Install Rudder Root server on RHEL-like systems

Table of Contents

Java on RHEL/CentOS
Add the Rudder packages repository
Install your Rudder Root Server

Java on RHEL/CentOS

The Rudder Root server needs a compatible Java Runtime Environment to run.

On RHEL/CentOS 6, the available package compatible with Rudder server is java-1.7.0-openjdk but Rudder is also compatible with Oracle JRE 1.6 or later.

Oracle JRE 1.6, Oracle JRE 1.7 and OpenJDK 1.6 aren’t provided by the same virtual package on RHEL/CentOS 6 than OpenJDK 1.7. Besides, only OpenJDK 1.7 is provided by default on RHEL/CentOS contrary to Oracle JRE.

This is why even if Rudder Server would work with Oracle JRE 1.6 or 1.7, the dependencies will not be resolved with them.

Add the Rudder packages repository

Each package that is published by Rudder Project is signed with our GPG signature. To ensure the packages you will install are official builds and have not been altered, import our key into rpm using the following command:

rpm --import https://www.rudder-project.org/rpm-repos/rudder_rpm_key.pub

Our key fingerprint is:

pub  1024R/6F07D355 2012-11-09 Rudder Project (RPM release key) <security@rudder-project.org>
      Key fingerprint = 1141 A947 CDA0 4E83 82C1  B9C4 ADAB 3BD3 6F07 D355

Then run the following command as root:

RHEL/CentOS 6:

echo "[Rudder_2.11]
name=Rudder 2.11 Repository
baseurl=http://www.rudder-project.org/rpm-2.11/RHEL_6/
gpgcheck=1
gpgkey=https://www.rudder-project.org/rpm-2.11/RHEL_6/repodata/repomd.xml.key
" > /etc/yum.repos.d/rudder.repo

RHEL/CentOS 5:

echo "[Rudder_2.11]
name=Rudder 2.11 Repository
baseurl=http://www.rudder-project.org/rpm-2.11/RHEL_5/
gpgcheck=1
gpgkey=https://www.rudder-project.org/rpm-2.11/RHEL_5/repodata/repomd.xml.key
" > /etc/yum.repos.d/rudder.repo

Install your Rudder Root Server

To begin the installation, you should simply install the rudder-server-root metapackage, which will install the required components:

yum install rudder-server-root

On RHEL-like systems, a firewall setup is enabled by default, and would need to be adjusted for Rudder to operate properly. You have to allow all the flows described in the Network section.

[Warning]Warning

Rudder doesn’t support SELinux yet (see http://www.rudder-project.org/redmine/issues/2882), so you should set it to be permissive with this command:

setenforce 0
[Tip]Tip

The webapp runs on HTTPS/443 port so you need to allow access to your server on this port. The file to edit is /etc/sysconfig/iptables and should look like

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
# allow SSH access
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
# allow HTTP access
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
# allow HTTPS access
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

The important line to have access to the Web interface being:

# allow HTTPS access
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT

Now jump to the next section to configure your server.

Prev Up Next
Install Rudder Root server on SLES Home Initial configuration of your Rudder Root Server