基于ftp的yum源

内网linux服务器集群，统一一台ftp服务器做yum源

服务端，安装vsftpd，配置文件改成如下

# cat vsftpd.conf |grep -v ^$|grep -v ^#
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
listen_port=30021
ftpd_banner="Authorized users only. All activity may be monitored and reported."

然后在默认路径/var/ftp目录下将镜像文件解压

我客户端的yum的repo文件如下

# cat rhel7.repo
[base]
name=rhel7
baseurl=ftp://10.4.1.93:30021/yumsource
enabled=1
gpgcheck=0

所以我们看一下/var/ftp/yumsource

]# ls /var/ftp/yumsource/ -a
.   addons     EFI   extra_files.json  images    LiveOS      Packages  RPM-GPG-KEY-redhat-beta     TRANS.TBL
..  .discinfo  EULA  GPL               isolinux  media.repo  repodata  RPM-GPG-KEY-redhat-release  .treeinfo

 

 

注意事项：

1.我服务端开的是30021端口，所以客户端得有访问服务端30021端口的网络策略

2./var/ftp/yumsource目录下面的文件是基于umask=022的文件权限，如果权限不对，yum源无法使用

3.客户端访问服务端的时候必须加端口，比如ftp  10.4.1.121  30021，如果不想加端口，可以在/etc/services配置文件改一下端口号

默认的

$ cat /etc/services |grep -w ftp
ftp-data        20/tcp
ftp-data        20/udp
# 21 is registered to ftp, but also used by fsp
ftp             21/tcp
ftp             21/udp          fsp fspd
ftp-data        20/sctp                 # FTP
ftp             21/sctp                 # FTP
ni-ftp          47/tcp                  # NI FTP
ni-ftp          47/udp                  # NI FTP
ftp-agent       574/tcp                 # FTP Software Agent System
ftp-agent       574/udp                 # FTP Software Agent System
ftps-data       989/tcp                 # ftp protocol, data, over TLS/SSL
ftps-data       989/udp                 # ftp protocol, data, over TLS/SSL
ftps            990/tcp                 # ftp protocol, control, over TLS/SSL
ftps            990/udp                 # ftp protocol, control, over TLS/SSL
odette-ftp      3305/tcp                # ODETTE-FTP
odette-ftp      3305/udp                # ODETTE-FTP

改成

# cat /etc/services |grep -w ftp
ftp-data        20/tcp
ftp-data        20/udp
# 21 is registered to ftp, but also used by fsp
ftp             30021/tcp
ftp             30021/udp          fsp fspd
ftp-data        20/sctp                 # FTP
ftp             21/sctp                 # FTP
ni-ftp          47/tcp                  # NI FTP
ni-ftp          47/udp                  # NI FTP
ftp-agent       574/tcp                 # FTP Software Agent System
ftp-agent       574/udp                 # FTP Software Agent System
ftps-data       989/tcp                 # ftp protocol, data, over TLS/SSL
ftps-data       989/udp                 # ftp protocol, data, over TLS/SSL
ftps            990/tcp                 # ftp protocol, control, over TLS/SSL
ftps            990/udp                 # ftp protocol, control, over TLS/SSL
odette-ftp      3305/tcp                # ODETTE-FTP
odette-ftp      3305/udp                # ODETTE-FTP

就不用加端口号了

##2021-12-09 添加如下

如果服务端不允许匿名访问，就需要在客户端修改repo文件（yum源配置文件）

[root@apache-1 ~]# cat /etc/yum.repos.d/rhel7.6.repo
[rhel7.6]
name=rhel7.6
baseurl=ftp://aug:'123456'@10.0.0.100:30021/pub/rhel7.6
enabled=1
gpgcheck=0

在配置文件里面加上端口好，用户名和密码就行