Install Rudder relay on SLES

Relay servers won’t work if you don’t have a valid scale-out-relay plugin installed.

If you install a relay without that plugin, policy generation will fail, preventing new policies to be applied to your Nodes.

More information about plugins in dedicated section

Dependencies

If you need to use syslog reporting, which is not the general case, Rudder agent requires that a syslog server is installed on the node. This syslog server can be either syslogd, syslog-ng or rsyslog.

One of them is generally installed by default, but it may not be the case with minimal images. In this case you should install one (preferably syslog-ng or rsyslog).

You may encounter a segmentation fault in Zypper in the following cases:

  • On SLES 11 when trying to install Rudder rpm files locally with Zypper (for example with 'zypper install rudder-agent-version.release-1.SLES.11.x86_64.rpm')

  • On SLES 12 GA when installing Rudder packages, locally or from the repository

This is due to a bug (bnc#929483 on SUSE bugtracker) in Zypper’s RPM headers parsing. You can either:

  • Only for SLES 11, install the packages directly from the repository, as described below

  • Upgrade your libzypp package to a version including the fix provided by SuSE (upgrade for SLES11SP3 and for SLES12)

  • Use the rpm command to install packages locally (for example with rpm -i rudder-agent-version.release-1.SLES.11.x86_64.rpm)

Installation

Each official package is signed with our GPG signature. To ensure the packages you will install are official builds and have not been altered, import our key into rpm using the following command:

rpm --import https://repository.rudder.io/rpm/rudder_rpm_key.pub

Our key fingerprint is:

pub  1024R/6F07D355 2012-11-09 Rudder Project (RPM release key) <security@rudder-project.org>
      Key fingerprint = 1141 A947 CDA0 4E83 82C1  B9C4 ADAB 3BD3 6F07 D355

Add the Rudder packages repository:

  • on SLES 15:

zypper ar -n 'Rudder 6.0' http://repository.rudder.io/rpm/6.0/SLES_15/ Rudder

If you have an active subscription, use the following to get access to long term support (you need to replace the user name and the password by your Rudder account):

zypper ar -n 'Rudder 6.0' https://LOGIN:PASSWORD@download.rudder.io/rpm/6.0/SLES_15/ Rudder
  • on SLES 12:

zypper ar -n 'Rudder 6.0' http://repository.rudder.io/rpm/6.0/SLES_12/ Rudder

If you have an active subscription, use the following to get access to long term support (you need to replace the user name and the password by your Rudder account):

zypper ar -n 'Rudder 6.0' https://LOGIN:PASSWORD@download.rudder.io/rpm/6.0/SLES_12/ Rudder

Update your local package database to retrieve the list of packages available on our repository:

zypper refresh

Install the package:

zypper install rudder-server-relay

To complete this step, please make sure that your node is configured successfully and appears in your Rudder web interface.

On the root server

You have to tell the Rudder root server that a node will be a relay. To do so, launch the rudder-node-to-relay script on the root server, supplying the UUID of the host to be considered as a relay. You can find the UUID of your node with the rudder agent info command.

/opt/rudder/bin/rudder-node-to-relay aaaaaaaa-bbbb-cccc-dddd-eeeeeeee

Validation

When every step has completed successfully:

  • The Rudder root server will recognize the new node as a relay

  • It will generate specific policies for the relay

  • The relay will update and switch to his new role

This is an example of node details pane showing a relay server. Note the "Role: Rudder relay server" part that shows that the machine has successfully changed from a node to a relay.

Relay
Figure 1. Rudder relay node

Adding nodes to a relay server

When you have at least one relay, you will likely want to add nodes on it.

You then have two possible cases:

  • You want to switch an already existing node to the relay

  • You want to add a new one

The procedure on both cases is the same, you have to:

  • Create / update the file /var/rudder/cfengine-community/policy_server.dat with the IP address or the fully qualified domain name of the relay server (instead of the root server)

echo "rudder-relay.example.com" > /var/rudder/cfengine-community/policy_server.dat
  • Trigger an inventory immediately to make sure the node is registered correctly

rudder agent inventory

After those steps, the node should be registered correctly on your Rudder infrastructure.


← on RHEL/CentOS Upgrade notes →