SUSE Manager with Azure

You can use SUSE Manager Server and Proxy with the Microsoft Azure public cloud. This section discusses what you will need for running SUSE Manager in Azure, and how to set up your installation.

Configure the Azure Cloud Instance

Use the SUSE Manager Server 4 BYOS image. The image is a pre-built image created by SUSE. It is based on JeoS, and SUSE Manager is pre-installed but not configured. Configuring SUSE Manager has to be done manually with YaST.

When you create your Azure virtual machine, choose something like d8s_v3 with 8 vCPUs and 32 GB RAM.

When you are setting up disk partitioning, we recommend:

  • 30 GB for the disk running the operating system

  • Select Standard HDD for the storage account type

You will also require three additional data disks:

  • Disk 0: 64 GB on Premium SSD, mounted at /var/lib/pgsql

  • Disk 1: 512 GB on Standard SSD, mounted at /var/spacewalk

  • Disk 2: 128 GB on Standard SSD, mounted at /var/cache

Do not use LVM with Azure. If you need more disk space, extend a disk in the Azure portal, then extend the filesystem with xfs_growfs.

Partition the disks like this:

  • /dev/sda: 4 partitions containing the OS

  • /dev/sdb: temporary storage disk, do not use

  • /dev/sdc: contains /var/lib/pgsql

  • /dev/sdd: contains /var/spacewalk

  • /dev/sde: contains /var/cache

You can use these commands to create the disks:

for d in sdc sdd sde; do
  parted --script /dev/$d mklabel gpt mkpart primary xfs 0% 100%
  mkfs.xfs /dev/${d}1
done
mkdir /cachetmp
mount /dev/sde1 /cachetmp
cp -a /var/cache/* /cachetmp/
umount /cachetmp
echo "$(blkid /dev/sdc1|awk -F " " '{ print $2 }') /var/lib/pgsql xfs defaults,noatime 0 0" >> /etc/fstab
echo "$(blkid /dev/sdd1|awk -F " " '{ print $2 }') /var/spacewalk xfs defaults,noatime 0 0" >> /etc/fstab
echo "$(blkid /dev/sde1|awk -F " " '{ print $2 }') /var/cache     xfs defaults,noatime 0 0" >> /etc/fstab
mkdir -p /var/spacewalk
mount /var/spacewalk
chown -R wwwrun:root /var/spacewalk
mount /var/lib/pgsql
chown -R postgres:postgres /var/lib/pgsql
mv /var/cache /var/cache.old
mkdir /var/cache
mount /var/cache
rm -r /var/cache.old

When you are setting up networking, we recommend that you create a separate private network, with the IP range 10.0.0.0/24.

Configure the SUSE Manager Server to use the internal IP address 10.0.0.4. Ensure it is also accessible from outside the network with a fixed IP address.

Configure the firewall to only allow inbound traffic on ports 22, 80, and 443 to IP address 10.0.0.4. In this environment, if other servers are added to the network they cannot be reached from outside the network.

Outbound is open from the private network. This should be restricted for other servers in this private network.

You will need to set the DNS zones in Azure before you can configure the SUSE Manager Server. For more information on setting DNS zones, see the Azure documentation.

Configure SUSE Manager Server

Ensure that your SUSE Manager Server is registered with SUSE Customer Center.

When your server is registered, install these extra packages:

zypper -n in spacecmd spacewalk-utils mlocate sysstat

Apply the latest updates and reboot the server:

zypper -n up -l
reboot

Check that all filesystems are mounted and that PostgreSQL is running:

mount
service postgresql status

Complete SUSE Manager Server installation and configuration. For more information, see installation:server-setup.adoc.

We recommend you configure the SUSE Manager Server so that DHCP does not set the host name. Check /etc/sysconfig/network/dhcp and ensure that DHCLIENT_SET_HOSTNAME is set to no:

DHCLIENT_SET_HOSTNAME="no"

Add the Azure client to the /etc/hosts file. At the command prompt, replace <ip_address> with the IP address of the server:

echo "<ip_address> $(hostname -f) $(hostname)" >> /etc/hosts

SUSE Manager Server has a default administration user. In Azure, the system administrator user is called admin. The admin user’s password is built with two parts. The first part can be found by using this command:

azuremetadata --instance-name

The second part of the password is -suma

Alternatively, you can check the /var/log/susemanager_firstuser.log file.