[Spacewalk-list] Firewall requires internal Mirroring EPEL and spacewalk repos

Paul Robert Marino prmarino1 at gmail.com
Wed Aug 22 20:07:11 UTC 2012 

you might be right but I don't think those specific packages require EPEL
however I may be wrong.



On Wed, Aug 22, 2012 at 3:41 PM, Boyd, Robert
<Robert.Boyd at peoplefluent.com>wrote:

> Thank you for the pointer.   I’m setting up channels or sub-channels for
> the EPEL and spacewalk distros now. I’ll still have to figure out what the
> URL will be for adding to yum on the new clients so they can find it.  ***
> *
>
> ** **
>
> If you look in the text below everywhere it says to install
> spacewalk-client-repo or epel-release I’m going to be able to pull down
> those RPMs and install them         -- then I’ll need to go into the
> /etc/yum.repos.d/spacewalk.repo and epel.repo and fix up the baseurl to
> point to something on my Spacewalk server and/or proxy server.   That’s the
> part I’m uncertain of at this point.    Or do I have to copy/link the files
> from inside of spacewalk’s repositories to something accessible underneath
> the /pub tree and use that as the baseurl?****
>
> ** **
>
> Ultimately I’d like to add a section for the Wiki instructions that shows
> new people how to do this process if they’re faced with the same hurdle.
> There’s no reason for each new spacewalk administrator to have to re-invent
> this stuff.****
>
> ** **
>
> I think I must beg to differ with you on the EPEL point though.  Here is
> the text from the Wiki for registering clients for RHEL:****
>
> ** **
>
> *Red Hat Enterprise Linux 5 and 6, Scientific Linux 6, CentOS 5 or 6*
>
> *Warning:* If you are installing these packages on a Red Hat Enterprise
> Linux installation it will override some of the original base packages and
> you may well be invalidating your support agreement with Red Hat!****
>
>    1. Install the Spacewalk yum repository****
>
>
>    - RHEL 5 / CentOS 5****
>
> **·  **# rpm -Uvh
> http://spacewalk.redhat.com/yum/1.7/RHEL/5/i386/spacewalk-client-repo-1.7-5.el5.noarch.rpm
> ****
>
>    - RHEL 6 / SL 6 / CentOS 6****
>
> **·  **# rpm -Uvh
> http://spacewalk.redhat.com/yum/1.7/RHEL/6/i386/spacewalk-client-repo-1.7-5.el6.noarch.rpm
> ****
>
>    1. The latest client tools bring the upstream development to your
>    client boxes. That means that the packages may have dependencies that are
>    not found in core Red Hat Enterprise Linux. These dependencies can be found
>    in EPEL, just like for the Spacewalk server:****
>
>
>    - EPEL 5****
>
> **·  **# BASEARCH=$(uname -i)****
>
> **·  **# rpm -Uvh
> http://dl.fedoraproject.org/pub/epel/5/$BASEARCH/epel-release-5-4.noarch.rpm
> ****
>
>    - EPEL 6****
>
> **·  **# BASEARCH=$(uname -i)****
>
> **·  **# rpm -Uvh
> http://dl.fedoraproject.org/pub/epel/6/$BASEARCH/epel-release-6-7.noarch.rpm
> ****
>
>    1. Install client packages****
>
> **4.  **# yum install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto
> yum-rhn-plugin****
>
>    1. Register your CentOS or Red Hat Enterprise Linux system to
>    Spacewalk using the activation key you created earlier****
>
> **6.  **# rhnreg_ks --serverUrl=http://YourSpacewalk.example.org/XMLRPC--activationkey=<key-with-rhel-custom-channel>
> ****
>
> ** **
>
> *From:* spacewalk-list-bounces at redhat.com [mailto:
> spacewalk-list-bounces at redhat.com] *On Behalf Of *Paul Robert Marino
> *Sent:* Wednesday, August 22, 2012 2:43 PM
>
> *To:* spacewalk-list at redhat.com
> *Subject:* Re: [Spacewalk-list] Firewall requires internal Mirroring EPEL
> and spacewalk repos****
>
> ** **
>
> Well the important thing if you want to register existing clients is to
> install the packages in the spacewalk client repo,  EPEL is not required
> for this.
>
> after you do that you just need to run rhnreg_ks with the activation key
> for the appropriate base channel and the server url
>
> If you dont intend to run osad you will need to run rhnsd instead which
> does check ins with the spacewalk server at regular intervals. The big
> difference betwean the two is osad keeps an active encrypted connection to
> a jabber instance running on the spacewalk server so they can communicate
> in real time, and rhnsd runs rhn_check every few minutes to check if any
> thing needs to be executed via the XML RPC API via https.
>
> As far as what url to use for mirroring EPEL just look at a box that
> already has EPEL configured in yum and copy url in the mirrorlist and or
> baseurl fields from /etc/yum.repos.d/epel.repo.****
>
> On Wed, Aug 22, 2012 at 2:00 PM, Boyd, Robert <
> Robert.Boyd at peoplefluent.com> wrote:****
>
> I see your point – I’m just not sure how this actually will work.   I’m
> still learning how things tie together.   If I want to  have Spacewalk
> mirror EPEL and Spacewalk Client, what are the URLs I would use to create
> repositories in Spacewalk?   And then what does the yum repo link look like
> to be able to install the client software on a new client?   Surely someone
> has had to do this before for an environment where the clients aren’t
> allowed to face the Internet directly.****
>
> Or I suppose I could create a sub-directory under http://spacewalkhost/pub
> with the specific rpms linked into it and pull them down that way.   What
> I’m looking for is the most reasonable way to make it work with the least
> amount of ongoing maintenance required to keep it up to date. ****
>
> Thanks,****
>
> Robert****
>
> *From:* spacewalk-list-bounces at redhat.com [mailto:
> spacewalk-list-bounces at redhat.com] *On Behalf Of *Paul Robert Marino
> *Sent:* Tuesday, August 21, 2012 7:36 PM
> *To:* spacewalk-list at redhat.com
> *Subject:* Re: [Spacewalk-list] Firewall requires internal Mirroring EPEL
> and spacewalk repos ****
>
> Keep in mind as long as you don't use osad its all https so I don't see
> the point.****
>
> On Aug 21, 2012 7:29 PM, "Paul Robert Marino" <prmarino1 at gmail.com> wrote:
> ****
>
> Well yea but why not just have spacewalk directly mirror epel and cut out
> the middle man****
>
> On Aug 21, 2012 7:01 PM, "Boyd, Robert" <Robert.Boyd at peoplefluent.com>
> wrote:****
>
> It appears that due to firewalling and such I’ll need to build an internal
> yum repo mirror of EPEL and spacewalk repos.   I have mrepo running on my
> spacewalk master server.   Can I easily tell mrepo to mirror those 2 so I
> can serve them internally from there?****
>
> And, question #2 – if I have spacewalk proxy servers running, can I use
> them as repo mirrors too with what’s already installed on them, or will I
> need to install mrepo or figure out using createrepo to do that?****
>
> Thanks for any tips you might think of for doing this.****
>
>
> *Robert Boyd*
> Senior Systems Engineer
> Phone: 919-645-2972****
>
> Mobile: 919-306-4681****
>
> Peoplefluent****
>
> 434 Fayetteville Street ****
>
> Raleigh, NC  27601****
>
>
> robert.boyd at peoplefluent.com <michael.dileonardo at peoplefluent.com>****
>
>  ****
>
> [image: Description: Description: Description:
> cid:image001.png at 01CC344B.23823870]****
>
>  ****
>
> This email message is for the sole use of the intended recipient(s) and
> may contain confidential information. Any unauthorized review, use,
> disclosure or distribution is prohibited. If you are not the intended
> recipient, please contact the sender by reply email and destroy all copies
> of the original message.****
>
> ** **
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20120822/c2180dfd/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 4488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20120822/c2180dfd/attachment.png>

More information about the Spacewalk-list mailing list