Beginners Guide to Package Management with YUM in CentOS/RHEL
The purpose of implementing a YUM server is to have a centralized repository of packages/rpms. Also, the main motive behind it is to have a centralized patch management system, where you can download the packages from the Redhat website and store it on a central location. By configuring YUM we can save efforts to install/update any package on the server. Also, we can apply the latest bug fixes and hotfixes with less manual efforts.
I have taken this discussion as an opportunity to explore more on the RHEL patching side. And I could create a Centralized Patch (update) server using YUM (HTTP-based) for updating the clients. Here are the steps that I performed to configure the server. I kept all the steps and screenshot with this article so it’s a bit long. I hope this would help you guys as well.
Here I am using RHEL 6.3 release. You can check the version using:
# cat /etc/redhat-release
Pre-requisites for creating the Centralized patch/update YUM server are:
- Apache software (httpd-2.2.15-29.el6_4.i686)
- YUM download only plugin rpm (yum-plugin-downloadonly-1.1.30-14.el6.noarch)
- Createrepo rpm (createrepo-0.9.9-18.el6.noarch)
- Internet connectivity (which is required to contact Redhat server for pulling updates)
- RHEL 6.3 OS DVD for copying the rpms and creating rpm.
- Valid redhat (RHN) login ID and password for downloading the update from Redhat
Check the required rpms are installed in the server.
[root@server-yum ~]# rpm -qa | grep -i httpd
httpd-2.2.15-29.el6_4.i686
[root@server-yum ~]# rpm -qa | grep -i Yum
yum-plugin-downloadonly-1.1.30-14.el6.noarch
[root@server-yum ~]# rpm -qa | grep -i create
createrepo-0.9.9-18.el6.noarch
First we need to configure apache server. In this setup I am using http protocol for YUM server. For configuring the apache we need to edit the apache configuration file /etc/httpd/conf/httpd.conf and change the following lines:
ServerAdmin [email protected]
ServerName 192.168.1.5:80
DocumentRoot "/var/www/html"
Mount the DVD and using mount command to any directory here I am using /mnt for mounting the DVD in my server.
Now we need to copy all the rpms from the RHEL6 DVD to /var/www/html for creating the repo. In the RHEL DVD you have 3 directories which contains rpms. They are Packages, HighAvailability & LoadBalancer. Run the following commands to copy the rpms directories to /var/www/html location.
Once you have copied all the RPMs you start or restart Apache. Using the following command.
[root@server-yum ~]# service httpd restart
Now we need to run createrepo command to create database of the rpm’s. Using createrepo command.
[root@server-yum ~]# cd /var/www/html/Packages/
[root@server-yum Packages]# createrepo .
[root@server-yum Packages]# cd /var/www/html/LoadBalancer/
[root@server-yum LoadBalancer]# createrepo .
[root@server-yum LoadBalancer]# cd /var/www/html/HighAvailability/
[root@server-yum HighAvailability]# createrepo .
You might be thinking why we are copying all RPMs in different directories why can’t we copy all the RPMs into a single directory and run single createrepo command to create a single RPM database. It is possible to create a single directory and copy all the RPMs into that and run the createrepo. However we cannot use the groupinstall or gouplistand all RPM group related commands.
Now we need to create group of RPM’s for convenient installation of Packages using the following command. If we don’t create group you would get the following error message when you run the group related commands from client machine like groupinstall ,grouplist etc.
[root@yum-client yum.repos.d]# yum grouplist
Loaded plugins: product-id, refresh-packagekit, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Setting up Group Process
Error: No group data available for configured repositories
[root@yum-client yum.repos.d]#
So we need to create a group repo file to fix these kind of issue or to use group rpm related command in YUM. Now for running the createrepo command for group of RPM you need to have a XML file. This file would be under the repodata directory in the DVD and the end of file name as –comps-rhel6-server.xml. Filename would be something similar to this:
9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml
You need to copy this XML file to all the RPM directories under the /var/www/html.
[root@yum-server repodata]# cp /cdrom/repodata/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/Packages/
[root@yum-server repodata]# cp /cdrom/repodata/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/HighAvailability/
[root@yum-server repodata]# cp /cdrom/repodata/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/LoadBalancer/
Then you need to run the createrepo command using the following command in each RPM directory.
[root@server-yum repodata]# createrepo -g /var/www/html/Packages/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/Packages/
Spawning worker 0 with 2842 pkgs
Worker 0:
Worker 0: iso-8859-1 encoding on Ville Skyttä <ville class="skytta@iki fi"> - 2.8.2-2
Worker 0:
Workers Finished
Gathering worker results
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete</ville>
[root@server-yum repodata]# createrepo -g /var/www/html/LoadBalancer/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/LoadBalancer/
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@server-yum repodata]# createrepo -g /var/www/html/HighAvailability/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/HighAvailability/
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
Testing the YUM Server you can create local repo file and check the some YUM installation commands.
My repo file is /etc/yum.repos.d/yum.repo:
# cat /etc/yum.repos.d/yum.repo
After testing the YUM server functionality locally now we need to register this server with Redhat for getting the update. We can use rhn_register command to register the server.
# rhn_register
Here is the screenshot of registering the server with Redhat for update:
Here you need to use your valid Redhat Login ID and password for login.
This will take some time to send the profile to Redhat:
Once you have finished the registration then you can download the updates from Redhat using the following command. I have given an option to downloadonly so the update will be downloaded into the local directory it won’t update the server automatically. These packages can be used to update the clients.
[root@server-yum ~]# yum update -y --downloadonly --downloaddir=/var/www/html/Packages/
Loaded plugins: downloadonly, product-id, refresh-packagekit, rhnplugin, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Server-Yum | 3.7 kB 00:00
rhel-i386-server-6 | 1.8 kB 00:00
rhel-i386-server-6/primary | 16 MB 03:51
rhel-i386-server-6 | 9441/9441
You can see the downloaded started and end of this screen you can see some messages like exiting because dowloadonly. Once download is finished you need to run createrepo command again to update the repo database.
[root@server-yum]# cd /var/www/html/ Packages
[root@server-yum Packages]# createrepo .
Spawning worker 0 with 3306 pkgs
Worker 0:
Worker 0: iso-8859-1 encoding on Ville Skytta [[email protected]] - 2.8.2-2
Worker 0:
Workers Finished
Gathering worker results
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
To update the RPM’s group database run the following command
[root@server-yum Packages]# createrepo -g /var/www/html/Packages/9e621fc619d1eccd6fb49237c666f0ce4c68f93fab753cf9a840c7600dc4f30a-comps-rhel6-Server.xml /var/www/html/Packages/
Spawning worker 0 with 3306 pkgs
Worker 0:
Worker 0: iso-8859-1 encoding on Ville Skyttä <ville class="skytta@iki fi"> - 2.8.2-2
Worker 0:
Workers Finished
Gathering worker results
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete</ville>
The YUM server is ready to give/distribute the update to its clients. On the client-side you need to create a repo file under /etc/yum.repos.d, which is pointing to your YUM server. My YUM client repo file looks like the below.
# cat /etc/yum.repos.d/yum.repo
For updating the client with the latest packages, fixes, and enhancement you can run the ‘yum update’ command (Patch up system by applying all updates). You could see the entries like this.
[root@localhost yum.repos.d]# yum update
Loaded plugins: product-id, refresh-packagekit, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package ModemManager.i686 0:0.4.0-3.git20100628.el6 will be updated
---> Package ModemManager.i686 0:0.4.0-5.git20100628.el6 will be an update
---> Package NetworkManager.i686 1:0.8.1-33.el6 will be updated
---> Package NetworkManager.i686 1:0.8.1-66.el6 will be an update
---> Package NetworkManager-glib.i686 1:0.8.1-33.el6 will be updated
You can give confirmation that whether to update or not. If given Y then it starts updating the client.
After the confirmation, you can see the packages is getting updated in the client-side
That’s it. But there are many other things you can do. For example, yum updateinfo has some handy options. Try the following:
# yum updateinfo summary
# yum updateinfo list security
# yum updateinfo list available
# yum updateinfo list bugzillas
To prevent yum command from updating the Kernel type:
# yum -y --exclude=kernel\* update
How do I prevent yum from Updating the Kernel permanently? Edit /etc/yum.conf file, enter:
# vi /etc/yum.conf
Append/modify exclude directive line under [main] section, enter:
exclude=kernel*