DB 서버들은 보통 인터넷망과 연결되지 않은 경우가 보통입니다.
클라우드에서도 DB서버들은 private subnet에 위치하게 하여 인터넷이 안되도록 하는데요.
이런 경우 외부에서 뭔가 필요한 rpm 등 s/w 를 설치할 때 여러 경로를 통해야하는 불편이 있습니다.
yum 설치를 하는데 필요한 rpm들이 서로 물리고 물리는 경우 머리가 어질해지는데요
이런 경우를 위해 보통 private repository 서버를 두고 이 repository 서버에 업무에 필요한 rpm 들을 설치해놓습니다
그리고 DB서버 등 운영서버가 이 private repository 서버를 바라보게 하여 여기에서 필요한 파일들을 가져오게 하면 DB서버가 인터넷이 안되어도 상관없게 됩니다
이번 글에서는 private reposiotry 서버를 구축하는 방법에 대해 공유하겠습니다.
사전 준비
- 인터넷이 되는 repository 서버
- repository 서버 <-> client 서버 간의 network acl
DB서버 기본 repolist
[testusersu@testserver 15:49:12 /etc/yum.repos.d ]$ yum repolist all
repo id repo name status
test-backport CentOS 6.9 - Backport 11
test-base CentOS 6.9 - Base 6704+2
test-epel Extra Packages for Enterprise Linux 6 - x86_64 17297+9
test-extras CentOS 6.9 - Extras 53
test-updates CentOS 6.9 - Updates 1307
test test Packages for Enterprise Linux 6 - x86_64 22
repository 서버 설정
- nginx 서버 구성 (repository 웹 페이지용)
$ sudo yum -y install nginx
$ vi /etc/nginx/nginx.conf
server {
listen 80;
server_name repo_test
root /var/www/html/repos;
location / {
index index.php index.html index.htm;
autoindex on;
}
}
$ service nginx start
- 제공 할 rpm 파일 받아오기 위한 repository 주소 설정
- 예시로 percona, postgresql repository 등록
$ sudo yum -y install createrepo yum-utils
$ sudo chown -R testusersu:testuser /var/www/html
$ mkdir -p /var/www/html/repos/{제공할 repository명}
$ mkdir -p /var/www/html/repos/log
$ cat /etc/yum.repos.d/percona-original-release.repo
-> yum install https://repo.percona.com/yum/percona-release-latest.noarch.rpm 커맨드로 repository 추가할 수 있음
[testusersu@repo-test yum.repos.d]$ cat percona-original-release.repo
#
# This repo is managed by "percona-release" utility, do not edit!
#
[percona-release-x86_64]
name = Percona Original release/x86_64 YUM repository
baseurl = http://repo.percona.com/percona/yum/release/$releasever/RPMS/x86_64
enabled = 1
gpgcheck = 1
gpgkey = file:///etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY
[percona-release-noarch]
name = Percona Original release/noarch YUM repository
baseurl = http://repo.percona.com/percona/yum/release/$releasever/RPMS/noarch
enabled = 1
gpgcheck = 1
gpgkey = file:///etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY
[percona-release-sources]
name = Percona Original release/sources YUM repository
baseurl = http://repo.percona.com/percona/yum/release/$releasever/SRPMS
enabled = 0
gpgcheck = 1
gpgkey = file:///etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY
$ cat /etc/yum.repos.d/pgdg.repo
[pgdg12]
name=PostgreSQL 12 for RHEL/CentOS $releasever - $basearch
baseurl= https://download.postgresql.org/pub/repos/yum/12/redhat/rhel-$releasever-$basearch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG
[pgdg12-centos6]
name=PostgreSQL 12 for RHEL/CentOS 6 - $basearch
baseurl= https://download.postgresql.org/pub/repos/yum/12/redhat/rhel-6-$basearch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG
- 추가 된 repolist 확인
$ sudo yum repolist
[testusersu@repo-test percona]$ sudo yum repolist
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
repo id repo name status
.
.
.
percona-release-noarch/7 Percona Original release/noarch YUM repository 63
percona-release-x86_64/7 Percona Original release/x86_64 YUM repository 2,208
pgdg12/7/x86_64 PostgreSQL 12 for RHEL/CentOS 7 - x86_64 434
pgdg12-centos6/x86_64 PostgreSQL 12 for RHEL/CentOS 6 - x86_64 .
.
=> centos6/7 버전별로 제공하기 위해선 위 rpm repository 주소 설정할 때 $releasever 서버 부분을 수정해야함
- local repository 저장소에 rpm 받아오기
$ reposync -l -d -m --repoid=percona-release-x86_64 --newest-only --download-metadata --download_path=/var/www/html/repos/percona
$ reposync -l -d -m --repoid=pgdg12-centos6 --newest-only --download-metadata --download_path=/var/www/html/repos/postgresql
=> reposync를 통해 repolist에 등록 된 repoid 를 바탕으로 가져욤
- repository update crontab 설정
$ vi /etc/yum.repos.d/repo_sync.sh
#!/bin/bash
# Create log files
LOG_FILE=/var/www/html/repos/logs/repo_sync_$(date +%Y.%m.%d).log
# Remove old log files
find /var/www/html/repos/logs/repo_sync* -mtime +7 -delete; >> $LOG_FILE 2>&1
# Reposync
/usr/bin/reposync --newest-only --repoid=percona-release-x86_64 -p /var/www/html/repos/percona >> $LOG_FILE 2>&1
/usr/bin/reposync --newest-only --repoid=pgdg12-centos6 -p /var/www/html/repos/potgresql >> $LOG_FILE 2>&1
/usr/bin/reposync --newest-only --repoid=pgdg12 -p /var/www/html/repos/potgresql >> $LOG_FILE 2>&1
# Createrepo
/usr/bin/createrepo /var/www/html/repos/percona >> $LOG_FILE 2>&1
/usr/bin/createrepo /var/www/html/repos/percona/percona-release-noarch-centos6 >> $LOG_FILE 2>&1
/usr/bin/createrepo /var/www/html/repos/percona/percona-release-x86_64-centos6 >> $LOG_FILE 2>&1
/usr/bin/createrepo /var/www/html/repos/percona/percona-release-noarch >> $LOG_FILE 2>&1
/usr/bin/createrepo /var/www/html/repos/percona/percona-release-x86_64 >> $LOG_FILE 2>&1
/usr/bin/createrepo /var/www/html/repos/postgresql >> $LOG_FILE 2>&1
$ crontab -e
0 0 * * * * /etc/yum.repos.d/repo_sync.sh
=> 업데이트 된 rpm 들을 가져오기 위해 reposync –newest-only 커맨드를 crontab으로 설정함
만약 새로운 repository 가 추가되면 위 스크립트의 rsync , createrepo 부분에 추가하고 스크립트 한번 실행해주면 됨
client 설정
=> centos 버전에 맞게 아래 repository 추가하면 됨
- yum.repos.d 설정 - centos6
$ cat /etc/yum.repos.d/kimdubi.repo
[percona-centos6_1]
name=TEAM private repository for percona tool
#IP of the local repository server set up in the previous step
baseurl=http://10.111.11.111/percona/percona-release-x86_64-centos6
gpgcheck=0
enabled=1
[percona-centos6_2]
name=TEAM private repository for percona tool
#IP of the local repository server set up in the previous step
baseurl=http://10.111.11.111/percona/percona-release-noarch-centos6
gpgcheck=0
enabled=1
centos7
$ cat /etc/yum.repos.d/kimdubi.repo
[percona-centos6_1]
name=TEAM private repository for percona tool
#IP of the local repository server set up in the previous step
baseurl=http://10.111.11.111/percona/percona-release-x86_64
gpgcheck=0
enabled=1
[percona-centos6_2]
name=TEAM private repository for percona tool
#IP of the local repository server set up in the previous step
baseurl=http://10.111.11.111/percona/percona-release-noarch
gpgcheck=0
enabled=1
- repolist 확인
[testusersu@testserver 15:52:07 /etc/yum.repos.d ]$ sudo yum repolist
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
repo id repo name status
test-backport CentOS 6.9 - Backport 11
test-base CentOS 6.9 - Base 6704+2
test-epel Extra Packages for Enterprise Linux 6 - x86_64 17297+9
test-extras CentOS 6.9 - Extras 53
test-updates CentOS 6.9 - Updates 1307
test test Packages for Enterprise Linux 6 - x86_64 22
percona TEAM private repository for percona tool 111
postgresql TEAM private repository for postgresql 81
repolist: 25586
=> client 서버에 repository가 추가된 것을 확인했다면
인터넷에 연결된 것처럼 yum 설치, 혹은 repository 서버의 IP로 웹브라우저를 통해 접속해서 필요한 파일들을 가져올 수 있습니다.