Skip to main content

Repository proxy server aka satellite server for Redhat family.

This setup is done on Oracle Linux v9.5.

Preparations

Set up local hostname

hostnamectl hostname lt58ncp1sat1
exit

Check Internet connectivity

curl myip.2dz.fi

Carefully observe current /etc/yum.repo.d/oracle-linux-ol9.repo file. It has many repos listed and some of them are disabled. We shall need these. Ensure they are all enabled (enabled=1):

[ol9_baseos_latest]
name=Oracle Linux 9 BaseOS Latest ($basearch)
baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL9/baseos/latest/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

[ol9_appstream]
name=Oracle Linux 9 Application Stream Packages ($basearch)
baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL9/appstream/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

[ol9_codeready_builder]
name=Oracle Linux 9 CodeReady Builder ($basearch) - (Unsupported)
baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL9/codeready/builder/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

There are additional repositories, which depends on your environment and subscription, such as "Unbreakable Enterprise Kernel (UEK)", "Remote Direct Memory Access (RDMA)", "Virtualization (KVM) Utilities", "Latest Red Hat Compatible Kernel (RHCK) with fixes". Consider enabling them when there is a need for them.

As decscribed in the blog post below, Oracle gives a choice which Kernel to run, depending on that respective repositories should be enabled:

https://blog.mythics.com/posts/uek-vs-rhck-kernels

Observe enabled repositories, their IDs will be needed later in sync operations

dnf repolist

repo id                                                                                                              repo name
ol9_UEKR7              Oracle Linux 9 UEK Release 7 (x86_64)
ol9_appstream          Oracle Linux 9 Application Stream Packages (x86_64)
ol9_baseos_latest      Oracle Linux 9 BaseOS Latest (x86_64)
ol9_codeready_builder  Oracle Linux 9 CodeReady Builder (x86_64) - (Unsupported)

As primary repositories are verified, let's perform a system update and reboot.

dnf update
shutdown -r now

Install necessary utils

dnf install \
    createrepo \
    yum-utils \
    wget \
    tmux

Configure and attach disk for repositories. Bbear in mind that it will grow, consider using LVM.

hostname
lsblk
df -h
mkdir -p /mnt/$(hostname)-data/data/www/repos/
echo "hello-hello" > /mnt/$(hostname)-data/data/www/repos/hello

Install webserver to serve packages

dnf install nginx

systemctl start nginx
systemctl enable nginx
systemctl status nginx
ss -ntap | grep nginx

vi /etc/nginx/conf.d/$(hostname).conf

server {
    listen 80 default_server;

    server_name lt58ncp1sat1;

    root /mnt/lt58ncp1sat1-data/data/www/repos/;
    index index.html;

    location / {
        autoindex on;
    }
}

Permissions and SElinux

chown root:root /mnt/$(hostname)-data/data/www/repos/
chmod 775 /mnt/$(hostname)-data/data/www/repos/
chcon -Rt httpd_sys_content_t /mnt/$(hostname)-data/data/www/repos/
getenforce 
nginx -t
nginx -s reload
ss -ntap | grep nginx
sudo -u nginx cat /mnt/$(hostname)-data/data/www/repos/hello
curl http://127.0.0.1/hello

Configure firewall and check from externally:

firewall-cmd --add-service=http  --permanent
firewall-cmd --add-service=https --permanent

# from another machine
curl http://192.168.62.151/hello

Let's add more repositories (optional)

Add EPEL repos (will download and install oracle-epel-release-el9)

dnf install epel-release

Add ClusterControl repo and keys

wget http://www.severalnines.com/downloads/cmon/s9s-repo.repo -P /etc/yum.repos.d/

and for s9s-tools, edit file:

vi /etc/yum.repos.d/s9s-repo.repo

[s9s-tools]
name=s9s-tools
type=rpm-md
baseurl=http://repo.severalnines.com/s9s-tools/CentOS_9
gpgcheck=1
gpgkey=http://repo.severalnines.com/s9s-tools/CentOS_9/repodata/repomd.xml.key
enabled=1

Import keys for repo

rpm --import http://repo.severalnines.com/severalnines-repos.asc
rpm --import http://repo.severalnines.com/s9s-tools/CentOS_9/repodata/repomd.xml.key

Add MariaDB repo

curl -LsS https://r.mariadb.com/downloads/mariadb_repo_setup | sudo bash

Check repositories list

dnf repolist

Sync repos to the local storage (it will take time)

tmux
export dir="/mnt/$(hostname)-data/data/www/repos/"
ls -la $dir
df -h $dir
# TODO: script it
dnf reposync -g --delete -p ${dir} --repoid=mariadb-main          --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=mariadb-maxscale      --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=mariadb-tools         --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_UEKR7             --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_appstream         --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_baseos_latest     --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_codeready_builder --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_developer_EPEL    --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=s9s-repo              --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=s9s-tools             --newest-only --download-metadata

Create local repository

createrepo ${dir}

Client configuration

Remove old repos

rm /etc/yum.repos.d/*

Configure DNS records for repository server or modify local resolution

ping lt58ncp1sat1

vi /etc/hosts

192.168.62.151  lt58ncp1sat1

Distribute repo file for clients.

vi /etc/yum.repos.d/lt58ncp1sat1.repo

[ol9_baseos_latest]
name=Oracle Linux 9 BaseOS Latest
baseurl=http://lt58ncp1sat1/ol9_baseos_latest/
enabled=1
gpgcheck=0

[ol9_appstream]
name=Oracle Linux 9 Application Stream Packages
baseurl=http://lt58ncp1sat1/ol9_appstream/
enabled=1
gpgcheck=0

[ol9_codeready_builder]
name=Oracle Linux 9 CodeReady Builder (x86_64) - (Unsupported)
baseurl=http://lt58ncp1sat1/ol9_codeready_builder/
enabled=1
gpgcheck=0

[ol9_UEKR7]
name=Oracle Linux 9 UEK Release 7 (x86_64)
baseurl=http://lt58ncp1sat1/ol9_UEKR7/
enabled=1
gpgcheck=0


[ol9_developer_EPEL]
name=Oracle Linux 9 EPEL Packages for Development
baseurl=http://lt58ncp1sat1/ol9_developer_EPEL/
enabled=1
gpgcheck=0


[mariadb-main]
name=MariaDB Server
baseurl=http://lt58ncp1sat1/mariadb-main/
enabled=1
gpgcheck=0

[mariadb-maxscale]
name=MariaDB MaxScale 
baseurl=http://lt58ncp1sat1/mariadb-maxscale/
enabled=1
gpgcheck=0

[mariadb-tools]
name=MariaDB Tools
baseurl=http://lt58ncp1sat1/mariadb-tools/
enabled=1
gpgcheck=0


[s9s-repo]
name = Severalnines Release Repository
baseurl=http://lt58ncp1sat1/s9s-repo/
enabled=1
gpgcheck=0

[s9s-tools]
name = Severalnines Tools Repository
baseurl=http://lt58ncp1sat1/s9s-tools/
enabled=1
gpgcheck=0
Back to top