You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

General Maintenance

The Opmantek Appliance is - like all networked computer systems - subject to the usual requirements wrt. patching software for security holes, general care and periodic adjustments and so on. The appliance comes with logrotation and other standard management services enabled, but this is no substitute for a trained system administrator's watchful eye.
For example it's very much recommended to run yum check-update periodically, e.g. once monthly, to learn of important software updates, and to apply them using yum upgrade.

Updating software on the Appliance with limited Internet access

Some customers are reluctant to grant any of their servers (or the Opmantek Appliance) direct access to the Internet. In normal operation that doesn't limit the appliance in any way (as long as there is a source of DNS and NTP available), but updating (our or other) software on the appliance would be made impossible.

To deal with software maintenance in such highly restrictive environments we do recommend that you provide a web proxy for servers that otherwise cannot download updated software packages; you might want to run said proxy only temporarily, with authentication required or filtering, e.g. only serving files from particular web locations. Setting up a proxy like the well-known and -tested Squid proxy server is a minimal effort (even with authentication) and well worth the improved maintainability of your infrastructure.

The packaging manager (yum) used by the underlying operating system (CentOS) can be configured easily to use a proxy server for Internet access, and the same is true for installing Perl modules via CPAN.

Yum configuration for proxy access

You need to edit /etc/yum.conf (nano is likely your best choice for a simple editor if you have no real preferences), and add a block like the following somewhere to the section labelled "[main]":

[main]
# lots of other directives
proxy=http://mycache.mydomain.com:3128
# The account details for yum connections, IF your proxy enforces authentication
proxy_username=yum-user
proxy_password=qwerty

After you've made those changes you should run  yum check-update to verify that it can access the package repositories in question.

CPAN configuration for proxy access

The following applies primarily to updating NMIS as all other software ships in compiled/stand-alone form.

If you decide to extend your deployed Opmantek Appliance with new Opmantek packages (or update existing software packages), then it may be necessary occasionally to install extra Perl packages from CPAN (the Comprehensive Perl Archive Network).

The NMIS installer/updater automates these installation steps using the cpan tool, which is proxy-capable as well.

To configure cpan to use a proxy, you need to start the tool (as root) and tell it to run the proxy configuration dialog and it'll ask you for the relevant settings:

# become root, su or sudo bash
cpan
o conf init /proxy/
# and answer the questions as displayed
  • No labels