[Pulp-list] RHEL version lock using Pulp

Venkataramana Bora venkbora at in.ibm.com
Fri Aug 30 17:23:29 UTC 2019 


Hi Aaron , thanks a lot for your quick reply. I'm sorry I did not  get your
first suggestion . I'm really sorry for this, I did not create that before
and could not find any useful info about that on Google search too. Can you
please provide me if any useful links or how to steps of this?

 How to create a content view with a filter to include everything up to the
day before RHEL 7.5 was released (2018-04-09)?   Point your servers at that
and that's all they'll ever see and have access to; essentially, RHEL 7.4.

We are not using subscription-manager and we dont have Satellite servers.
We are using only Pulp as  a Primary for Patches pulling from Redhat CDN
and Pulp Slave to distribute those patches to RHEL serveres , as many of
those RHEL servers are behind firewall , not exposed to RHEL.
Looks like subscription-manager is mandatory for those servers which
require version lock.






Sincerely,
Venkataramana Bora
IBM Visakha Hills
Visakhapatnam – 530 045, India



From:	Aaron Wyllie <aaron.t.wyllie at gmail.com>
To:	Venkataramana Bora <venkbora at in.ibm.com>
Cc:	pulp-list <pulp-list at redhat.com>
Date:	08/30/2019 06:59 PM
Subject:	[EXTERNAL] Re: [Pulp-list] RHEL version lock using Pulp



Venkataramana,

Trying to control through versionlock is an exercise in futility.  Don't do
it.

You have a few options here:

1. You could create a content view with a filter to include everything up
to the day before RHEL 7.5 was released (2018-04-09).  Point your servers
at that and that's all they'll ever see and have access to; essentially,
RHEL 7.4.
2. You could import the minor point-release version of the RHEL 7
repositories you require.  So, instead of these:

rhel-7-server-rpms-x86_64 feed: '
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os'.
rhel-7-server-extras-rpms-x86_64 feed: '
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/extras/os'
rhel-7-server-optional-rpms-x86_64 feed:'
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/optional/os
'

You would import these:

 rhel-7-server-rpms-x86_64 feed: '
https://cdn.redhat.com/content/dist/rhel/server/7/7.4/x86_64/os'.
rhel-7-server-extras-rpms-x86_64 feed: '
https://cdn.redhat.com/content/dist/rhel/server/7/7.4/x86_64/extras/os'
rhel-7-server-optional-rpms-x86_64 feed:'
https://cdn.redhat.com/content/dist/rhel/server/7/7.4/x86_64/optional/os'

Once those were imported, you can use the command "subscription-manager
release --set=7.4" on the servers you need to pin and that is all they will
see.

Please note that if you *do not* import the minor-point release
repositories and you try to use that, it will fail.  An easy way to see
what is available would be:

# subscription-manager release --list  <== This will tell you what
"releases" are available from your Pulp repositories .. if no minor-point
release has been imported for RHEL 7, all you will see is "7Server".
# subscription-manager release --set=7.4  <== Set the release version to
7.4.
# subscription-manager release --show  <== Confirm that the managed-client
is now set to release version 7.4

That "should" work for your requirements.

Cheers.

On Fri, Aug 30, 2019 at 8:39 AM Venkataramana Bora <venkbora at in.ibm.com>
wrote:
  Hi Team,
  Would like to know, on Pulp servers is there any recent development that
  enables RHEL servers to lock down into a specific version (say RHEL 7.4 )
  using cdn.redhat.com feed? Right now we are using below Redhat 7 feeds
  for our Pulp Primary server. We have a requirement now where we need to
  have RHEL7.4 only servers that should not be updated to latest RHEL7.x
  but we should have latest RHEL7.4 security updates every month. Kindly
  let me know if there is any possibility of specific version locking using
  Pulp or not. Thanks a lot in advance !

  Pulp_repo rhel-7-server-rpms-x86_64 feed: '
  https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os'.
  pulp_repo rhel-7-server-extras-rpms-x86_64 feed:
  'https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/extras/os'

  pulp_repo rhel-7-server-optional-rpms-x86_64 feed:'
  https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/optional/os
  '

  Our Pulp Master and Slave servers are with version 2.16.

  Right now on one of RHEL 7.4 servers I tried to Lock version this way but
  many packages are updating to 7_5 or 7_6 as shown in screen shot and
  Kernel is also updating to latest and taking it as default boot Kernel,
  leaving old Kernel intact ,
  I mean not removing it. After reboot when I type cat /etc/redhat-release
  it still shows RHEL 7.4 but I'm concerned with Packages and Kernel
  updating to latest. I like to have only security updates on it.

  1.#echo '7.4' > /etc/yum/vars/releasever

  2.# yum update-minimal --security
  or
  3.#yum update --security






  Sincerely,
  Venkataramana Bora
  IBM Visakha Hills
  Visakhapatnam – 530 045, India

  _______________________________________________
  Pulp-list mailing list
  Pulp-list at redhat.com
  https://www.redhat.com/mailman/listinfo/pulp-list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20190830/1239e2da/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 14677819.gif
Type: image/gif
Size: 592 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20190830/1239e2da/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 14495306.gif
Type: image/gif
Size: 1697 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20190830/1239e2da/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20190830/1239e2da/attachment-0002.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 14246478.gif
Type: image/gif
Size: 30657 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20190830/1239e2da/attachment-0003.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 14897731.gif
Type: image/gif
Size: 24786 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20190830/1239e2da/attachment-0004.gif>

More information about the Pulp-list mailing list