Linux Training : a. Spacewalk overview


Spacewalk is the large-scale deployment and management tool for RHEL systems used at FOOBAR INC.

Spacewalk is a network-wide system deployment and maintenance tool. It allows sysadmins to efficiently perform identical operations on multiple systems. The machine running spacewalk is aptly named spacewalk. which is an alias for gripper.

Spacewalk provides

  • Package management

    Each system managed by Spacewalk is subscribe to a software channel. The channel is comprised of specific applications and configuration files. This provides for group consistency within a specific channel. When a package update becomes available, the spacewalk admin can make it universally available or it can be applied only to specific channels (like "testing"). Updates can be "pushed" to subscribed machines using Spacewalk.
  • Configuration management

    Spacewalk can provide configuration management in the same manner as packages. The configuration files, typically the ones in /etc, have a master version on the Spacewalk server. If it needs to be changed, it can quickly be pushed to all subscribed machines. Additionally, this can be used to keep a machine in configuration compliance by automatically replacing any changed configuration files with official versions.
  • System status reporting

    The front page of the Spacewalk application is an overall status report. It is easy to see which machines have outstanding updates or have not reported in over the last reporting period. Additionally, machines can be assigned to owners and the owners will receive an email report when a system is not fully updated or out of configuration compliance.
  • Remote commands

    Spacewalk supports a remote command process. An admin provides a tested, ready to run script that Spacewalk then pushes to all chosen machines and executes. If it can be scripted, it can be run remotely from Spacewalk.

    Remote commands are currently not enabled at FOOBAR INC

Spacewalk client setup

  • yum install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto yum-rhn-plugin
    Installs all client-side tools
  • rhnreg_ks --serverUrl=http://spacewalk/XMLRPC --activationkey=<key-with-custom-channel>
    Register the client with the spacewalk server

    Activation keys:



    64bit Server


    64bit Client


    64bit Cluster Nodes


    Or you can run this script to set up 64 bit workstation:
  • http://yum/pub/rhel5/config-files/ which is a symlink to /usr1/ftp/pub/rhel5/config-files/manage-files/root/util/ on chinook

Spacewalk Tabs


Comparing packages

Using spacewalk you can compare packages installed on a system to those installed on another system or to a saved package profile.

Once you have the system you want to compare selected, then choose Software. From here you should click the Compare Package Profiles / Manage Package Profiles. Here you can select the other system you want to compare to.

System Groups

Spacewalk allows systems to be grouped arbitrarily. The systems can be members of more than one system group at a time. FOOBAR INC uses this feature to provide branch level grouping of systems. This allows us to target and manage different groups of machines easily. Instead of having to deploy a configuration file to each machine individually we can treat a group of machines as one machine using system groups. Currently the following system groups are configured:




Antennas systems

SIS Developer

SIS Developer systems

SIS Infrastructure

SIS Infrastructure systems

FOOBAR INC Infrastructure

FOOBAR INC Infrastructure systems


FOOBAR INC Updates Testers

FOOBAR INC Workstations

FOOBAR INC Workstations

FOOBAR INC Computational

FOOBAR INC Computational Systems


Errata are update notifications generated by RedHat. We use errata to know what updates fix what vulnerabilities and which systems are affected. The errata are automatically uploaded to the spacewalk server nightly. Currently this is performed by a cron job running out of /etc/cron.d/errataUpdate in a two step process. One step downloads from and the other step uploads to spacewalk., both use a dedicated user.


Software in spacewalk is managed as part of software channels. Each system can only be subscribed to one base software channel at a time. We use software channels to separate our testers from the rest of the lab. Additionally we separate cluster packages so that we can keep cluster systems locked on certain software packages. Our currently configured software channels are:



RHEL5 - Approved x86

Approved software for x86 systems

RHEL5 - Approved x86_64

Approved software for x86_64 systems

RHEL5 - Certified x86_64

Certified software for x86_64 systems

RHEL5 - Cluster x86_64

Cluster software for x86_64 systems

RHEL5 - Approved x86

Software in testing for x86 systems

RHEL5 - Testing x86_64

Software in testing for x86_64 systems

The packages in each channel is managed by our updates policy which moves packages between testing and approved. Packages in the cluster and certified channel are managed manually.


The audit tab is used extensively in other deployments of spacewalk but it is not utilized on https://spacewalk. It is an interface to view the audit logs aggregated from multiple systems within spacewalk.


The logs tab is used extensively in other deployments of spacewalk but it is not utilized on https://spacewalk. It is an interface to view the system logs aggregated from multiple systems within spacewalk.


Spacewalk supports configuration channels as a means to manage configuration files on each system. Each configuration channel can be associated with multiple systems and each system can have multiple configuration channels. If two configuration channels provide the same file the configuration channel with a higher priority has its file deployed on the system. Additionally systems may be configured with system specific configuration files; these files will always override other configuration channel files. The currently configured configuration channels are:

Channel Name


Cluster Master

Files for cluster master nodes

Cluster Node

Files for cluster nodes


Files common to all systems

HTTP Server

HTTP Server files


Files for authenticating to ldap


Files specific to servers

SIS Build Server

Files for SIS Build servers

SIS Common

Files common to all of SIS

SIS Development

Files for SIS development

SIS Workstation

Files for SIS workstations

SNMP Monitored

Systems monitored by SNMP


FOOBAR INC Workstations