I’m currently managing a small environment of around 150 SLES15 servers in Azure, using a pay-as-you-go licensing model. These VMs are built from official SLES for SAP images. One challenge I’ve been facing is patching these servers since they are in an air-gapped environment with no direct internet connection.
The proposed solution from SUSE/Azure is SUSE Manager, but this hasn’t been approved in my company. I’ve been exploring using RMT as a lightweight solution, but it doesn’t support our licensing model.
The alternative I’m considering is using zypper with the --download-only option to download all the necessary packages on dedicated host and create custom repositories. However, I have some concerns:
How can I ensure that zypper update --download-only will download all required packages?
If the command is run at different intervals, and initially it downloads some_package.1.0.0.rpm, and in the next run it downloads some_package.1.0.1.rpm, will both versions of the package be available?
Is it a recommended approach to create a new directory for each zypper update run to keep things organized?
I’d appreciate any advice or suggestions on managing this process effectively.
@rummy Hi, SUSE manager 5.0 would be the way to go (you can always get an eval license to test?). Perhaps consider upstream https://www.uyuni-project.org/
It already pulls updates that way. I’m trying to ensure all instances are patched to the same level. RMT seems like the right choice, but it tries to sync with scc.suse.com, while I’m pulling all updates from smt-azure.susecloud.net. Additionally, all Azure repositories use the libzypp plugin, with URLs that look like plugin:/susecloud?credentials.