搭建内网 yum 同步服务器
搭建内网 yum 服务器有助于节省带宽而且下载速度更快。
需求
搭建一台内网yum服务器,每天自动同步阿里云yum镜像
内网客户端安装软件时都从内网yum服务器下载.
节省网络出口流量
需求讲完了下面就开始实施了,准备一台机器作为内网yum服务器(可连接外网),然后按下面步骤执行:
创建yum仓库目录
需要先创建yum仓库目录用来存放rpm包,该目录结构是参考了阿里云yum源的目录结构.
sudo mkdir -pv /home/yum/centos/{6,7}/{os,extras,updates}/x86_64/Packages
sudo mkdir -pv /home/yum/epel/{6,7}/x86_64/Packages
注意
最好是挂载单独的硬盘然后在此硬盘上创建如上的目录结构,其中Packages是用来存放rpm包的.
安装createrepo软件
yum -y install createrepo yum-utils
初始化repodata索引文件
格式: createrepo -po 源目录 索引元数据的输出位置目录
sudo createrepo -po /home/yum/centos/6/os/x86_64 /home/yum/centos/6/os/x86_64
sudo createrepo -po /home/yum/centos/6/extras/x86_64 /home/yum/centos/6/extras/x86_64
sudo createrepo -po /home/yum/centos/6/updates/x86_64 /home/yum/centos/6/updates/x86_64
sudo createrepo -po /home/yum/centos/7/os/x86_64 /home/yum/centos/7/os/x86_64
sudo createrepo -po /home/yum/centos/7/extras/x86_64 /home/yum/centos/7/extras/x86_64
sudo createrepo -po /home/yum/centos/7/updates/x86_64 /home/yum/centos/7/updates/x86_64
sudo createrepo -po /home/yum/epel/6/x86_64 /home/yum/epel/6/x86_64
sudo createrepo -po /home/yum/epel/7/x86_64 /home/yum/epel/7/x86_64
添加rpm包
获取rpm包的方式有如下几种,这里主要介绍自动同步阿里云镜像这种:
挂载centos7官方ISO镜像,然后复制rpm包到本地。
自己制作的rpm包
同步阿里云镜像源
yumdownloader rpmname(只下载不安装)
平时yum安装软件时不删除安装包
vim cat /etc/yum.conf
keepcache=1
cachedir=/var/cache/yum/$basearch/$releasever
# /var/cache/yum/x86_64/6/base/packages
同步阿里云镜像
- 备份
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
- 修改repo文件
## centos7
[base7]
name=CentOS7-Base-LocalYumServer
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/os/x86_64/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#released updates
[updates7]
name=CentOS7-Updates-LocalYumServer
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/updates/x86_64/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras7]
name=CentOS7-Extras-LocalYumServer
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/extras/x86_64/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
## centos6
[base6]
name=CentOS6-Base-LocalYumServer
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/6/os/x86_64/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-6
#released updates
[updates6]
name=CentOS6-Updates-LocalYumServer
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/6/updates/x86_64/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-6
#additional packages that may be useful
[extras6]
name=CentOS6-Extras-LocalYumServer
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/6/extras/x86_64/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-6
## epel
[epel7]
name=epel7-LocalYumServer
baseurl=http://mirrors.aliyun.com/epel/7/x86_64/
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=http://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-7
[epel6]
name=epel6-LocalYumServer
baseurl=http://mirrors.aliyun.com/epel/6/x86_64/
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=http://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-6
[buildrpmself]
name=buildrpmself-LocalYumServer
baseurl=file:///home/yum/buildrpmself/7/x86_64
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///home/yum/buildrpmself/RPM-GPG-KEY-echoxu
其实还可将上述文件中的epel部分拆分到epel.repo文件中.通过yum repolist查看效果.
制作rpm包签名请参考之前的定制rpm包里的使用gpg方式生成签名密钥章节.
注意
如果存在多个源时(阿里云源、163等)可以通过设置优先级来决定默认启用哪个,priority=(1~99),值越小,优先级越高。
echo "priority=1" >> CentOS7-aliyun.repo
- 生成缓存
yum clean all
yum makecache
- 同步rpm文件
centos6同步rpm包:
reposync -n --repoid=base6 -p /home/yum/centos/6/os/x86_64/Packages
reposync -n --repoid=updates6 -p /home/yum/centos/6/updates/x86_64/Packages
reposync -n --repoid=extras6 -p /home/yum/centos/6/extras/x86_64/Packages
reposync -n --repoid=epel6 -p /home/yum/epel/6/x86_64/Packages
centos7同步rpm包:
reposync -n --repoid=base7 -p /home/yum/centos/7/os/x86_64/Packages
reposync -n --repoid=updates7 -p /home/yum/centos/7/updates/x86_64/Packages
reposync -n --repoid=extras7 -p /home/yum/centos/7/extras/x86_64/Packages
reposync -n --repoid=epel7 -p /home/yum/epel/7/x86_64/Packages
- 更新rpm仓库
每次添加了新的rpm包都要执行更新操作:
createrepo --update /home/yum/centos/6/os/x86_64/
createrepo --update /home/yum/centos/6/updates/x86_64/
createrepo --update /home/yum/centos/6/extras/x86_64/
createrepo --update /home/yum/epel/6/x86_64/
createrepo --update /home/yum/centos/7/os/x86_64/
createrepo --update /home/yum/centos/7/updates/x86_64/
createrepo --update /home/yum/centos/7/extras/x86_64/
createrepo --update /home/yum/epel/7/x86_64/
rpm包校验秘钥
这里使用的是阿里云提供的RPM-GPG-KEY:
wget https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7 -P /home/yum/centos/
wget https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-6 -P /home/yum/centos/
如果是自己制作的rpm包我们可以创建属于自己的RPM-GPG-KEY,然后再在yum.repo中添加如下:
[buildrpmself]
name=buildrpmself-LocalYumServer
baseurl=file:///home/yum/buildrpmself/7/x86_64
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///home/yum/buildrpmself/RPM-GPG-KEY-echoxu
使用nginx作为rpm包下载站
- 设置权限
设置/home/yum的属主及属组为nginx的启动用户,我这里的nginx是用APPDeploy启动的,所以是如下设置:
chmod -R APPDeploy:APPDeploy /home/yum
- 新建一个vhost
server {
listen 80;
server_name yum.echo.xu;
root /home/yum;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
}
- 设置域名
为方便其他人访问,可以设置yum服务器的域名为yum.echo.xu,这个域名是因为我自建了一个DNS服务器.
每天同步镜像
创建同步操作的日志目录用于记录同步操作是否执行成功:
sudo mkdir /var/log/centosrepo.log
开始编写同步脚本:
vi /root/yum-update.sh
脚本内容如下:
#!/bin/bash
datetime=`date +"%Y-%m-%d"`
echo 开始同步centos6
reposync -n --repoid=base6 -p /home/yum/centos/6/os/x86_64/Packages || echo "ERROR: $datetime centos6Base update failed" >>/var/log/centosrepo.log
reposync -n --repoid=updates6 -p /home/yum/centos/6/updates/x86_64/Packages || echo "ERROR: $datetime centos6Updates update failed" >>/var/log/centosrepo.log
reposync -n --repoid=extras6 -p /home/yum/centos/6/extras/x86_64/Packages || echo "ERROR: $datetime centos6Extras update failed" >>/var/log/centosrepo.log
reposync -n --repoid=epel6 -p /home/yum/epel/6/x86_64/Packages || echo "ERROR: $datetime epel6 update failed" >>/var/log/centosrepo.log
echo 开始同步centos7
reposync -n --repoid=base7 -p /home/yum/centos/7/os/x86_64/Packages || echo "ERROR: $datetime centos7Base update failed" >>/var/log/centosrepo.log
reposync -n --repoid=updates7 -p /home/yum/centos/7/updates/x86_64/Packages || echo "ERROR: $datetime centos7Updates update failed" >>/var/log/centosrepo.log
reposync -n --repoid=extras7 -p /home/yum/centos/7/extras/x86_64/Packages || echo "ERROR: $datetime centos7Extras update failed" >>/var/log/centosrepo.log
reposync -n --repoid=epel7 -p /home/yum/epel/7/x86_64/Packages || echo "ERROR: $datetime epel7 update failed" >>/var/log/centosrepo.log
status=`cat /var/log/centosrepo.log |grep ERROR| wc -l`
if [ "$status" -eq 0 ];then
createrepo --update /home/yum/centos/6/os/x86_64/
createrepo --update /home/yum/centos/6/updates/x86_64/
createrepo --update /home/yum/centos/6/extras/x86_64/
createrepo --update /home/yum/epel/6/x86_64/
createrepo --update /home/yum/centos/7/os/x86_64/
createrepo --update /home/yum/centos/7/updates/x86_64/
createrepo --update /home/yum/centos/7/extras/x86_64/
createrepo --update /home/yum/epel/7/x86_64/
else
echo "somthing was wrong,please check the /var/log/centosrepo.log file :)"
好了yum服务器上的操作做完了,下面来讲下各需要安装软件的客户端上需要做的操作:
客户端配置
下面的操作是在需要安装软件的机器上执行的,这些机器配置的yum源地址即上面部署的yum服务器地址.
- 备份repo文件
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
- 修改默认的repo文件
系统是centos6的机器请执行如下:
sudo vim /etc/yum.repos.d/CentOS-Base.repo
修改为如下:
[base]
name=CentOS-$releasever - Base - LocalYumServer
baseurl=http://192.168.1.188/centos/$releasever/base6
gpgcheck=1
gpgkey=http://192.168.1.188/centos/RPM-GPG-KEY-CentOS-6
#released updates
[updates]
name=CentOS-$releasever - Updates - LocalYumServer
baseurl=http://192.168.1.188/centos/$releasever/updates6
gpgcheck=1
gpgkey=http://192.168.1.188/centos/RPM-GPG-KEY-CentOS-6
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - LocalYumServer
baseurl=http://192.168.1.188/centos/$releasever/extras6
gpgcheck=1
gpgkey=http://192.168.1.188/centos/RPM-GPG-KEY-CentOS-6
[epel]
name=CentOS-$releasever - Extras - LocalYumServer
baseurl=http://192.168.1.188/epel/epel6
gpgcheck=0
[buildrpmself]
name=buildrpmself-LocalYumServer
baseurl=file:///home/yum/buildrpmself/7/x86_64
gpgcheck=1
gpgkey=file:///home/yum/buildrpmself/RPM-GPG-KEY-echoxu
系统是centos7的机器请执行如下:
sudo vim /etc/yum.repos.d/CentOS-Base.repo
修改为如下:
[base]
name=CentOS-$releasever - Base - LocalYumServer
baseurl=http://192.168.1.188/centos/$releasever/base7
gpgcheck=1
gpgkey=http://192.168.1.188/centos/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-$releasever - Updates - LocalYumServer
baseurl=http://192.168.1.188/centos/$releasever/updates7
gpgcheck=1
gpgkey=http://192.168.1.188/centos/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - LocalYumServer
baseurl=http://192.168.1.188/centos/$releasever/extras7
gpgcheck=1
gpgkey=http://192.168.1.188/centos/RPM-GPG-KEY-CentOS-7
[epel]
name=CentOS-$releasever - Extras - LocalYumServer
baseurl=http://192.168.1.188/epel/epel7
gpgcheck=0
注意
上面的ip地址需改为实际的yum服务器内网ip地址
执行完上面操作后就可以通过命令yum -y install lrzsz进行安装软件了.
使用本地centos7官方ISO作为yum源
- 创建iso存放目录和挂载目录
mkdir /mnt/iso
mkdir /mnt/cdrom
上传iso镜像文件到iso存放目录/mnt/iso下
挂载iso镜像到挂载目录/mnt/cdrom下
mount -o loop /mnt/iso/XXXXX.iso /mnt/cdrom
- 使用df -h命令查询挂载是否成功
df -h
- 创建repo文件并放到/etc/yum.repos.d/目录
vim /etc/yum.repos.d/local.repo
内容如下:
[local]
name=local
#注:这里的baseurl就是你挂载的目录,在这里是/mnt/cdrom
baseurl=file:///mnt/cdrom
#注:这里的值enabled一定要为1
enabled=1
gpgcheck=0
#注:这个你cd /mnt/cdrom/可以看到这个key,这里仅仅是个例子
gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-CentOS-7
- 测试YUM安装
yum clean all
yum install ntp