CentOS 内网YUM源配置使用

YUM介绍

  • yum,是Yellow dog Updater, Modified 的简称,是杜克大学为了提高RPM 软件包安装性而开发的一种软件包管理器。起初是由yellow dog 这一发行版的开发者Terra Soft 研发,用python 写成,那时还叫做yup(yellow dog updater),后经杜克大学的Linux@Duke 开发团队进行改进,遂有此名。yum 的宗旨是自动化地升级,安装/移除rpm 包,收集rpm 包的相关信息,检查依赖性并自动提示用户解决。yum 的关键之处是要有可靠的repository,顾名思义,这是软件的仓库,它可以是http 或ftp 站点,也可以是本地软件池,但必须包含rpm 的header,header 包括了rpm 包的各种信息,包括描述,功能,提供的文件,依赖性等。正是收集了这些header 并加以分析,才能自动化地完成余下的任务。
  • yum 的理念是使用一个中心仓库(repository)管理一部分甚至一个distribution 的应用程序相互关系,根据计算出来的软件依赖关系进行相关的升级、安装、删除等等操作,减少了Linux 用户一直头痛的dependencies 的问题。这一点上,yum 和apt 相同。apt 原为debian 的deb 类型软件管理所使用,但是现在也能用到RedHat 门下的rpm 了。
  • yum 主要功能是更方便的添加/删除/更新RPM 包,自动解决包的倚赖性问题,便于管理大量系统的更新问题。
  • yum 可以同时配置多个资源库(Repository),简洁的配置文件(/etc/yum.conf),自动解决增加或删除rpm 包时遇到的依赖性问题,保持与RPM 数据库的一致性。

YUM配置

  • yum 的配置文件分为两部分:
    • 一种是直接配置/etc目录下的yum.conf文件。
    • 一种是在/etc/yum.repos.d目录下增加.repo文件。
  • 配置文件yum.conf详解。
[main]
cachedir= /var/cache/yum/ $basearch/$releasever   # yum缓存的目录,yum在此存储下载的rpm包和数据库
keepcache=0      # 是否保留缓存内容,0:表示安装后删除软件包,1表示安装后保留软件包
debuglevel=2      # 调试级别(0-10),默认为2
logfile= /var/log/yum .log    # 存放系统更新软件的日志的目录
exactarch=1     # 有1和0两个选项,设置为1,则yum只会安装和系统架构匹配的软件包                    
obsoletes=1     # 这是一个update的参数,具体请参阅yum(8),简单的说就是相当于upgrade,允许更新陈旧的RPM包
gpgcheck=1      # 1和0两个选择,分别代表是否是否进行gpg校验,如果没有这一项,默认是检查的
plugins=1      # #是否允许使用插件,1是允许,默认是0不允许
installonly_limit=5   # 允许保留多少个内核包
bugtracker_url=http: //bugs .centos.org /set_project .php?project_id=23&ref=http: //bugs .centos.org /bug_report_page .php?category=yum
distroverpkg=centos-release   # 指定一个软件包,yum会根据这个包判断发行版本
  •  配置文件repo详解
[base]   # 用于区别各个不同的repository,必须有一个独一无二的名称
name=CentOS-$releasever - Base - mirrors.aliyun.com   # 是对repository 的描述,支持像$releasever $basearch这样的变量
failovermethod=priority   # 有两个选项roundrobin和priority,意思分别是有多个url可供选择时,yum选择的次序,roundrobin是随机选择,如果连接失败则使用下一个,依次循环;
                          # priority则根据url的次序从第一个开始。如果不指明,默认是roundrobin
baseurl=http: //mirrors .aliyun.com /centos/ $releasever /os/ $basearch/   # #yum源访问地址,可以用http/ftp/file
        http: //mirrors .aliyuncs.com /centos/ $releasever /os/ $basearch/
        http: //mirrors .cloud.aliyuncs.com /centos/ $releasever /os/ $basearch/
gpgcheck=1   # 是否检查源的合法性;1:检查,0:不检查
gpgkey=http: //mirrors .aliyun.com /centos/RPM-GPG-KEY-CentOS-7    # 源的校验地址

搭建yum仓库优点

  • 节省流量,避免从公网重复下载软件包;为公司省钱;
  • 提升下载速度;外网下载受带宽影响,下载速度较慢,而yum仓库在局域网中就很快;
  • 方便统一管理,软件版本,都能做到统一;
  • 避免访问外网,很多大公司,都是与公网隔绝的,尤其是大公司的类生产环境,绝对不予许随便访问外网,这是获取安装包的途径就只能通过内网yum仓库;

情景一:内网YUM源光盘

  • 所有服务器避免访问外网,获取安装包的途径就只能通过内网yum仓库。

服务端YumServer配置

# 准备环境
[root@YumServer ~] # cat /etc/redhat-release 
CentOS Linux release 7.5.1804 (Core) 
[root@YumServer ~] # uname -a
Linux YumServer 3.10.0-862.el7.x86_64  #1 SMP Fri Apr 20 16:44:24 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@YumServer ~] # setenforce 0
[root@YumServer ~] # sed -i.bak '7s/enforcing/disabled/' /etc/selinux/config
[root@YumServer ~] # systemctl stop firewalld && systemctl disable firewalld

# 下载安装基础软件
[root@YumServer ~] # yum install -y vim wget curl
# 备份系统自带repo
[root@YumServer ~] # cd /etc/yum.repos.d/
[root@YumServer  /etc/yum .repos.d] # tar -zcf repo_bak.tar.gz *.repo
[root@YumServer yum.repos.d] # tar -ztf repo_bak.tar.gz 
CentOS-Base.repo
CentOS-CR.repo
CentOS-Debuginfo.repo
CentOS-fasttrack.repo
CentOS-Media.repo
CentOS-Sources.repo
CentOS-Vault.repo
# 清除*.repo
[root@YumServer yum.repos.d] # rm ./*.repo -f
[root@YumServer yum.repos.d] # ls
repo_bak. tar .gz
[root@YumServer ~] # wget https://mirrors.163.com/centos-vault/centos/7.5.1804/isos/x86_64/CentOS-7-x86_64-Everything-1804.iso
# 新建挂载点
[root@YumServer ~] # mkdir /mnt/cdrom7
[root@YumServer ~] # mount -o loop -t iso9660 CentOS-7-x86_64-Everything-1804.iso /mnt/cdrom7
[root@YumServer ~] # mkdir -p /data/mirrors/centos/7/os/x86_64/
[root@YumServer ~] # cp -a /mnt/cdrom7/* /data/mirrors/centos/7/os/x86_64/

# 新建localYum.repo
[root@YumServer ~] # cat /etc/yum.repos.d/localYum.repo
[base]
name=cdrom7 yum
baseurl= file : ///mnt/cdrom7
gpgcheck=0
enabled=1
[root@YumServer ~] # yum clean all && yum makecache

# 下载安装部署nginx,其他软件rpm包保存至同一目录路径即可
[root@YumServer ~] # wget -P /data/mirrors/centos/7/os/x86_64/Packages/ https://nginx.org/packages/centos/7/x86_64/RPMS/nginx-1.20.0-1.el7.ngx.x86_64.rpm
[root@YumServer ~] # rpm -ivh /data/mirrors/centos/7/os/x86_64/Packages/nginx-1.20.0-1.el7.ngx.x86_64.rpm

[root@YumServer ~] # cat /etc/nginx/conf.d/yum.conf
server {
    listen 80 default_server;
    server_name _;

    location / {
        # 仓库文件路径
        root  /data/mirrors/ ;
        # 开启目录显示功能
        autoindex on;
        # 关闭详细文件大小统计,默认为b,以kb、mb、gb为单位显示
        autoindex_exact_size off;
        # 开启以服务器时区显示文件修改日期
        autoindex_localtime on;
        # 以html风格将目录展示在浏览器中
        autoindex_format html;
        charset utf-8,gbk;
    }
}

# 检查配置语法并启动nginx
[root@YumServer ~] # nginx -t
nginx: the configuration  file /etc/nginx/nginx .conf syntax is ok
nginx: configuration  file /etc/nginx/nginx .conf  test is successful
[root@YumServer ~] # systemctl start nginx && systemctl enable nginx
[root@YumServer ~] # hostname -I
172.16.70.182

注意:其他软件rpm包拷贝/data/mirrors/centos/7/os/x86_64/Packages/即可。

  • 浏览器访问http://172.16.70.182

客户端YumTest配置

# 备份系统自带repo
[root@YumTest ~] # cd /etc/yum.repos.d/
[root@YumTest  /etc/yum .repos.d] # tar -zcf repo_bak.tar.gz *.repo
[root@YumTest yum.repos.d] # tar -ztf repo_bak.tar.gz 
CentOS-Base.repo
CentOS-CR.repo
CentOS-Debuginfo.repo
CentOS-fasttrack.repo
CentOS-Media.repo
CentOS-Sources.repo
CentOS-Vault.repo
# 清除*.repo
[root@YumTest yum.repos.d] # rm ./*.repo -f

[root@YumTest ~] # cat /etc/yum.repos.d/localYum.repo
[base]
name=cdrom7 repo
baseurl=http: //172 .16.70.182 /centos/7/os/x86_64/
gpgcheck=0
enabled=1

[updates]
name=cdrom7 update
baseurl=http: //172 .16.70.182 /centos/7/os/x86_64/
gpgcheck=0
enabled=1

[root@YumTest ~] # yum clean all && yum makecache

# 测试安装net-tools
[root@YumTest ~] # yum install -y net-tools
[root@YumTest ~] # rpm -q net-tools
net-tools-2.0-0.22.20131004git.el7.x86_64

情景二:内网YUM源镜像站

  • YumServer作为服务器端定期同步中科大镜像站,部署一套内网的yum源环境,以供内网服务器使用,节省流量避免从公网重复下载软件包。

服务端YumServer配置

# 准备环境
[root@YumServer ~] # cat /etc/redhat-release 
CentOS Linux release 7.9.2009 (Core)
[root@YumServer ~] # uname -a
Linux YumServer 3.10.0-1160.el7.x86_64  #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[root@YumServer ~] # setenforce 0
[root@YumServer ~] # sed -i.bak '7s/enforcing/disabled/' /etc/selinux/config
[root@YumServer ~] # systemctl stop firewalld && systemctl disable firewalld

[root@YumServer ~] # yum install -y vim wget curl rsync
[root@YumServer ~] # systemctl start rsyncd && systemctl enable rsyncd
Created  symlink from  /etc/systemd/system/multi-user .target.wants /rsyncd .service to  /usr/lib/systemd/system/rsyncd .service.

[root@YumServer ~] # ss -ntpl | grep rsync
LISTEN     0      5            *:873                      *:*                    users :(( "rsync" ,pid=1182,fd=4))
LISTEN     0      5           :::873                     :::*                    users :(( "rsync" ,pid=1182,fd=5)

[root@YumServer ~] # mkdir -p /data/mirrors/centos/7/{epel,rpm,software,extras,os,updates}
[root@YumServer ~] # mkdir -p /data/mirrors/centos/6/{epel,rpm,software,extras,os,updates}
[root@YumServer ~] # wget -P /data/mirrors/centos/7/rpm https://nginx.org/packages/centos/7/x86_64/RPMS/nginx-1.20.0-1.el7.ngx.x86_64.rpm
[root@YumServer ~] # rpm -ivh /data/mirrors/centos/7/rpm/nginx-1.20.0-1.el7.ngx.x86_64.rpmrpm

[root@YumServer ~] # cat /etc/nginx/conf.d/yum.conf 
server {
    listen 80 default_server;
    server_name _;

    location / {
        # 仓库文件路径
        root  /data/mirrors/ ;
        # 开启目录显示功能
        autoindex on;
        # 关闭详细文件大小统计,默认为b,以kb、mb、gb为单位显示
        autoindex_exact_size off;
        # 开启以服务器时区显示文件修改日期
        autoindex_localtime on;
        # 以html风格将目录展示在浏览器中
        autoindex_format html;
        charset utf-8,gbk;
    }
}

[root@YumServer ~] # nginx -t
nginx: the configuration  file /etc/nginx/nginx .conf syntax is ok
nginx: configuration  file /etc/nginx/nginx .conf  test is successful

[root@YumServer ~] # systemctl start nginx && systemctl enable nginx

[root@YumServer ~] # cat /data/mirrors/yum.sh 
#!/bin/bash
# 同步centos7
rsync -av  rsync : //rsync .mirrors.ustc.edu.cn /epel/7/x86_64/ /data/mirrors/centos/7/epel/x86_64 >  /data/yum_7_epel .log 2>&1 
rsync -av  rsync : //rsync .mirrors.ustc.edu.cn /centos/7/extras/x86_64/ /data/mirrors/centos/7/extras/x86_64 >  /data/yum_7_extras .log 2>&1 
rsync -av  rsync : //rsync .mirrors.ustc.edu.cn /centos/7/updates/x86_64/ /data/mirrors/centos/7/updates/x86_64 >  /data/yum_7_updates .log 2>&1 
rsync -av  rsync : //rsync .mirrors.ustc.edu.cn /centos/7/os/x86_64/ /data/mirrors/centos/7/os/x86_64 >  /data/yum_7_os .log 2>&1
# 同步centos6
rsync -av  rsync : //rsync .mirrors.ustc.edu.cn /epel/6/x86_64/ /data/mirrors/centos/6/epel/x86_64 >  /data/yumi_6_epel .log 2>&1 
rsync -av  rsync : //rsync .mirrors.ustc.edu.cn /centos/6/extras/x86_64/ /data/mirrors/centos/6/extras/x86_64 >  /data/yum ._6_extras.log 2>&1 
rsync -av  rsync : //rsync .mirrors.ustc.edu.cn /centos/6/updates/x86_64/ /data/mirrors/centos/6/updates/x86_64 >  /data/yum_6_updates .log 2>&1
rsync -av  rsync : //rsync .mirrors.ustc.edu.cn /centos/6/os/x86_64/ /data/mirrors/centos/6/os/x86_64 >  /data/yum_6_os .log 2>&1

[root@YumServer ~] # crontab -e
#每个月1号的23:00点同步一次yum源
0 23 1 * *  /usr/bin/bash /data/mirrors/yum .sh >  /dev/null 2>&1
=========================================================================================================
# 同步centos7所有信息
[root@YumServer ~] # rsync -av rsync://rsync.mirrors.ustc.edu.cn/centos/7/ /data/mirrors/centos/7/
=========================================================================================================
# 新增yum_rest.sh模板文件
[root@YumServer ~] # cat /data/mirrors/centos/7/software/yum_rest.sh 
#!/bin/bash
# 备份系统自带repo
cd /etc/yum .repos.d/
tar -zcf repo_bak. tar .gz *.repo
# 清除*.repo
rm ./*.repo -f
wget http: //172 .16.70.192 /centos/7/software/CentOS-Base .repo
wget http: //172 .16.70.192 /centos/7/software/epel .repo
/usr/bin/yum clean all
/usr/bin/yum makecache

# 新增CentOS-Base.repo模板文件
[root@YumServer ~] # cat /data/mirrors/centos/7/software/CentOS-Base.repo 
[base]
name=CentOS-$releasever - Base
baseurl=http: //172 .16.70.192 /centos/ $releasever /os/ $basearch/
gpgcheck=1
gpgkey= file : ///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

#released updates
[updates]
name=CentOS-$releasever - Updates
baseurl=http: //172 .16.70.192 /centos/ $releasever /updates/ $basearch/
gpgcheck=1
gpgkey= file : ///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
baseurl=http: //172 .16.70.192 /centos/ $releasever /extras/ $basearch/
gpgcheck=1
gpgkey= file : ///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
baseurl=http: //172 .16.70.192 /centos/ $releasever /centosplus/ $basearch/
gpgcheck=1
enabled=0
gpgkey= file : ///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

# 新增epel.repo模板文件
[root@YumServer ~] # cat /data/mirrors/centos/7/software/epel.repo 
[epel]
name=Extra Packages  for Enterprise Linux 7 - $basearch
baseurl=http: //172 .16.70.192 /epel/7/ $basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey= file : ///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

[epel-debuginfo]
name=Extra Packages  for Enterprise Linux 7 - $basearch - Debug
baseurl=http: //172 .16.70.192 /epel/7/ $basearch /debug
failovermethod=priority
enabled=0
gpgkey= file : ///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1

[epel- source ]
name=Extra Packages  for Enterprise Linux 7 - $basearch - Source
baseurl=http: //172 .16.70.192 /epel/7/SRPMS
failovermethod=priority
enabled=0
gpgkey= file : ///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1

[root@YumServer ~] # hostname -I
172.16.70.192
  • 浏览器访问http://172.16.70.192

客户端配置

[root@YumTest ~] # wget http://172.16.70.192/centos/7/software/yum_rest.sh
[root@YumTest ~] # bash yum_rest.sh
posted @ 2022-10-09 11:59  讲文张字  阅读(1268)  评论(0编辑  收藏  举报
返回顶部