[Pulp-list] repository environments and promoting
vaclav.adamec at suchy-zleb.cz
Mon Sep 5 10:20:04 UTC 2016
That was the reason why we provide live repozitories even on production
servers. We don't need to copy one RPM, but during special security
patching we get it directly from live repozitories (install affected
package only via yum and enablerepo). Also no autopromoting from one stage
to another, at least not for now as we have thousands different
apps/servers and part of them are not covered properly by tests, also we
need to fullfill some change management steps which cannot be done by
On Mon, Sep 5, 2016 at 11:11 AM, Vladimir Vasilev <vvasilev at redhat.com>
> I was thinking and testing the same approach, with "copy rpm".
> A few disadvantages:
> you cannot copy specific RPM
> you cannot copy only latest versions.
> RPMs that don't exist on source won't be deleted from dest
> Or maybe there's some filters which can do that above.
> What I like more is having the prod repositories configured to sync from
> stage with:
> --feed=XXX --remove-missing=true --download-policy=on_demand
> Then you upload/publish to stage and later just run sync for prod.
> No one must push directly to prod. I just wonder how can I enforce this on
> the server side.
> On 09/05/16 08:28, Vaclav Adamec wrote:
> I'm using Ansible playbooks for deployment and Puppet+Hiera to setup
> repozitories on servers (right now about 30 repozitories at all, about 5
> per server). All servers have disabled live repozitories (for security
> patches) and enabled assigned stage (dev has live, integration unstable,
> production stable). Than it's just a pipeline of commands on Ansible
> playbook like this:
> # Live repo runs two times per day
> rpm repo sync run --repo-id=centos_live
> rpm repo publish run --repo-id=centos6_live
> #Every week
> rpm repo copy rpm --from-repo-id=centos6_live centos6_unstable
> rpm repo publish run ...
> #Every month
> rpm repo copy rpm --from-repo-id= centos6_unstable centos6_stable
> rpm repo publish run ...
> After publishing Ansible playbook will run update on all servers in given
> Is that something what do you want to achieve ? As a simple GUI I'm using
> Jenkins (as a smarter crontab) and ocsreports to get back installed
> packages and system overview. Pulp server is behind caching Nginx proxies
> (just RPMs, not metadata). I don't using any kind of registration to Pulp
> as for dynamic/cloud environment it's more or less stupid idea.
> On Sat, Sep 3, 2016 at 12:56 PM, Vladimir Vasilev <vvasilev at redhat.com>
>> I checked the latest pulp docs and can't find this..
>> Is there a way to have environments (dev->stage->prod or any) and kind
>> of promote RPMs to the upper?
>> I see some "content environment" in  but the idea is different.
>> There's copy from one repo to another and again to method to copy
>> specific RPMs or latest versions.
>> Looks like juicer  is trying to solve this. We use it for one client
>> and it works. Downside is that I'm stuck with 3rd party tool.
>>  https://docs.pulpproject.org/plugins/pulp_rpm/user-guide/recipes.html
>>  https://github.com/juicer/juicer
>> Pulp-list mailing list
>> Pulp-list at redhat.com
> -- May the fox be with you ...
> ) ) /\_/\
> (_=---_(@ @)
> ( \ /
> /|/----\|\ V
> " " " "
> Vladimir Vasilev
> Senior Systems Administrator
> PnT DevOps - System Operations
> Red Hat Czech s.r.o., Purkynova 99, 612 00 Brno, Czech Republic
> Work: +420 532-294-569
> Cell: +420 737-080-404
-- May the fox be with you ...
) ) /\_/\
( \ /
" " " "
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pulp-list