You can see servers belonging to the key by clicking on the key itself in Managing Keys interface.
The screen shows servers registered under the key, their IP, hostname, effective kernel as well as the time of registration and last check in.
Note. If scripts do not work on your ePortal, you might need to update ePortal first. To update ePortal, please run the following command:
> yum update kcare-eportal
To view the list of all servers IDs that are connected to the particular key, do the following:
•In the UI go to the page with the list of keys. Then click the particular key. The list of servers connected to this key will be displayed.
To view the list of all servers IDs that are not connected to any key, do the following:
•In the UI go to the page with the list of keys. Then click Reset filters button.
•OR just follow this URL http://EPORTAL_IP/admin/kcserver/.
To unroll patchset run:
> kc.eportal --unroll 16012017_1
To see pairs of key/number of servers run:
> kc.eportal --list-servers
Count | Key
----- + --------------------------------
0 | 2shcolu7Y1x6885Q
2 | 6J89aS44j6OmTr05
It determines if latest patches are available and installs them.
In the patch-source page, there is a list of available patches. To unroll patches click the button Roll back this patch, and all after it.
Use it to roll back the patch and all the following patches.
A new table is added to the starting page. This table displays the following:
•Total number of servers.
•Number of servers that checked in for the past 48 hours.
The number of servers for each key is listed in the Key Inventory table.
[root@localhost ~]# kc.eportal -l
Num | Username
--- + --------------------------------
1 | admin
2 | user
[root@localhost ~]# kc.eportal -r user
User 'user' is now readonly
•Create additional feeds.
•Specify feed for each key.
•Move key (and associated servers) from feed to feed.
To add a key to the feed a user should enter the key number and choose a feed.
If a user specifies the name of a feed that does not exist yet, a new feed will be created.
To change feed for a particular key, enter the key number and feed where the key should be moved to.
To manage patchsets for each feed, click feed name on the navigation bar. A list of all available patches and actions on them will be displayed.
If a feed is deleted, the servers/key belonging to that feed are moved to the "main" feed.
To add an extra Tag field for the server, run:
kcarectl --tag command
where command is a parameter defined by a user. This parameter will be displayed in UI for the server. User could add multiple tags for each server. Each tag should be separated with ‘;’ symbol.
kcarectl --tag “env:prod;ubuntu”
This server has two tags : env:prod and ubuntu.
env:prod is a parameter that has tag name env and the value prod.
To remove all tags from a particular server, run:
kcarectl --tag ""
Where ''" is a parameter to delete the previously defined tag.
Some assumptions for a server where e-portal is deployed:
1. A firewall is disabled for 443 port.
2. Private and public keys are downloaded on the server.
•Edit ssl configuration template according to your certificates:
mv /etc/nginx/eportal.ssl.conf.example /etc/nginx/eportal.ssl.conf
•Include this configuration into the main one:
sed -e '3iinclude eportal.ssl.conf;' -i /etc/nginx/conf.d/eportal.conf
service nginx restart
In order to communicate with e-portal, updated to https, you need to modify KernelCare config files on all the servers if they have IPs hardcoded servers settings.
To do that, update PATCH_SERVER and REGISTRATION_URL environment variables:
So, after editing your /etc/sysconfig/kcare/kcare.conf should contain updated PATCH_SERVER and REGISTRATION_URL environment variables like in the example below:
The following example demonstrates how to connect new servers to e-portal configured for https:
$ export KCARE_PATCH_SERVER=https://eportal_domain_name/
$ export KCARE_REGISTRATION_URL=https://eportal_domain_name/admin/api/kcare
$ export KCARE_MAILTOfirstname.lastname@example.org
$ curl -s https://repo.cloudlinux.com/kernelcare/kernelcare_install.sh | bash
$ /usr/bin/kcarectl --register key_from_your_eportal