Presentation
Downloading packages from the Internet takes time.
To be able to quickly deploy new VMs, you need a local repository.
Configuration Procedure
Install the Apache package:
# yum group install -y "Basic Web Server"
Create the directories for the CentOS distribution and the updates:
# cd /var/www/html # mkdir -p conf repo/CentOS/7 # cd repo/CentOS/7 # mkdir -p centosplus/x86_64 extras/x86_64 os/x86_64 updates/x86_64
In the software requirements, it was specified to download the DVD version or the Everything version of the CentOS 7 distribution. It is now time to use it.
Mount the previously downloaded iso and copy it into the right place:
# mount -o loop CentOS-7.0-1406-x86_64-DVD.iso /mnt # cd /mnt # tar cvf - . | (cd /var/www/html/repo/CentOS/7/os/x86_64; tar xvf -) # cd /; umount /mnt
In order to prepare the centosplus, extras and updates repositories, install the createrepo package:
# yum install createrepo
Prepare the centosplus, extras and updates repositories:
# cd /var/www/html/repo/CentOS/7/centosplus/x86_64; createrepo . # cd ../../extras/x86_64; createrepo . # cd ../../updates/x86_64; createrepo .
Go into the directory where the repository configuration is:
# cd /etc/yum.repos.d
Create the local.repo file and paste the following lines:
[os] name=master - Base baseurl=http://192.168.1.5/repo/CentOS/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 [updates] name=master - Updates baseurl=http://192.168.1.5/repo/CentOS/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 [extras] name=master - Extras baseurl=http://192.168.1.5/repo/CentOS/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 [centosplus] name=master - CentosPlus baseurl=http://192.168.1.5/repo/CentOS/$releasever/centosplus/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Note1: A yum update command will update the system with what the local Apache server’s got.
Note2: Don’t try to display the $releasever and $basearch variables with the echo command. They aren’t shell variables but specific values provided by yum (see this thread for more details).
Copy the local.repo file into the /var/www/html/conf directory to make it available to the new VMs:
# cp local.repo /var/www/html/conf
Assign the SELinux attributes to the files:
# restorecon -R /var/www/html
Activate the Apache server at boot and start it:
# systemctl enable httpd && systemctl start httpd
Clean up the yum configuration:
# yum clean all
Check the yum configuration:
# yum repolist all Loaded plugins: fastestmirror, langpacks centosplus | 2.9 kB 00:00 extras | 2.9 kB 00:00 os | 3.6 kB 00:00 updates | 2.9 kB 00:00 (1/2): os/7/x86_64/group_gz | 157 kB 00:00 (2/2): os/7/x86_64/primary_db | 4.9 MB 00:00 Loading mirror speeds from cached hostfile repo id repo name status centosplus/7/x86_64 master - CentosPlus enabled: 0 extras/7/x86_64 master - Extras enabled: 0 os/7/x86_64 master - Base enabled: 8,465 updates/7/x86_64 master - Updates enabled: 0 repolist: 8,465
Finally, you need an extra step to regularly update your lab local repository.
Create a Bash script called /root/rsync.sh and paste the following lines (where mirror.ovh.net/ftp.centos.org/7/ is the url of a close CentOS repository):
#!/bin/bash /usr/bin/rsync -av --delete --delete-excluded --exclude "local" --exclude "isos" --exclude "*.iso" --exclude "xen4" --exclude "*.i686.*" --exclude "i386" rsync://centos.mirrors.ovh.net/ftp.centos.org/7/ /var/www/html/repo/CentOS/7
Give the execution permissions:
# chmod u+x /root/rsync.sh
Put this script into the root crontab (# crontab -e):
00 02 * * * /root/rsync.sh
Note: The first synchronization will last a while but, after, it will be quick.
After synchronization, you will get this kind of result:
# yum repolist all Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile repo id repo name status centosplus/7/x86_64 master - CentosPlus enabled: 70 extras/7/x86_64 master - Extras enabled: 44 os/7/x86_64 master - Base enabled: 8,465 updates/7/x86_64 master - Updates enabled: 866 repolist: 9,445
Add a rule to the firewall (except if the local repository is the KVM host itself):
# firewall-cmd --permanent --add-service=http # firewall-cmd --reload
Depending on the disc you used to install CentOS 7, you may need to remove the currently existing repos to achieve the same output — and avoid a warning about each repo “being defined twice.”
Just do an rm /etc/yum.repos.d/* before you create your local.repo, and you should be set!
Yes, absolutely.
Hi,
thanks for making such a great site! I have purchased the new RHEL 7 book by Michael Jang which you recomended which is being released today (8 April) – I can’t wait to receive it shortly.
I have been following your lab tutorial and I have a problem with the rsync.sh command… when I type this into my terminal it gives me an error is this normal?
[root@master yum.repos.d]# /usr/bin/rsync -av –delete –delete-excluded –exclude “local” –exclude “isos” –exclude “*.iso” –exclude “xen4” –exclude “*.i686.*” –exclude “i386” rsync://mirror.ovh.net/ftp.centos.org/7/ /var/www/html/repo/CentOS/7
@ERROR: Unknown module ‘ftp.centos.org’
rsync error: error starting client-server protocol (code 5) at main.c(1516) [Receiver=3.0.9]
I haven’t let rsync.sh run on it’s own yet, but I just wanted to test it’s functionally and test my closest mirror format.
My closest mirror is: http://mirror.its.sfu.ca/mirror/CentOS/7/
Anyways thanks for reading my comment and I would appretiate any feedback given on my error.
Yours Sincerely
anisK
My example doesn’t work anymore because the url has changed.
I updated the tutorial because the line should now be:
# /usr/bin/rsync -av –delete –delete-excluded –exclude “local” –exclude “isos” –exclude “*.iso” –exclude “xen4” –exclude “*.i686.*” –exclude “i386” rsync://centos.mirrors.ovh.net/ftp.centos.org/7/ /var/www/html/repo/CentOS/7
ah sorry when I said it doesn’t give any error now that was because I forgot to remove the #…it stills give me an error
[root@master yum.repos.d]# /usr/bin/rsync -av –delete –delete-excluded –exclude “local” –exclude “isos” –exclude “*.iso” –exclude “xen4” –exclude “*.i686.*” –exclude “i386” rsync://centos.mirrors.ovh.net/ftp.centos.org/7/ /var/www/html/repo/CentOS/7
Unexpected remote arg: rsync://centos.mirrors.ovh.net/ftp.centos.org/7/
rsync error: syntax or usage error (code 1) at main.c(1214) [sender=3.0.9]
I checked the command, it works fine.
Did you create the /var/www/html/repo/CentOS/7 directory?
Should also be included in “Prepare the centosplus, extras and updates repositories:” step?
These operations are not asked for the RHCSA/RHCE exams.
Hi I followed the guide
However I found the 7.3 has the firewall enabled. So you should add the following
firewall-cmd –add-port=80/tcp –permanent
firewall-cmd –add-port=443/tcp –permanent
firewall-cmd –reload
I fixed the tutorial. Thanks.
The Rsync script is broken again. Can’t connect to the rsync mirror
Describe your problem more precisely.
The script isn’t broken, however the rsync mirror that’s hardcoded might be down. Here you go, pick the one from the list:
https://www.centos.org/download/mirrors/
I am using 7.3 centos
and rsync://mirror.aarnet.edu.au/centos/7
That does nothing and finishes. I changed it to rsync://mirror.aarnet.edu.au/centos/7.3.1611:
This downloads a lot of junk folders like the atomic repo
However if I use:
rsync -avz –exclude=’repo*’ rsync://mirror.overthewire.com.au/centos/7/os/x86_64/ /var/www/html/repos/centos/7/os/x86_64/ # CentOS Base Repo
rsync -avz –exclude=’repo*’ rsync://mirror.overthewire.com.au/centos/7/updates/x86_64/ /var/www/html/repos/centos/7/updates/x86_64/ # CentOS Update Repo
No junk files
Last time I did that (7.3.1611). I filled up my hdd with 25gb of repo data.
There is a typo in your original address. should be
http://mirror.aarnet.edu.au/pub/centos/7/
I would stick to only rsync the directory’s your need like
/os/
/centosplus/
/updates/
pub is unknown module
My mistake, at the start of the address. It should be rsync not http. It is unlikely that there is a difference between the layout in the different protocols.
Hello again CertDepot, I’d like to ask if the repository is at an ip that’s in a different network, let’s say 10.0.1.68 (we don’t know the subnet mask, nor its gateway or dns) and the system eth0 is 172.168.10.11 but we can’t ping anything from the 10.* network, how can we make it ping/connect to that repository?
Would it need an eth-route config and sysctl parameters like ip forwarding and source routing?
You may need to configure a route but I don’t see why you would have to enable ip forwarding or source routing.
I agree, simply adding a static route should be sufficient.
I was wondering if for RHCE purposes we aren’t better off not updating our repos. From my understanding, the tests are based on RHEL 7.0. If so, upgrading versions could lead to some ambiguities with versions of files when using iSCSi and other applications. Any thoughts?
If your objective is to know as much as possible, then updating is good. However, if your objective is passing the exam, can updating cause confusion?
Thanks,
Mike_
This is a tricky question: if you don’t update your repos, you could have bugs not fixed; if you update your repos, you could change the standard behaviour. Personally, I won’t update the repos to keep the standard behaviour.
What you can do is to download all RHEL 7.x DVDs from Red Hat website, and create repos for each DVD. Disable them all but the 7.0. Do as much testing as you can on RHEL 7.0, and then move to RHEL 7.1 (enable 7.1 repo and update your system). Repeat the process, do as much testing as you can on RHEL 7.1, and then move to RHEL 7.2.
Simply create a snapshot of the system at the start of the process, so that you can always roll back to.
Exactly! 🙂 To pass test, don’t upgrade. To understand as much as possible, learn all aspects of the versions and methods.