There are plenty of tutorials out there that show you how to set up a local yum repo that is a mirror of your distrubutions repository. This is not one of those tutorials. Imagine you have some software that you have packaged into an rpm for distribution on your company’s servers. Let’s call the name of the package
examplepackage. You’d like the convienience of having it in a yum repo somewhere so that you only have to type
yum install examplepackage on your fleet of thousands of machines (or script it, or use a configuration management utility like puppet to install it). When a new version of examplepackage is released, you can easily install the update by doing a
yum update examplepackage or configure your configuration management utility to make sure the latest version is automagically installed.
Ok…so you’ve decided that this is a good idea. How do you pull it off? First, you’ll need a web-server that is accessable by your yum client machines. I’m running apache on a host that is serving administrative tasks already, so I’ll run my repository to this machine. I’m going to add a DNS entry so that
yum.example.com points at this machine’s IP.
As I mentioned previously, this machine is already tasked with running other administrative tasks. Apache has been configured to serve name based virtual hosts on port 80. I’m going to add another name based virtual host on port 80 to serve up our repository. I’ve created /etc/httpd/conf.d/virtualhost_com.example.yum.conf with the following contents:
<VirtualHost *:80> ServerAdmin firstname.lastname@example.org DocumentRoot /var/www/com.example.yum ServerName yum.example.com CustomLog "|/usr/sbin/cronolog /var/log/httpd/%Y/%m/%d/com.example.yum_access" combined ErrorLog "|/usr/sbin/cronolog /var/log/httpd/%Y/%m/%d/com.example.yum_error" </VirtualHost>
Note that we use cronolog to rotate apache’s access and error logs on a daily basis. You can install cronolog by running
yum install cronolog. We chose to use cronolog because it makes access and error log archival and cleanup easy (more on that in another post). Also note that we reverse the domain name(com.example.yum) to be used for log files and the document root directory. Using this convention makes it a bit less painful on the eyes to list a directory that has 10 or 15 different sites on it that are all subdomains of example.com. It would also help if you are a hosting provider and hosting multiple customer’s domains. If you were hosting
subdomain.ashleyexample.com, doing a long list of the /var/www directory would result in something like this:
$ ls -l /var/www total 32 drwxr-xr-x 2 someuser somegroup 4096 Jan 18 14:36 com.jasonhancock drwxr-xr-x 2 someuser somegroup 4096 Jan 18 14:36 com.jasonhancock.subdomain drwxr-xr-x 7 someuser somegroup 4096 Apr 28 12:29 com.ashleyexample drwxr-xr-x 2 someuser somegroup 4096 Apr 29 13:49 com.ashleyexample.subdomain
Create your document root:
mkdir -p /var/www/com.example.yum
Lay out your repository. We run everything on CentOS 5.4 x86_64, so I’m not going to bother setting up my repository to deal with different OS versions or architectures. If you need to do this, please see the existing yum .repo files in /etc/yum.repos.d for examples of how others have laid out their repositories.
Copy your .rpm file into your document root:
cp examplepackage-1.0.0.el5.noarch.rpm /var/www/com.example.yum/
Repeat for all rpms you wish to host in your yum repository.
Rebuild the repository metadata. You will need to have the createrepo package installed (
yum install createrepo):
Cory Wynn pointed out that if you’re running a CentOS repo on a Fedora box, you will have to add an argument to the createrepo command (as show below). Reason being is that the default checksum for
createrepo has changed from sha1 to sha256. Otherwise, when trying to update it will generate
Errno -3 when trying to populate or install software.
createrepo -s sha1 /var/www/com.example.yum
You want to copy the public key of the key used to sign the RPM packages for this repo into place. For example, the file will end up at /var/www/com.example.yum/RPM-GPG-KEY-example
Now we’re ready to point a client machine at our new repository. Log into the client machine and create /etc/yum.repos.d/example.repo with the following contents:
[example] name=example.com baseurl=http://yum.example.com/ enabled=1 gpgcheck=1 gpgkey=http://yum.example.com/RPM-GPG-KEY-example
Once that file is in place, run this command on the client to install examplepackage:
yum install examplepackage
If this is the first time you’ve installed software signed with this key, you will get prompted to import the GPG key.