Activation Keys

Activation keys are used to ensure that your clients have the correct software entitlements, are connecting to the appropriate channels, and are subscribed to the relevant groups. Each activation key is bound to an organization, which you can set when you create the key.

In Uyuni, an activation key is a group of configuration settings with a label. You can apply all configuration settings associated with an activation key by adding its label as a parameter to a bootstrap script. We recommend you use an activation key label in combination with a bootstrap script. When the bootstrap script is executed all configuration settings associated with the label are applied to the system the script is run on.

An activation key can specify:

  • Channel assignment

  • System types or add-on entitlements

  • Contact method

  • Configuration files

  • Packages to be installed

  • AppStreams to be enabled

  • System group assignment

Activation keys are used at the time a client is registered, and not used again. After the client has been registered, the client can be changed in any way, regardless of what the activation key specifies. The association between the activation key and the client is recorded only for historical purposes.

provision config keys
Procedure: Creating an Activation Key
  1. In the Uyuni Web UI, as an administrator, navigate to Systems  Activation Keys.

  2. Click the Create Key button.

  3. On the Activation Key Details page, in the Description field, enter a description of the activation key.

  4. In the Key field, enter a name for the activation key. For example, SLES15-SP5 for SUSE Linux Enterprise Server 15 SP5.

    • Do not use commas or double quotes in the Key field for any SUSE products. However, you must use commas for Red Hat Products.

    • All other characters are allowed, but <> (){} (this includes the space) are removed automatically.

    • If the field is left empty, a random string is generated.

  5. In the Base Channels drop-down box, select the appropriate base software channel, and allow the relevant child channels to populate. For more information, see reference:admin/setup-wizard.adoc#vle.webui.admin.wizard.products and Custom Channels.

  6. Select the child channels you need (for example, the mandatory SUSE Manager tools and updates channels).

  7. Check the Add-On System Types check box if you need to enable any of the options.

  8. We recommend you leave the Contact Method set to Default.

  9. We recommend you leave the Universal Default setting unchecked.

  10. Click Create Activation Key to create the activation key.

  11. Check the Configuration File Deployment check box to enable configuration management for this key, and click Update Activation Key to save this change.

    The Configuration File Deployment check box does not appear until after you have created the activation key. Ensure you go back and check the box if you need to enable configuration management.

When created, tabs such as

  • Packages

  • Configuration

  • Groups

  • Activated Systems

  • AppStreams (available whenever a modular channel is associated with the activation key)

allow you to check and set additional features.

1. Reactivation Keys

Reactivation keys can be used once only to re-register a client and regain all Uyuni settings. Reactivation keys are client-specific, and include the system ID, history, groups, and channels.

To create a reactivation key, navigate to Systems, click the client to create a reactivation key for, and navigate to the Details  Reactivation tab. Click Generate New Key to create the reactivation key. Record the details of the key for later use. Unlike typical activation keys, which are not associated with a specific system ID, keys created here do not show up on the Systems  Activation Keys page.

After you have created a reactivation key, you can use it as the management_key grain in /etc/salt/minion.d/susemanager.conf. For example:

grains:
    susemanager:
        management_key: "re-1-daf44db90c0853edbb5db03f2b37986e"

Restart the venv-salt-minion or salt-minion process to apply the reactivation key.

You can use a reactivation key with a bootstrap script. For more information about bootstrap scripts, see Register Clients with a Bootstrap Script.

If you autoinstall a client with its existing Uyuni profile, the profile uses the reactivation key to re-register the system and restore its settings. Do not regenerate, delete, or use this key while a profile-based autoinstallation is in progress. Doing so causes the autoinstallation to fail.

2. Activation Key Best Practices

Default Parent Channel

Avoid using the SUSE Manager Default parent channel. This setting forces Uyuni to choose a parent channel that best corresponds to the installed operating system, which can sometimes lead to unexpected behavior. Instead, we recommend you create activation keys specific to each distribution and architecture.

Bootstrapping with Activation Keys

If you are using bootstrap scripts, consider creating an activation key for each script. This helps you align channel assignments, package installation, system group memberships, and configuration channel assignments. You also need less manual interaction with your system after registration.

Bootstrapping LTSS clients

If you are boostrapping clients with LTSS subscription, include the LTSS channels during activation key creation.

Bandwidth Requirements

Using activation keys might result in automatic downloading of software at registration time, which might not be desirable in environments where bandwidth is constrained.

These options create bandwidth usage:

  • Assigning a SUSE Product Pool channel results in the automatic installation of the corresponding product descriptor package.

  • Any package in the Packages section is installed.

  • Any Salt state from the Configuration section might trigger downloads depending on its contents.

Key Label Naming

If you do not enter a human-readable name for your activation keys, the system automatically generates a number string, which can make it difficult to manage your keys.

Consider a naming scheme for your activation keys to help you keep track of them. Creating names which are associated with your organization’s infrastructure makes it easier for you when performing more complex operations.

When creating key labels, consider these tips:

  • OS naming (mandatory): Keys should always refer to the OS they provide settings for

  • Architecture naming (recommended): Unless your company is running on one architecture only, for example x86_64, then providing labels with an architecture type is a good idea.

  • Server type naming: What is this server being used for?

  • Location naming: Where is the server located? Room, building, or department?

  • Date naming: Maintenance windows, quarter, etc.

  • Custom naming: What naming scheme suits your organizations needs?

Example activation key label names:

sles15-sp4-web_server-room_129-x86_64
sles15-sp4-test_packages-blg_502-room_21-ppc64le
Included Channels

When creating activation keys you also need to keep in mind which software channels are associated with it. Keys should have a specific base channel assigned to them. Using the default base channel is not recommended. For more information, see the client operating system you are installing at Client Registration.