Local Repo
Posted by ParticularIce1628@reddit | linuxadmin | View on Reddit | 31 comments
Hello Everyone, I’m managing more than 2,000 Linux VMs on VCD and vCenter. Most of them are running Ubuntu, Debian, or RHEL. I want to set up a local repository so these machines can be updated without needing internet access.
Does anyone have experience with this setup or suggestions on the best approach?
arvoshift@reddit
uyuni is ok but clobbers all repos and messes with apt pinning for deb systems.
I just run apt-mirror then point all servers to the mirror server.
for custom packages or mirror repos for long lived things where specific versions are kept I run another server and mirror specific releases.
AxisNL@reddit
Most repos can be hosted on a simple web server, have been doing that for years in organizations. For most distros you can just rsync the content and distribute using nginx. But it can get complex. With Debian os’es you have apt-mirror, and I think RHEL is a bit more complex.
AxisNL@reddit
Oh and by the way, if you just want to cache stuff but still want to pull stuff from the internet, use Nexus! I've used that as a caching proxy for APT/YUM, although it's been a while. It can also proxy the python PIP repo, which really helps a lot if you're behind proxies.
carlwgeorge@reddit
Yum repos can be mirrored with reposync or plain rsync.
ParticularIce1628@reddit (OP)
I just don’t know how to connect my local repo’s vm on VMware cloud director through vLAN to all other VM’s I’m managing
Loveangel1337@reddit
reposync for RHEL, should work for all flavours.
https://access.redhat.com/solutions/23016
Downside to this is: you will get a full repo out of it, not just the packages you use. But if you manage 2k VMs you're probably not too concerned by the disk space, cause that's all it needs.
To somewhat do a middleground solutions, we used a squid proxy, that would cache for a day so when we'd do mass installs we'd not hammer the upstreams, and the VM didn't need internet cause it only hit the proxy
telmo_gaspar@reddit
Red Hat Satellite, Oracle Linux Manager, Spacewalk (deprecated), Foreman, or a simple HTPP server with reposync or debmirror (for Debian family) contents 😉
AdrianTeri@reddit
Curious on why these machines don't have internet access. Security? Must one physically "wire into" a LAN they are on for access?
If not and/or this is a bandwidth issue setup a mirroring/caching server + all the DNS/routing stuff needed.
ParticularIce1628@reddit (OP)
Actually, I know how to configure a local repository host (VM), but I’m not sure how to connect this repository VM to all the VMs I’m managing in vCloud through a VLAN or any other approach
AdrianTeri@reddit
I don't have answers how do this in Broadcom's VMWare ... Time to move shop to Proxmox or XCP-ng?
stumpymcgrumpy@reddit
We use Nexus Repository by Sonatype. We use it for more than just mirroring apt/rpm repos. It works well enough but it's not FOSS.
Sterling2600@reddit
For a paid solution, Artifactory works well for us.
PudgyPatch@reddit
I mean we have a local rpm repo for our stuff...and sometimes repackaged third party stuff like the occasional cpan as rpm (lol yeah we still use perl), I think from the backend it's pretty simple, a sync to a folder from a builder and entries in yum.d (something.d) with repo info for the folder as a server so things can find it. Ya ok I only know how to do this with rpm and not anything else.
mehx9@reddit
Look up theforeman.org with the katello plugin.
MrPurple_@reddit
Basically the only solution oht there. And it sucks
mehx9@reddit
Definitely not the only solution but only one that does both apt and yum that I’m aware of. Suggestions for alternatives are very welcome.
libertyprivate@reddit
So the only one... What were you trying to say??
mehx9@reddit
We use foreman at work and it’s ok. Open to alternatives however.
libertyprivate@reddit
Thank you 🍻
Aerodyne-Jazz@reddit
It’s weird, when you go on forman.org and then to katello it says it supports Redhat/Debian/Puppet repos, but then when you click on learn more it mentions nothing about Debian repo support.
MikeS11@reddit
https://pulpproject.org/
_k4mpfk3ks_@reddit
Isn‘t that basically what foreman uses in the backend?
Hotshot55@reddit
Not basically, it just is the backend.
nlogax1973@reddit
I believe Uyuni does both also
StatementOwn4896@reddit
Absolutely. Idk what these people are talking about because there is a lot you can use. Enterprise options cater especially to this requirement with tools like SUSE Manager and RedHat Satellite.
nlogax1973@reddit
I've been considering Uyuni for this. Is it not a worthy contender?
MrPurple_@reddit
It is suse based afaik. And ether it can not rpm or not apt, i forgot but in out case we needed to go the foreman way because of the limitation
glotzerhotze@reddit
Latest version is capabale of running ubuntu, so I guess apt is supported by now. It‘s a SUSE tool so it integrates nice with their other solutions.
doomygloomytunes@reddit
As you have RHEL, setup a Satellite server. It can do third party repos aswell
Ricketsiallpox@reddit
I use this for my local Oracle database focussed homelab and it works well.
https://oracle-base.com/articles/linux/create-a-local-yum-repository-for-oracle-linux-8
nlogax1973@reddit
https://www.uyuni-project.org/