalk-setup-postgresql -y

During the process you should be prompted to accept the Spacewalk GPG key. You will need to enter “y” to accept!

Installation: Spacewalk

Now things have been made pretty easy for you so far.  And we wont stop now.  To install all of the required packages for spacewalk just run the following;

yum install spacewalk-postgresql

And let it download everything you need.  In all (at the time of writing) there were 379 packages totalling 563M.

Again you will likely be prompted to import the Fedora EPEL (7) GPG key.  This is necessary so just type “y” and give that Enter key a gentle tap.

And.. you will also be prompted to import the JPackage Project GPG key.  Same process as above – “y” followed by Enter.

During the installation you will see a lot of text scrolling up the screen.  This will be a mix of general package installation output from yum and some commands that the RPM package will initiate to set and define such things as SELinux contexts.

The key thing is you should see right at the end “Complete!”.  You know you are in a good place at this point.

Security: Setting up the firewall rules

CentOS 7 and (for that matter) Red Hat Enterprise Linux 7 ship with firewalld  as standard.  Now I’m not complete sure of firewalld but I’m sticking with it, but should you decide you want to use iptables (and you have taken steps to make sure it is enabled), then I have provided the firewall rules required for both;

firewalld

firewall-cmd --zone=public --add-service=http
firewall-cmd --zone=public --add-service=http --permanent
firewall-cmd --zone=public --add-service=https
firewall-cmd --zone=public --add-service=https --permanent

Note.  Make sure you have double dashes/hyphens if you copy and paste as I have seen the pasted text only using a single hyphen.

Skip to section after iptables if you have applied the above configuration!

iptables

Now as iptables can be configured in all manor or ways, I’m just going to provide the basics, if your set-up is typically more customised than the default, then you probably don’t need me telling you how to setup iptables.

I will just make one assumption though.  That the default INPUT policy is set to DROP and than you do not have any DROP, REJECT lines at the end of your INPUT chain.

iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT

And don’t forget to save your firewall rules;

# service iptables save

Configuring Spacewalk

Right then, still with me?  Awesome, so lets continue with getting Spacewalk up and running.  At this point there is one fundamental thing you need…

You must have a resolvable Fully Qualified Domain Name (FQDN).  For my installation I have fudged it and added the FQDN to the host file, as I intend to build the rest of my new lab environment using Spacewalk.

So assuming you have followed everything above we can now simply run the following;

spacewalk-setup

Note.  The above assumes you have the embedded PostgreSQL database and not a remote DB, or the Oracle DB option.  Just saying.

So you should see something like the following (it may take quite some time for many of the tasks to be completed so bare with it);

[root@spacewalk ~]# spacewalk-setup
* Setting up SELinux..
** Database: Setting up database connection for PostgreSQL backend.
** Database: Installing the database:
** Database: This is a long process that is logged in:
** Database:   /var/log/rhn/install_db.log
*** Progress: ###
** Database: Installation complete.
** Database: Populating database.
*** Progress: ###########################
* Configuring tomcat.
* Setting up users and groups.
** GPG: Initializing GPG and importing key.
** GPG: Creating /root/.gnupg directory
You must enter an email address.
Admin Email Address? toby@lab.tobyhewood.com
* Performing initial configuration.
* Configuring apache SSL virtual host.
Should setup configure apache's default ssl server for you (saves original ssl.conf) [Y]? 
** /etc/httpd/conf.d/ssl.conf has been backed up to ssl.conf-swsave
* Configuring jabberd.
* Creating SSL certificates.
CA certificate password? 
Re-enter CA certificate password? 
Organization? Toby Heywood
Organization Unit [spacewalk]? 
Email Address [toby@lab.tobyhewood.com]? 
City? London
State? London
Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? GB
** SSL: Generating CA certificate.
** SSL: Deploying CA certificate.
** SSL: Generating server certificate.
** SSL: Storing SSL certificates.
* Deploying configuration files.
* Update configuration in database.
* Setting up Cobbler..
Cobbler requires tftp and xinetd services be turned on for PXE provisioning functionality. Enable these services [Y]? y
* Restarting services.
Installation complete.
Visit https://spacewalk to create the Spacewalk administrator account.

Now at this point you are almost ready to break open a beer and give yourself a pat on the back.  But lets finalise the installation first.

Creating your Organisation
(that’s Organization for the Americans)

Setting up your organisation requires only a few simple things to be provided.

  • Click the Create Organization button and you should finally see a similar screen to the following;
    Set up your Spacewalk organization.
  • The last thing to do now you have your shiny new installation of Spacewalk is to perform a few sanity checks;
    Successful installation of Spacewalk.
  • Navigate to Admin > Task Engine Status and confirm that everything looks health and that the Scheduling Service is showing as “ON”
  • You can also take a look at my earlier blog post – spacewalk sanity checking – about some steps I previously took to make sure everything was running.

And there we go, you have install Spacewalk.

10 Replies to “A step-by-Step Guide to Installing Spacewalk on CentOS 7”

  1. Hi, initially, the firewall commands didn’w work for me, what I did was add another – before -permanent, so the commands look like

    firewall-cmd –zone=public –add-service=http –permanent

    firewall-cmd –zone=public –add-service=https –permanent

  2. Hi,
    I am getting below error when I am executing command “yum install spacewalk-postgresql”. Any help is really appreciated.

    Transaction check error:
    file /usr/share/java/commons-fileupload.jar conflicts between attempted installs of jakarta-commons-fileupload-1:1.2.1-1.jpp5.noarch and apache-commons-fileupload-1.3.2-3.el7.noarch

    1. Hi Sreejith,

      The only thing I can think of at present would be whether or not you already have the jakarta-commons-fileupload RPM installed on your system? Are you installing Spacewalk onto a
      new dedicated machine? Also when performed the initial installation of RHEL/CentOS 7 was it built using the “minimal” install option?

      Toby

  3. Hello, what can be the problem is I get this error message when I try to reach the site first time?
    Not Found

    The requested URL /rhn/Login.do was not found on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    No errors in the Catalina or messages logs.

    1. Hi Ralphy,

      Out of curiosity have you installed Satellite onto a machine which is already running a web server such as apache or nginx?

      Might be worth confirming if you have any apache/nginx services running and stopping them. Then restart satellite and see if that improves things.

      Toby

  4. Thanks indeed, it is so informative 🙂

    I am stuck at Postgres, I am installing on CentOS Linux release 7.4.1708 (Core)
    and with latest Spacewalk release 2.7, but I am getting below error:

    [root@spacewalk ~]# spacewalk-setup
    * Setting up SELinux..
    ** Database: Setting up database connection for PostgreSQL backend.
    Database “rhnschema” does not exist
    ** Database: Installing the database:
    ** Database: This is a long process that is logged in:
    ** Database: /var/log/rhn/install_db.log
    *** Progress: ###
    Could not install database.
    [root@spacewalk ~]# cat /var/log/rhn/install_db.log
    Note: Forwarding request to ‘systemctl enable postgresql.service’.
    /usr/bin/spacewalk-setup-postgresql: line 165: [: 018446744073692774399: integer expression expected
    Redirecting to /bin/systemctl stop postgresql.service
    Redirecting to /bin/systemctl start postgresql.service
    createdb: database creation failed: ERROR: new encoding (UTF8) is incompatible with the encoding of the template database (SQL_ASCII)
    HINT: Use the same encoding as in the template database, or use template0 as template.
    [root@spacewalk ~]# cat /etc/locale.conf
    LANG=”en_US.UTF-8″

    Can you give me any hint please?

    1. Hi there,

      I think you investigation is on the right track.

      Is this a brand new box that you are installing Spacewalk onto? Also, has there been any change to the encoding (system locale) since the PostgreSQL was installed?

      I’m not 100% sure of the right answer here at this point as would need a little more background of the way your system is set up. Was it a brand new install or is it upgrade of CentOS 7?

      I have read a brief post here; https://stackoverflow.com/questions/16736891/pgerror-error-new-encoding-utf8-is-incompatible which talks about ways that you might be able to resolve the template issue but my advice here would be to take a snapshot before attempting any of what is suggests!

      If you can provide a little more background, I’ll see if I can assist further.

      Toby

Leave a Reply