Skip to main content

Repository proxy server aka satellite server for Redhat family.

This setup is done on Oracle Linux v9.5.

Preparations

PreparationsSet up local hostname

vi /etc/hosts
add local ip to local host

dnf repolist
# disable repos in /etc/yum.repo.d


hostnamectl hostname lt58ncp1sat1
exit

configureCheck andInternet attach disk for repositories (bear in mind that it will grow, consider LVM) prepare repo dir (to mounted disk)connectivity

mkdircurl /mnt/repo
mkdir -p /usr/share/nginx/html/reposmyip.2dz.fi

Carefully observe current /etc/yum.repo.d/oracle-linux-ol9.repo file. It has many repos listed and some of them are disabled. We shall need these. Ensure they are all enabled (enabled=1):

[ol9_baseos_latest]
name=Oracle Linux 9 BaseOS Latest ($basearch)
baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL9/baseos/latest/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

[ol9_appstream]
name=Oracle Linux 9 Application Stream Packages ($basearch)
baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL9/appstream/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

[ol9_codeready_builder]
name=Oracle Linux 9 CodeReady Builder ($basearch) - (Unsupported)
baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL9/codeready/builder/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

There are additional repositories, which depends on your environment and subscription, such as "Unbreakable Enterprise Kernel (UEK)", "Remote Direct Memory Access (RDMA)", "Virtualization (KVM) Utilities", "Latest Red Hat Compatible Kernel (RHCK) with fixes". Consider enabling them when there is a need for them.

As decscribed in the blog post below, Oracle gives a choice which Kernel to run, depending on that respective repositories should be enabled:

https://blog.mythics.com/posts/uek-vs-rhck-kernels

Observe enabled repositories, their IDs will be needed later in sync operations

dnf repolist

repo id                                                                                                              repo name
ol9_UEKR7              Oracle Linux 9 UEK Release 7 (x86_64)
ol9_appstream          Oracle Linux 9 Application Stream Packages (x86_64)
ol9_baseos_latest      Oracle Linux 9 BaseOS Latest (x86_64)
ol9_codeready_builder  Oracle Linux 9 CodeReady Builder (x86_64) - (Unsupported)

As primary repositories are verified, let's perform a system update and reboot.

dnf update
shutdown -r now

Install necessary utils

dnf install \
    createrepo \
    yum-utils \
    wget \
    tmux

Configure and attach disk for repositories. Bbear in mind that it will grow, consider using LVM.

hostname
lsblk
df -h
mkdir -p /mnt/$(hostname)-data/data/www/repos/
echo "hello-hello" > /mnt/$(hostname)-data/data/www/repos/hello

Install webserver to serve packages

dnf install nginx

systemctl start nginx
systemctl enable nginx
systemctl status nginx
ss -ntap | grep nginx

cdvi /etc/nginx/
ls -la
vi conf.d/repos.$(hostname).conf

#server webserver{
    configlisten here80 ```bashdefault_server;

    nginxserver_name -tlt58ncp1sat1;

    root /mnt/lt58ncp1sat1-data/data/www/repos/;
    index index.html;

    location / {
        autoindex on;
    }
}

Permissions and SElinux

chown root:root /mnt/$(hostname)-data/data/www/repos/
chmod 775 /mnt/$(hostname)-data/data/www/repos/
chcon -Rt httpd_sys_content_t /usr/share/nginx/html/reposmnt/$(hostname)-data/data/www/repos/
getenforce 
nginx -t
nginx -s reload
ss -ntap | grep nginx
sudo -u nginx cat /mnt/$(hostname)-data/data/www/repos/hello
curl http://127.0.0.1/hello

RemoveConfigure oldfirewall reposand check from externally:

rmfirewall-cmd --add-service=http  --permanent
firewall-cmd --add-service=https --permanent

# from another machine
curl http:/etc/yum.repos.d/*/192.168.62.151/hello

AddLet's Oracleadd Linux officialmore repositories (optional)

here

Add EPEL repos (will download and install oracle-epel-release-el9)

dnf install epel-release

Add ClusterControl repo and keys

wget http://www.severalnines.com/downloads/cmon/s9s-repo.repo -P /etc/yum.repos.d/

and for s9s-tools, edit file:

vi /etc/yum.repos.d/s9s-repo.repo

[s9s-tools]
name=s9s-tools
type=rpm-md
baseurl=http://repo.severalnines.com/s9s-tools/CentOS_9
gpgcheck=1
gpgkey=http://repo.severalnines.com/s9s-tools/CentOS_9/repodata/repomd.xml.key
enabled=1

Import keys for repo

rpm --import http://repo.severalnines.com/severalnines-repos.asc
rpm --import http://repo.severalnines.com/s9s-tools/CentOS_9/repodata/repomd.xml.key

Add MariaDB repo

curl -LsS https://r.mariadb.com/downloads/mariadb_repo_setup | sudo bash

Check repositories list

dnf repolist

Sync repos to the local storage (it will take time)

tmux
export dir="/usr/share/nginx/html/mnt/$(hostname)-data/data/www/repos/"
dnf reposyncls -gla $dir
df --delete -ph ${dir}dir
--repoid=baseos# --newest-onlyTODO: --download-metadatascript dnf reposync -g --delete -p ${dir} --repoid=appstream        --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=addons           --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=crb              --newest-only --download-metadatait
dnf reposync -g --delete -p ${dir} --repoid=mariadb-main          --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=mariadb-maxscale      --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=mariadb-tools         --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_UEKR7             --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_appstream         --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_baseos_latest     --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_codeready_builder --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=ol9_developer_EPEL    --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=s9s-repo              --newest-only --download-metadata
dnf reposync -g --delete -p ${dir} --repoid=s9s-tools             --newest-only --download-metadata

Create local repository

createrepo /usr/share/nginx/html/repos/${dir}

Client configuration

Remove old repos

rm /etc/yum.repos.d/*

Configure DNS records for satelliterepository server foror modify local resolution

ping lt58ncp1sat1

vi /etc/hosts

192.168.62.151  lt58ncp1sat1

Distribute repo file for clients.

vi /etc/yum.repos.d/lt58ncp1sat1.repo

[appstream]ol9_baseos_latest]
name=Oracle $releaseverLinux -9 AppStreamBaseOS Latest
baseurl=http://lt58ncp1sat1/appstream/ol9_baseos_latest/
enabled=1
gpgcheck=0

[baseos]ol9_appstream]
name=Oracle $releaseverLinux -9 BaseOSApplication Stream Packages
baseurl=http://lt58ncp1sat1/baseos/ol9_appstream/
enabled=1
gpgcheck=0

[crb]ol9_codeready_builder]
name=Oracle $releaseverLinux 9 CodeReady Builder (x86_64) - CRB(Unsupported)
baseurl=http://lt58ncp1sat1/crb/
enabled=0
gpgcheck=0

[extras]
name=Oracle $releasever - Extras
baseurl=http://lt58ncp1sat1/extras/ol9_codeready_builder/
enabled=1
gpgcheck=0

[epel]ol9_UEKR7]
name=Oracle $releaseverLinux -9 EpelUEK Release 7 (x86_64)
baseurl=http://lt58ncp1sat1/epel/ol9_UEKR7/
enabled=1
gpgcheck=0


[ol9_developer_EPEL]
name=Oracle Linux 9 EPEL Packages for Development
baseurl=http://lt58ncp1sat1/ol9_developer_EPEL/
enabled=1
gpgcheck=0


[mariadb-main]
name=MariaDB MainServer
baseurl=http://lt58ncp1sat1/mariadb-main/
enabled=1
gpgcheck=0

[mariadb-maxscale]
name=MariaDB MaxScale 
baseurl=http://lt58ncp1sat1/mariadb-maxscale/
enabled=1
gpgcheck=0

[mariadb-tools]
name=MariaDB MainTools
baseurl=http://lt58ncp1sat1/mariadb-tools/
enabled=1
gpgcheck=0


[s9s-repo]
name = Severalnines Release Repository
baseurl=http://lt58ncp1sat1/s9s-repo/
enabled=1
gpgcheck=0

[s9s-tools]
name = Severalnines Tools Repository
baseurl=http://lt58ncp1sat1/s9s-tools/
enabled=1
gpgcheck=0
Back to top