in linux 329 Words

RHEL – local repository

For one of my clients we were deploying 12 Red Hat Enterprise Linux servers. The client has quite strict security rules, therefore patch management via RH Network was not an option. RHN proxy server or Satellite server was out of project budget. At the end I created a central RHEL local repository. We dedicated another RHEL server just for this purpose (thanks to virtualization friendly Red Hat licensing).

  1. Install minimal RHEL installation
  2. Dedicate one harddrive for the repository packages
  3. Disable SElinux for httpd (in /etc/selinux/targeted/booleans)
    httpd_disable_trans=1
  4. Allow access to these two sites on the outgoing firewall:
    209.132.183.44  xmlrpc.rhn.redhat.com
    92.122.186.196  content-xmlrpc.rhn.redhat.com
  5. Register the installation by running rhn_register and typing registration info
  6. Mount the repository harddrive into /opt/repository
  7. Download the repository for the first time:
    yum install yum-utils
    yum install createrepo
    reposync -p /opt/repository/ –repoid=rhel-x86_64-server-5 –l
    createrepo /opt/repository
  8. Create script to update the repository: /usr/local/bin/update-repository.sh
    echo Update script started at $(date) >> /var/log/update-repository.log
    reposync -p /opt/repository/ –repoid=rhel-x86_64-server-5 -l -n
    createrepo /opt/repository/
    echo Update script ended at $(date) >> /var/log/update-repository.log
  9. make it executable: chmod +x /usr/local/bin/update-repository.sh
  10. add it to crontab to run every day at 00:15: crontab -e
    15 0 * * * /usr/local/bin/update-repository.sh > /var/log/update-repository-result.log
  11. share the repository via http:
    ln -s /opt/repository/ /var/www/html/create:

    /etc/httpd/conf.d/repository.conf
    <Directory “/var/www/html/repository”>
    Options Indexes +FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
    </Directory>

  12. Set up /etc/yum.repos.d/repository.repo on all RHEL clients:
    [repository]
    name=Red Hat Enterprise Linux $releasever – $basearch
    baseurl=http://<URL of the local repository server>/repository
    enabled=1
    gpgcheck=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat

  13. Disable RHN on all clients but the local repository: /etc/yum/pluginconf.d/rhnplugin.conf

    [main]
    enabled = 0
    gpgcheck = 1[rhel-i386-server-5]
    enabled = 0  

4 thoughts on “RHEL – local repository

  3. Hi, and thanks for this useful tuto.
    To complete this setup, you only need one RHN subscription the one for the repo server, right ?

    Reply

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.