互联网同步yum服务器,中科大 rsync createrepo

2021-07-25 11:21:24

参考文章

https://blog.csdn.net/chenjia6605/article/details/82734945

1、本机安装所需工具:

yum -y install rsync createrepo

2、创建目录(位置随意):

(1)、centos仓库目录,centosplus可以不同步,一般用不到:

mkdir -p /storage/repos/centos/7/{os,updates,extras,centosplus}/x86_64

(2)、epel仓库目录:

mkdir -p /storage/repos/epel/7/x86_64

#如果需要EPEL软件的源码,请同时创建以下目录

mkdir -p /storage/repos/epel/7/SRPMS/

3、同步远程镜像(该过程需要很长时间,与你的外网带宽有关,如果你需要将centos的官方资源和epel资源都同步的话,则至少需要80G的磁盘空间,为了避免走弯路,磁盘分区的时候要考虑一下存放rpm包目录被挂载的大小)

以下为我做完centos官方资源和epel资源之后磁盘使用情况

互联网同步yum服务器,中科大 rsync createrepo

#同步centos官方资源

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/centos/7/os/x86_64/ /storage/repos/centos/7/os/x86_64/

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/centos/7/updates/x86_64/ /storage/repos/centos/7/updates/x86_64/

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/centos/7/extras/x86_64/ /storage/repos/centos/7/extras/x86_64/

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/centos/7/centosplus/x86_64/ /storage/repos/centos/7/centosplus/x86_64/

#同步epel资源(不知道是rsync本身的事还是中科大对epel源的速度做了限制,上面同步centos官方源的资源的时候速度很快,基本上能达到本地网络的包和带宽,但是同步epel资源的时候,速度极慢,如果哪位大牛有更快的方法可以在评论区教一下小弟我)

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/epel/7/x86_64/ /storage/repos/epel/7/x86_64/

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/epel/7/SRPMS/ /storage/repos/epel/7/SRPMS/

#同步gpgkey

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-7 /storage/repos/centos/

---------------------

创建索引centos官方包的索引

createrepo /storage/repos/centos/7/os/x86_64/

createrepo /storage/repos/centos/7/updates/x86_64/

createrepo /storage/repos/centos/7/extras/x86_64/

createrepo /storage/repos/centos/7/centosplus/x86_64/

epel扩展源索引

createrepo /storage/repos/epel/7/x86_64/

createrepo /storage/repos/epel/7/SRPMS/

5、同步脚本,如果你的服务器一直连接外网可以配置在定时任务里,定期与远程镜像保持同步:

vi /etc/cron.daily/update-repos

#脚本内容开始

# create new

#!/bin/bash

VER='7'

ARCH='x86_64'

CENTOS_REPOS=(os updates extras centosplus)

#同步centos镜像

for REPO in ${CENTOS_REPOS[@]}

do

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/centos/${VER}/${CENTOS_REPOS}/${ARCH}/ /storage/repos/centos/${VER}/${CENTOS_REPOS}/${ARCH}/

createrepo /storage/repos/centos/${VER}/${CENTOS_REPOS}/${ARCH}/

done

#同步gpgkey

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-7 /storage/repos/centos/

#同步epel镜像

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/epel/7/x86_64/ /storage/repos/epel/7/x86_64/

createrepo /storage/repos/epel/7/x86_64/

#如果需要epel软件的源码,同步epel软件源码仓库

#rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/epel/7/SRPMS/ /storage/repos/epel/7/SRPMS/

#createrepo /storage/repos/epel/7/SRPMS/

#同步gpgkey

rsync -avz --delete --exclude='repodata' rsync://mirrors.ustc.edu.cn/epel/RPM-GPG-KEY-EPEL-7 /storage/repos/epel/

# wq 保存退出后,给脚本赋予可执行权限

# chmod 755 /etc/cron.daily/update-repo

#脚本内容结束

6、安装nginx

yum install -y nginx

以下为nginx.conf配置文件的内容

#nginx.conf内容开始

# For more information on configuration, see:

# * Official English Documentation: http://nginx.org/en/docs/

# * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;

worker_processes auto;

error_log /var/log/nginx/error.log;

pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.

include /usr/share/nginx/modules/*.conf;

events {

worker_connections 1024;

}

http {

log_format main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;

tcp_nopush on;

tcp_nodelay on;

keepalive_timeout 65;

types_hash_max_size 2048;

include /etc/nginx/mime.types;

default_type application/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.

# See http://nginx.org/en/docs/ngx_core_module.html#include

# for more information.

include /etc/nginx/conf.d/*.conf;

server {

listen 80 default_server;

listen [::]:80 default_server;

server_name _;

root /storage/repos;        #此处为网站根目录,请指向以上创建的repos目录

# Load configuration files for the default server block.

include /etc/nginx/default.d/*.conf;

location / {

autoindex on; #打开目录浏览功能

autoindex_exact_size off; # off:以可读的方式显示文件大小

autoindex_localtime on; # on、off:是否以服务器的文件时间作为显示的时间

charset utf-8,gbk; #展示中文文件名

index index.html;

}

error_page 404 /404.html;

location = /40x.html {

}

error_page 500 502 503 504 /50x.html;

location = /50x.html {

}

}

# Settings for a TLS enabled server.

#

# server {

# listen 443 ssl http2 default_server;

# listen [::]:443 ssl http2 default_server;

# server_name _;

# root /usr/share/nginx/html;

#

# ssl_certificate "/etc/pki/nginx/server.crt";

# ssl_certificate_key "/etc/pki/nginx/private/server.key";

# ssl_session_cache shared:SSL:1m;

# ssl_session_timeout 10m;

# ssl_ciphers HIGH:!aNULL:!MD5;

# ssl_prefer_server_ciphers on;

#

# # Load configuration files for the default server block.

# include /etc/nginx/default.d/*.conf;

#

# location / {

# }

#

# error_page 404 /404.html;

# location = /40x.html {

# }

#

# error_page 500 502 503 504 /50x.html;

# location = /50x.html {

# }

# }

}

#nginx.conf内容结束

7、测试nginx

重启nginx服务

systemctl restart nginx.service

之后使用其他主机的浏览器连接该主机的80端口,能够看到yum源的目录即可,如果无法访问,请检查防火墙,selinux等,和nginx.conf。

8、客户端配置

修改客户端的repo文件内容

repo文件位于/etc/yum.repos.d/下

以下为CentOS-Base.repo文件的全部内容,也可以删除所有注释行,仅保留生效的代码,也可以仅使用绝对路径的url连接

#CentOS-Base.repo文件内容开始

# CentOS-Base.repo

#

# The mirror system uses the connecting IP address of the client and the

# update status of each mirror to pick mirrors that are updated to and

# geographically close to the client. You should use this for CentOS updates

# unless you are manually picking other mirrors.

#

# If the mirrorlist= does not work for you, as a fall back you can try the

# remarked out baseurl= line instead.

#

#

[base]

name=CentOS-$releasever - Base

#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra

#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/

baseurl=http://192.168.197.40/centos/$releasever/os/$basearch/

gpgcheck=1

#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

gpgkey=http://192.168.197.40/centos/RPM-GPG-KEY-CentOS-7

#released updates

[updates]

name=CentOS-$releasever - Updates

#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra

#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/

baseurl=http://192.168.197.40/centos/$releasever/updates/$basearch/

gpgcheck=1

#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

gpgkey=http://192.168.197.40/centos/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful

[extras]

name=CentOS-$releasever - Extras

#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra

#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/

baseurl=http://192.168.197.40/centos/$releasever/extras/$basearch/

gpgcheck=1

#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

gpgkey=http://192.168.197.40/centos/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages

[centosplus]

name=CentOS-$releasever - Plus

#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra

#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/

baseurl=http://192.168.197.40/centos/$releasever/centosplus/$basearch/

gpgcheck=1

enabled=1

#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

gpgkey=http://192.168.197.40/centos/RPM-GPG-KEY-CentOS-7

[epel]

name=Extra Packages for Enterprise Linux 7 - $basearch

#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch

#metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch

baseurl=http://192.168.197.40/epel/7/$basearch

failovermethod=priority

enabled=1

gpgcheck=1

#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

gpgkey=http://192.168.197.40/epel/RPM-GPG-KEY-EPEL-7

[epel-debuginfo]

name=Extra Packages for Enterprise Linux 7 - $basearch - Debug

#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch/debug

#metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=$basearch

baseurl=http://192.168.197.40/epel/7/$basearch/debug

failovermethod=priority

enabled=0                #此项1表示开启,0表示关闭

#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

gpgkey=http://192.168.197.40/epel/RPM-GPG-KEY-EPEL-7

gpgcheck=1

[epel-source] #如果已同步SRPMS仓库,请取消该配置注释

name=Extra Packages for Enterprise Linux 7 - $basearch - Source

#baseurl=http://download.fedoraproject.org/pub/epel/7/SRPMS

#metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=$basearch

baseurl=http://192.168.197.40/epel/7/SRPMS

failovermethod=priority

enabled=1

#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

gpgkey=http://192.168.197.40/epel/RPM-GPG-KEY-EPEL-7

gpgcheck=1

#CentOS-Base.repo文件内容结束

或者使用以下脚本
把脚本里面的IP地址更改为实际的IP地址即可,如果epel要开启gpg检查的话,对应的需要去中科大镜像站下载检查文件,放到对应的目录中,如果不检查gpg的话,那么直接将gpgcheck的参数设置0即可,gpgcheck=0,中科大镜像站的epel根目录http://mirrors.ustc.edu.cn/epel/,下载RPM-GPG-KEY-EPEL-7文件,放入/storage/repos/epel即可!

#脚本内容开始
#!/bin/bash
cd /etc/yum.repos.d/
tar -zcvf yum.bak.tar.gz CentOS-*
rm -rf CentOS*
touch /etc/yum.repos.d/a.repo
cat>/etc/yum.repos.d/a.repo <<EOF
[base]
name=base
baseurl=http://172.16.103.3/centos/7/os/x86_64
gpgcheck=1
enabled=1
gpgkey=http://172.16.103.3/centos/RPM-GPG-KEY-CentOS-7

[update]
name=update
baseurl=http://172.16.103.3/centos/7/updates/x86_64/
gpgcheck=1
enabled=1
gpgkey=http://172.16.103.3/centos/RPM-GPG-KEY-CentOS-7

[extras]
name=extras
baseurl=http://172.16.103.3/centos/7/extras/x86_64
gpgcheck=1
enabled=1
gpgkey=http://172.16.103.3/centos/RPM-GPG-KEY-CentOS-7

[centosplus]
name=centosplus
baseurl=http://172.16.103.3/centos/7/centosplus/x86_64
gpgcheck=1
enabled=1
gpgkey=http://172.16.103.3/centos/RPM-GPG-KEY-CentOS-7

[epel]
name=epel
baseurl=http://172.16.103.3/epel/7/x86_64
gpgcheck=0
enabled=1
gpgkey=http://172.16.103.3/epel/RPM-GPG-KEY-EPEL-7

[epel-source]
name=epel-source
baseurl=http://172.16.103.3/epel/7/SRPMS
gpgcheck=0
enabled=1
gpgkey=http://172.16.103.3/epel/RPM-GPG-KEY-EPEL-7
EOF
yum clean all
yum makecache
#脚本内容结束

9,客户端清除yum缓存,并重新制作缓存

yum clean all

yum makecache

10,后记

让yum服务器支持yum grouplist 需要添加xml文件,具体步骤为:

插入centos的系统的everything包,然后挂载光盘,找到光盘目录下/mnt/cdrom/repodata中的xml文件,改文件名字为:*-c7-x86_64-comps.xml,*代表乱码。

这里的名字是d87379a47bc2060f833000b9cef7f9670195fe197271d37fce5791e669265e8b-c7-x86_64-comps.xml

拷贝该文件到yum服务器中,例如拷贝到/storage/repos/,然后使用ceraterepo -g 使用该文件重建组索引

具体命令为

createrepo -g /storage/repos/d87379a47bc2060f833000b9cef7f9670195fe197271d37fce5791e669265e8b-c7-x86_64-comps.xml /storage/repos/centos/7/os/x86_64/

指定的xml文件要使用绝对路径,后面的路径是rpm包的上层Packages目录的所在目录。

执行成功后,会在Packages同级目录下的repodata目录下创建新的xml文件。

同理,如果yum源服务器内除了base源服务,还提供其他源服务的话,那么如果存在软件包组的话,那么也需要得到对应源服务的xml文件,然后使用createrepo -g 命令来重新创建软件包组的索引信息。

11,疑问

互联网同步yum服务器,中科大 rsync createrepo

如图所示,上面的yum makecache 信息为通过以上教程自建的yum源,下面的使用centos默认配置的yum源,有没有叼大的说一下为啥我使用人家的yum生成缓存的时候就有prestodelta 用我自建的yum就没有?prestodelta 里面的内容又是啥,何种应用场景?

上一篇:【转】内存耗用:VSS/RSS/PSS/USS


下一篇:用excel公式生成有规律的代码,减少编程工作量