My Lab machines do not have direct access to the internet. This mirrors how my customers tend to run their environments. Instead, I run a single bastion host that can connect to the internet, and use that to perform all operations on my lab machines.
While it is great to be able to use the Install media to add packlages to PXE booted systems, after some time, the set of packages available is older than you want. For example, I hit a bug that required an update of Network Manager. So, I want to make a local yum repo from my RHEL 8 subscription. RHEL 8 makes this fairly easy.
In my previous post, I created two yum repos, one for the BaseOS, and one for the App stream. Since I also heavily use Anisible, I will sync that repo as well. You can see the set of Repos I have installed on my Bastion host with:
# yum repolist enabled Updating Subscription Management repositories. repo id repo name ansible-2.9-for-rhel-8-x86_64-rpms Red Hat Ansible Engine 2.9 for RHEL 8 x86_64 (RPMs) rhel-8-for-x86_64-appstream-rpms Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) rhel-8-for-x86_64-baseos-rpms |
I am going to do the same thing here for the repo sync. Since I have plenty of space on my Web Server machine, I am going to sync the files directly to a subdirectory already exposed by the web server. In this case: /var/www/html/yum. I create one sub directory for each of the yum repos listed above:
# ls -la total 0 drwxr-xr-x. 5 root root 125 Aug 11 11:59 . drwxr-xr-x. 12 apache apache 266 Aug 11 10:07 .. drwxr-xr-x. 2 root root 6 Aug 11 10:09 ansible-2.9-for-rhel-8-x86_64-rpms drwxr-xr-x. 3 root root 46 Aug 11 10:34 rhel-8-for-x86_64-appstream-rpms drwxr-xr-x. 3 root root 43 Aug 11 10:13 rhel-8-for-x86_64-baseos-rpms |
I use the yum-utils package tools to perform the reposync
yum install yum-utils |
I like keeping the name of the repo and the directory in common. To sync the BaseOS (note, don’t do this yet…I’ll tell you why in a second)
reposync -p ./rhel-8-for-x86_64-baseos-rpms --download-metadata --repo=rhel-8-for-x86_64-baseos-rpms |
And comparable for AppStream and Ansible.
Since the files are served via HTTPD, you want to make sure that SELinux allows access to them. To Check:
# ls -lZ rhel-8-for-x86_64-baseos-rpms/ total 0 drwxr-xr-x. 4 root root unconfined_u:object_r:httpd_sys_content_t:s0 38 Aug 11 10:17 rhel-8-for-x86_64-baseos-rpms |
What? Where did it go?
Ah…so it decided that it was going to name the directory for me. I ended up with two levels of nesting. Fortunately, I can move everything up one level. Lesson learned, the right command would have been
reposync -p ./ –download-metadata –repo=rhel-8-for-x86_64-baseos-rpmsand I would not have had to create the sub directory. I am going to try that now with app stream:
reposync -p . --download-metadata --repo=rhel-8-for-x86_64-appstream-rpms Updating Subscription Management repositories. Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) 5.2 kB/s | 4.5 kB 00:00 Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) 690 kB/s | 145 MB 03:35 (1/11996): python3-prettytable-0.7.2-14.el8.noarch.rpm |
That needs to synchronize over 10K packages: Make sure you don’t run out of disk space.
OK, going back to our messed up BaseOS, the solution to sort it is fairly simple: Move everything up one level of the directory structure.
cd rhel-8-for-x86_64-baseos-rpms/rhel-8-for-x86_64-baseos-rpms/ # ls Packages repodata # mv * .. # cd .. # rmdir rhel-8-for-x86_64-baseos-rpms/ [root@nuzleaf rhel-8-for-x86_64-baseos-rpms]# ls -laZ total 4 drwxr-xr-x. 4 root root unconfined_u:object_r:httpd_sys_content_t:s0 38 Aug 11 12:11 . drwxr-xr-x. 5 root root unconfined_u:object_r:httpd_sys_content_t:s0 125 Aug 11 11:59 .. drwxr-xr-x. 28 root root unconfined_u:object_r:httpd_sys_content_t:s0 240 Aug 11 10:17 Packages drwxr-xr-x. 2 root root unconfined_u:object_r:httpd_sys_content_t:s0 4096 Aug 11 10:13 repodata |
To confirm I can pull from this repo, I go to a client box and hit it with curl:
curl https://nuzleaf.home.younglogic.net/yum/rhel-8-for-x86_64-baseos-rpms/repodata/repomd.xml |
Now I can update my repository definition in /etc/yum/repos.d/
[nuzleaf] baseurl= https://nuzleaf.home.younglogic.net/yum/rhel-8-for-x86_64-baseos-rpms gpgkey=https://nuzleaf.home.younglogic.net/rhel8.2/RPM-GPG-KEY-redhat-release name=Red Hat Enterprise Linux 8.2.0 mediaid=None metadata_expire=-1 gpgcheck=0 cost=500 [nuzleafapps] baseurl= https://nuzleaf.home.younglogic.net/yum/rhel-8-for-x86_64-appstream-rpms gpgkey=https://nuzleaf.home.younglogic.net/rhel8.2/RPM-GPG-KEY-redhat-release name=Red Hat Enterprise Linux 8.2.0 AppStream mediaid=None metadata_expire=-1 gpgcheck=0 cost=500 |
The package synchronization takes a while. A base insatall needs packages that are at the end of the list, too, so I had to wait until they were all sync’ed before I could do a yum update.
Great instructions. My question is this: how do you keep the repos updated with only the latest rpms?
reposyc will pull the latest. I think there is an option there to prune old packages, but I have not looked. It might be in yum utils as well.
is it possible to keep sync for all rhel version 7,8,9 in one server.
Yes, but not in one directory. Typically the URL is templatized with the RHEL version.
Hello, we are having an instance (Ubuntu 20.04.6 LTS) which is using as a central repository (yum repo) and the build packages will be stored in this server. Earlier we were running the Jenkins pipeline to build and push the packages on to the server. Recently the pipeline is migrated to Azure DevOps and from here we can able to build and push the packages on to the server. But when we will run the yum update or yum install from other servers it’s still refereeing to old package version which built from the Jenkins and not from the Azure pipeline. We tried by running the reposync command to sync it but it’s still not syncing. Please some one help here to get the latest packages.
Ubuntu and Debian based distros do not use Yum. So the Ubuntu 20.04 part does not make sense to me.
Sorry, but I cannot debug this issue for you.