Oracle Cloud Infrastructure Documentation

Editing a Management Station

Modify the name, description, hostname, proxy configuration, and mirror configuration of a management station in OS Management Hub.

Important

If you change the proxy or mirror configuration, instances using the station might be unable to communicate with OS Management Hub and you must reconfigure the firewall and SELinux on the management station. Updates to the basic details of the management station, such as its name or description, don't require reconfiguration.

  • Edit station

    1. On the station details page, select Edit and provide the information that follows.
    2. Select Update.
      Tip

      You can also perform this action from the list page, using the row's Actions menu (Actions icon).

    Add basic details

    Provide the basic information and settings for the management station:

    • Name: Name for the management station. The name doesn't need to be unique, because an Oracle Cloud Identifier (OCID) uniquely identifies the station. Avoid entering confidential information.
    • Description: (Optional) Description for the management station. Avoid entering confidential information.
    • Hostname: The hostname or IP address associated with the on-premises or third-party cloud instance. Or, if configuring high availability, the hostname or IP address of the load balancer. The hostname must be resolvable by other instances in your network.
    • Automatically configure station: When enabled, the station setup script automatically runs to configure the firewall and SELinux settings on the station.

    Proxy configuration

    Provide the proxy configuration information for the station:

    • Enabled: When enabled, you can configure the proxy settings for the management station. When disabled, no HTTP proxy is used.

    • Permitted address ranges: A comma-separated list of address ranges in the network that are allowed to use this management station as a proxy to the OS Management Hub service. For example, 192.168.0.0/16 would let all instances in the data center with a 192.168.x.x IP address use the management station as a proxy, and 0.0.0.0/0 would let all IP addresses to use the management station as a proxy.

      Valid values include:

      • IPv4 or IPv6 addresses
      • Single IP addresses
      • CIDR ranges
      • * (wildcard)
    • Listening port: An available TCP port for the management station to receive proxy requests. For example, port 16080. The management station listens on this port for incoming connections from instances in the data center.
    • Proxy host: (Optional) The URL, hostname, or IP address of the external-facing forward HTTP proxy or firewall. The management station uses this proxy host to connect through the internet to OCI.

    Mirror configuration

    Provide the mirror configuration information for the station:

    • Storage path: Full directory path to the data volume on the management station where the software source mirrors are stored. Such as /mnt/mirror.
    • Mirror listening port (http): An available TCP port for the management station to receive HTTP yum requests. For example, port 17080. The management station listens on this port for connections from on-premises or third-party cloud instances. To disable HTTP yum requests, leave this field blank.
    • Mirror listening port (https): An available TCP port for the management station to receive HTTPS yum requests. For example, port 17443. The management station listens on this port for connections from on-premises or third-party cloud instances. To disable HTTPS yum requests, leave this field blank.
    • SSL certificate path: (Optional) The full path to an SSL certificate, if you want to use your own certificate. If left blank, OS Management Hub uses a self-signed certificate.
    • Verify SSL certificates: When enabled, instances verify the SSL certificate when installing or updating packages from the software sources mirrored on the management station.

    Review and update

    Review the modified details of the management station, and then click Save changes.

    If you updated the mirror or proxy configuration, you must update the firewall and SELinux configuration.

    Update SELinux and firewall settings

    If you updated the mirror or proxy configuration, you must update the firewall and SELinux configuration using the following steps.
    1. Sign in to the instance as a user with sudo privileges
    2. Configure the firewall and SELinux settings to permit traffic and access.

      The management station uses the ports defined during setup for synchronizing the yum mirror and managing proxy traffic to OCI.

      You can manually update the firewall rules and SELinux settings or use the station-setup.sh script.

      The station-setup.sh script configures the firewall and SELinux settings to permit traffic on the ports that you have specified in the proxy configuration on the management station and the Apache HTTP web server to serve packages from the path in the mirror configuration. The script handles firewall and SELinux configuration for mirrors using the xfs, ext4, btrfs, or nfs file system.

      Important

      For your convenience, the station-setup.sh script is available to configure the firewall and SELinux settings. Before running the script in your production environment, be sure to review the script and understand the changes that the script makes to your firewall and SELinux settings.
      sudo /opt/oracle/mgmt_agent/plugins/osmh/stateDir/station-setup.sh
    3. If you didn't run the station-setup.sh script, restart the Apache HTTP web server. 
      sudo systemctl restart httpd

  • Use the oci os-management-hub management-station update command and required parameters to edit the management station.

    oci os-management-hub management-station update --management-station-id ocid [OPTIONS]

    For a complete list of flags and variable options for CLI commands, see the Command Line Reference.

  • Run the UpdateManagementStation operation to update the configuration of a management station.