RHEL – local repository

For one of my clients we were deploying 12 Red Hat Enterprise Linux servers. The client has quite strict security rules, therefore patch management via RH Network was not an option. RHN proxy server or Satellite server was out of project budget. At the end I created a central RHEL local repository. We dedicated another RHEL server just for this purpose (thanks to virtualization friendly Red Hat licensing).

  1. Install minimal RHEL installation
  2. Dedicate one harddrive for the repository packages
  3. Disable SElinux for httpd (in /etc/selinux/targeted/booleans)
    httpd_disable_trans=1
  4. Allow access to these two sites on the outgoing firewall:
    209.132.183.44  xmlrpc.rhn.redhat.com
    92.122.186.196  content-xmlrpc.rhn.redhat.com
  5. Register the installation by running rhn_register and typing registration info
  6. Mount the repository harddrive into /opt/repository
  7. Download the repository for the first time:
    yum install yum-utils
    yum install createrepo
    reposync -p /opt/repository/ –repoid=rhel-x86_64-server-5 –l
    createrepo /opt/repository
  8. Create script to update the repository: /usr/local/bin/update-repository.sh
    echo Update script started at $(date) >> /var/log/update-repository.log
    reposync -p /opt/repository/ –repoid=rhel-x86_64-server-5 -l -n
    createrepo /opt/repository/
    echo Update script ended at $(date) >> /var/log/update-repository.log
  9. make it executable: chmod +x /usr/local/bin/update-repository.sh
  10. add it to crontab to run every day at 00:15: crontab -e
    15 0 * * * /usr/local/bin/update-repository.sh > /var/log/update-repository-result.log
  11. share the repository via http:
    ln -s /opt/repository/ /var/www/html/create:

    /etc/httpd/conf.d/repository.conf
    <Directory “/var/www/html/repository”>
    Options Indexes +FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
    </Directory>

  12. Set up /etc/yum.repos.d/repository.repo on all RHEL clients:
    [repository]
    name=Red Hat Enterprise Linux $releasever – $basearch
    baseurl=http://<URL of the local repository server>/repository
    enabled=1
    gpgcheck=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat

  13. Disable RHN on all clients but the local repository: /etc/yum/pluginconf.d/rhnplugin.conf

    [main]
    enabled = 0
    gpgcheck = 1[rhel-i386-server-5]
    enabled = 0  

About these ads

4 thoughts on “RHEL – local repository

  1. mehdi

    Hi, and thanks for this useful tuto.
    To complete this setup, you only need one RHN subscription the one for the repo server, right ?

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s