I just finished RH401: "Red Hat Enterprise Deployment, Virtualization, and Systems Management". It's a 4-day course, given Tuesday-Friday of this week. The course is normally Monday-Thursday, with an assessment exam (EX401) on Friday. Had I known this, I probably would have taken the course with the exam -- I'd like to have that certificate. There are 5 tests (including EX401) to earn the exalted title of "RHCA", Red Hat Certified Architect.

The course covered several major areas:

  • Net booting (PXE, DHCP, & TFTP)
  • Kickstart (automated installation of RHEL)
  • Red Hat Network (rhn.redhat.com, a service hosted by Red Hat), Satellite Server (a local version of the service, which includes and installs net boot services), and Proxy server (a customized caching webserver which saves bandwidth and download time -- a subset of the full Satellite)
  • Building RPMs
  • Xen virtualization

Xen is very cool -- it's perhaps halfway between VMware and Solaris zones (containers), so more efficient than VMware but less than zones. Xen offers live migration between servers and supports RHEL 4.5 as a guest OS. With appropriate hardware (preferably recent Intel or AMD CPUs with hypervisor instructions), Xen can also virtualize Windows and earlier versions of RHEL. VMware is much more mature, but very expensive (easily more than the hardware it runs on for standard 2-socket systems), so this was a useful preview, even if we don't expect to use Xen much during the next year -- perhaps for Rockefeller's multi-user webserver, where we would like more isolation between users.

I was really there, however, to find out how to build custom RPMs for Rockefeller, manage them with custom RHN channels, and kickstart from a net boot server to streamline and automate installations.

Unfortunately this turns out to be surprisingly expensive, compared to what we pay to run RHEL. We normally pay $50/host/year for RHEL Academic Server, which is basically the Update & Management entitlements. This enables us to download patches from rhn.redhat.com (Update), and do a little bit more advanced stuff such as group systems in the RHN website (Management).

To use all the custom channels and kickstarting discussed in the class, we need a Red Hat Satellite Server (which costs about as much as all our RHEL Academic seats combined), and a $96 RHN Provisioning add-on Entitlement for each server. Combined, these would quadruple the amount we pay Red Hat annually for our servers, and I'm not at all convinced it would be a worthwhile investment.

We may instead get a Red Hat Proxy Server, which provides custom channels and costs much less than the full Satellite, and build our own kickstart server, forgoing all the Satellite features. This would be a shame, but might turn out to be the best compromise.

Another problem is that the RHN/Satellite back-end is RHEL4AS only -- it doesn't run on RHEL5, and it doesn't coexist well with any other services. This is a larger Red Hat problem, rather than specific to the class, but it meant the class was a mixture of RHEL4 and RHEL5, and made things more complicated.

It's enough to make one seriously consider CentOS, is a rebranded free version of RHEL. We don't want to do that, though.

Paul, our instructor, was full of excellent tips on better ways to work with RHEL. Unfortunately, I avoid many of these (decidedly useful) techniques, since they only work on Linux (or only RHEL), and I generally stick to things common to Linux, Solaris, and Mac OS X. The neat stuff Red Hat has added recently, which he was excited about, would make my RHEL work more efficient at the expense of having to keep track of the RHEL way and the non-RHEL way. Those commonalities are essential for me.

Still, I learned a lot of useful stuff about RHEL, and now just need a chunk of time to set up a kickstart server and decide how to do DHCP -- our DHCP scopes are managed by the Network Group, and we need a way to set up and manipulate kickstarting without asking them to make multiple DHCP & VLAN changes. I have some ideas for how to automate and customize the kickstart process, which I'd really like to test and implement.