For who is not yet familiar with this project go to this url: https://spacewalkproject.github.io/
This project advertises the fact that it manages software on your systems and provisions on bare metal and virtual so it’s like a fancier Cobbler (it actually uses Cobbler in the backend) with some “push” functions.
The only reason this project caught my eye is the fact that it does patch level management in other words it reports what software you have installed and helps you upgrade that software on your machines (that is if new versions are available in the repositories you have configured) and gives you control over how you plan on doing that (like push only security updates or everything or etc) . For me this tools is yet another one of them Red-Hat exclusive clubs where if you’re not a member you/re not allowed to go in (because it works with Red-Hat OSs, it has limited functionality for Debian and nothing else is supported)
I started writing this particular post a few months ago, right after I installed Spacewalk for the first time in my home lab, and left it in the drafts section hoping to gather a few more interesting things about it then finish the post and post it on my blog.
What has happened since then?
Well in my first few weeks of using it I noticed that nodes were not checking in with the server (despite the fact that I followed the guide to the letter) so I ended up installing something extra – osad – which runs as a service and most likely calls the agent from time to time to report in (this felt a bit weird but hey it worked right ?). After that I started getting some periodic reports about nodes affected by various CVEs which is cool and was indeed the goal for me. A bit later I felt brave and decided to try its patching ability so I scheduled upgrades using the fancy Spacewalk interface. This was a mistake in my case … things did not go well … task did not run when it was supposed to, upgrade did not complete properly, had a few systems with broken packages on them which needed a bit of love afterwards.
Long story short … I’ve decided it is useful for reporting BUT nothing else … at least in my case … so keeping it but I’ll handle the upgrading process myself.