Instead of opening a proxy connection for each server, you can also create a local repository server that will connect to mirror repositories, and distribute the package for all linux server in your environment.
http://idolinux.blogspot.fr/2008/09/centos-update-server-and-local.html
To create and initialize your Yum repository, you must first download and install the createrepo package – available from the default CentOS repos. If you do not have access to the Internet, you can install by using the Red Hat or CentOS installation disc as a repository.
# yum install createrepo libxml2-python deltarpm python-deltarpm
Repositories use a simple database to keep track of all the packages and their dependencies. This is how it can provide you with all the packages required to be installed so quickly. The initialization step creates the database and prepares the directory to host the repository, allowing clients to connect to it. First copy all rpm Packages
# mount /dev/sr0 /mnt # cp -p /mnt/Packages/* /repos/CentOS/6.5 # createrepo -v /repos/CentOS/6.5
For information, createrepo will create a directory /repos/CentOS/6.5/repodata/ containing indexes
On local yum directory:
[root@rhlabh1 yum.repos.d]# vi /etc/yum.repos.d/local.repo [cdrom] name=CDROM Repo1 baseurl=file:///software/centos-7.2 enabled=1 gpgcheck=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release [root@rhlabh1 yum.repos.d]# yum update
Not all repositories are stagnant. Usually you will want to add new packages or package updates. Adding them to your Packages directory isn’t enough to make it available to clients. You also need to update the repositories package database.
Add new packages to the repositories Package directory. Update the repository’s database.
# createrepo --update /repos/CentOS/6.5
The installation disc for Red Hat and CentOS comes with an entire library of the base packages, which mirrors the online repository. The packages will be out of date, but you can update them later on yourself. Seeding your repository using the installation disc is the easiest way to create a base repository.
Mount the installation disc or ISO. Copy the packages on the disc to your repository. As an example, I’ve mounted my disc to /media/CentOS.
cp -arv /media/CentOS/Packages/* /repos/CentOS/6.5/
Create the repository.
createrepo /repos/CentOS/6.5
Another approach is to download the packages from the online repository. This will ensure you have the most up-to-date versions of the packages for your repository.
Find the an existing mirror by going to http://centos.org/download/mirrors/. Look for a site near you and grab the address under the Rysnc Location column. As an example, I’ll be using a Univerity near my location. Use Rsync to download the entire repository. I am only interested in CentOS 6.5, so I’m targeting the directory for it at the local university.
rsync -rz --progress rsync://mirror.csclub.uwaterloo.ca/centos/os/x86_64/ /repos/CentOS/6.5/
The repository is ready, but unless you publish the repository using HTTP or FTP you’re clients won’t be able to use it.
Install Apache.
yum install httpd
Create a symbolic link in the default Apache root directory to our new repository. We’re going to create the link so it points to the root of our CentOS repo directory. This lessens the effort required when adding new releases to the repo.
ln -s /repos/CentOS /var/www/html/CentOS
Start the Apache daemon to start hosting the repo files.
You can use for example the directive : Listen 9999 in the file /etc/httpd/conf/httpd.conf, to change the default port
Install VSFTP
yum install vsftpd
Create a symbolic link in the default VSFTP root directory to our new repository. We’re going to create the link so it points to the root of our CentOS repo directory. This lessens the effort required when adding new releases to the repo.
ln -s /repos/CentOS /var/ftp/public/CentOS
Start the VSFTPD daemon to start hosting the repo files.
Our repository is now ready for your clients. Before they can access it, we need to create a Yum repository configuration file.
Log onto the client computer. Navigate to the directory hosting the Yum repository configuration files.
cd /etc/yum.repos.d
Rename all files .repo in .repo.old and create a configuration file for your local repository.
vi local.repo
Add the following lines to the file. Replace the baseurl value to point to either your HTTP host or your FTP host.
[mylocalrepo] name=Local CentOS Repo baseurl=http://my-repo-server:9999/CentOS/6.5 gpgcheck=0 enabled=1 [extrarepo] name=Local CentOS Repo baseurl=ftp://my-repo-server/CentOS/extra gpgcheck=0 enabled=1
Save your changes and exit the text editor.
Now reset your client yum indexes (directories in /var/cache/yum/):
yum clean all
And try to install something:
yum install vsftpd
I have created a repository /repos/CentOS with 45GB, to store CentOS version 5.11, 6.5 and 7. I've start an apache server on port 99 on my repository server, that will be used by CentOS clients to update their packages
First copy all repos repo files from directory /etc/yum.repos.d/ to /root/scripts/yum/yum.repos.d/, and rename them to .repo.remote instaed of .repo. In each .repo.remote, replace :
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 by gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-$mainversion
And
baseurl=http://debuginfo.centos.org/7/$basearch/ by baseurl=http://debuginfo.centos.org/$releasever/$basearch/
Example:
[root@lrpmproxy yum.repos.d]# cat /root/scripts/yum/yum.repos.d/CentOS-Base.repo.remote # CentOS-Base.repo # # The mirror system uses the connecting IP address of the client and the # update status of each mirror to pick mirrors that are updated to and # geographically close to the client. You should use this for CentOS updates # unless you are manually picking other mirrors. # # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # # [base] name=CentOS-$releasever - Base #seurl=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-$mainversion #released updates [updates] name=CentOS-$releasever - Updates #baseurl=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-$mainversion #additional packages that may be useful [extras] name=CentOS-$releasever - Extras #baseurl=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-$mainversion #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus #baseurl=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-$mainversion
Add also EPEL repository:
[root@lrpmproxy yum.repos.d]# cat /root/scripts/yum/yum.repos.d/CentOS-epel.repo.remote # CentOS-Base.repo # # The mirror system uses the connecting IP address of the client and the # update status of each mirror to pick mirrors that are updated to and # geographically close to the client. You should use this for CentOS updates # unless you are manually picking other mirrors. # # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # # [epel] name=CentOS-$releasever - EPEL baseurl=http://dl.fedoraproject.org/pub/epel/$mainversion/$basearch mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-$mainversion&arch=$basearch gpgcheck=0 #gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-$mainversion
Here is the synchronization script to collect all repositories:
[root@lrpmproxy scripts]# cat /root/scripts/get_latest_updates.sh
#!/bin/bash #@(#) This script rsyncs a local Centos mirror # lftp -e "mirror -R src_local_folder dest_folder_on_ftp_server; exit" -u ftp_user[,ftp_pass] ftp_server # wget --mirror --no-parent --no-host-directories --cut-dirs=1 http://127.0.0.1:9999/CentOS/7/0/os/repodata/ # http://dl.fedoraproject.org/pub/epel/ # reposync -c /etc/yum.conf -d -n -p destdir dir=`dirname $0` #. $dir/.env export binpath=/root/scripts export sn=`basename $0 | cut -d. -f1` export HOSTNAME=`/usr/bin/hostname` export logpath=/root/scripts/logs export logname=$logpath/$sn.log #Variables DATE=`date +%Y%m%d%H%m` LOG=$logname.$DATE REPO_PATH=/repos/CentOS VERSION="7 6.5 5.11" BASE_ARCH="x86_64" YUM_CONF=/root/scripts/yum/yum.conf reposdir=/root/scripts/yum/yum.repos.d # Proxy needs to be exported PROXY="192.168.10.10:8080" export ftp_proxy="http://$PROXY/" export http_proxy="http://$PROXY/" export https_proxy="http://$PROXY/" main () { for version in $(echo $VERSION) do for arch in $(echo $BASE_ARCH) do date "+%Y-%m-%d %H:%m" mainversion=$(echo $version | cut -d'.' -f1) rm -rf $reposdir/*.repo for file in $(ls $reposdir/*.repo.remote) do file1=$(echo $file | sed 's/\.remote//') cat $file | sed -e "s/\$mainversion/$mainversion/g" -e "s/\$releasever/$version/g" -e "s/\$basearch/$BASE_ARCH/g" > $file1 done echo "##### YUM CLEAN #####" yum clean all for repo in updates extras centosplus base base-source epel do LOCAL_PATH=$REPO_PATH/$version mkdir -p $LOCAL_PATH/$repo if [ $(ls $LOCAL_PATH/*.rpm 2>/dev/null | wc -l) -gt 0 ] then OPT_CREATEREPO="--update" else OPT_CREATEREPO="" fi cd $REPO_PATH echo "##### reposync -c $YUM_CONF -r $repo -d -n -p $LOCAL_PATH #####" reposync -c $YUM_CONF -r $repo -d -n -p $LOCAL_PATH STATUS=$? echo "##### createrepo $OPT_CREATEREPO -v $LOCAL_PATH/$repo #####" createrepo $OPT_CREATEREPO -v $LOCAL_PATH/$repo done done done date "+%Y-%m-%d %H:%m" } main | tee $logname 2>&1 exit 0
I have also a customized yum.conf file
[root@lrpmproxy scripts]# cat /root/scripts/yum/yum.conf
[main] cachedir=/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/syncrepo.log exactarch=1 obsoletes=1 gpgcheck=1 plugins=1 installonly_limit=5 bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum distroverpkg=centos-release proxy=http://192.168.10.10:8080/ # This is the default, if you make this bigger yum won't see if the metadata # is newer on the remote and so you'll "gain" the bandwidth of not having to # download the new metadata and "pay" for it by yum not having correct # information. # It is esp. important, to have correct metadata, for distributions like # Fedora which don't keep old packages around. If you don't like this checking # interupting your command line usage, it's much better to have something # manually check the metadata once an hour (yum-updatesd will do this). # metadata_expire=90m # PUT YOUR REPOS HERE OR IN separate files named file.repo # in /etc/yum.repos.d reposdir=/root/scripts/yum/yum.repos.d
[root@centos-cli7 ~]# cat /etc/yum.conf [main] cachedir=/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 gpgcheck=1 plugins=1 installonly_limit=5 bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum distroverpkg=centos-release
On directory /etc/yum.repos.d/, rename all files .repo in .repo.old, and add the new files:
[root@centos-cli7 ~]# cat /etc/yum.repos.d/CentOS-Base.repo # CentOS-Base.repo # # The mirror system uses the connecting IP address of the client and the # update status of each mirror to pick mirrors that are updated to and # geographically close to the client. You should use this for CentOS updates # unless you are manually picking other mirrors. # # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # # [base] name=CentOS-$releasever - Base baseurl=http://192.168.21.21:99/CentOS/7/base gpgcheck=0 enabled=1 #released updates [updates] name=CentOS-$releasever - Updates baseurl=http://192.168.21.21:99/CentOS/7/updates gpgcheck=0 enabled=1 #additional packages that may be useful [extras] name=CentOS-$releasever - Extras baseurl=http://192.168.21.21:99/CentOS/7/extras gpgcheck=0 enabled=1 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus baseurl=http://192.168.21.21:99/CentOS/7/centosplus gpgcheck=0 enabled=1 [root@centos-cli7 ~]# cat /etc/yum.repos.d/epel.repo [epel] name=Extra Packages for Enterprise Linux 7 - $basearch #mirrorlist=http://download.fedoraproject.org/pub/epel/7/$basearch baseurl=http://192.168.21.21:99/CentOS/7/epel failovermethod=priority enabled=1 gpgcheck=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Move oldest packages to /tmp/archives
repomanage --old $repo | while read package do dir=$(dirname "$package") archive="/tmp/archives/$(basename $repo)" [ ! -d $archive ] && mkdir -p $archive mv "$package" $archive done
List all package and keep 2 versions
# repomanage --keep=2 --old /path/to/repo
List all package newest packages
# repomanage --keep=2 --new /path/to/repo
Delete oldest packages
# repomanage --keep=2 --old /path/to/repo | xargs rm -f
cachedir Directory where yum should store its cache and db files. The default is '/var/cache/yum'. persistdir Directory where yum should store information that should persist over multiple runs. The default is '/var/lib/yum'.
keepcache Either '1' or '0'. Determines whether or not yum keeps the cache of headers and packages after successful installation. Default is '1' (keep files)