Creating minimal, standalone YUM update repositories (for disconnected systems)

Latest response

We already know how to use reposync (or even pulp) to create standalone, disconnected YUM repositories. E.g., Solution [23016] for instance.

But what we're looking for is to feed a subset( of RPM packages, and only build a minimal, standalone, disconnected YUM repository with only those RPM packages (such as updates), and their dependencies, and *nothing else. This is both for "size" and "control" considerations. I.e., we neither want to cut 100s of GiBs for RHEL4+5+6+7 i386+x86-64 nor want our remote sites installing new software that wasn't already installed. Again, these are disconnected (or even "airgap") sites with no Internet, and usually running from one-way (or read-only) media.

What I would like to know is if there is a deterministic tool do to this directly. E.g., some past solutions I've tried include ...
- Build up 1 example system of each release/arch, run "yum upgrade," then scrap the packages out of /var/cache/yum/, and then run createrepo on
- Script, use a package dependency tool, to resolve and give a RPM list, which we then run createrepo on

And if not, should I just create a YUM Python (and, eventually DNF) plug-in that createrepo can use? I'm thinking that's where I'm headed, because I'm creating a lot of one-off scripts, nothing sustained and long-term usable.

I know I'm not the only one who has run into this, and there are always customers I've had who want just the minimal YUM repo to update packages, and not allow their customers to install any, additional software -- especially for updates, especially when the systems are on a private, disconnected (or even "airgap") network.

-- bjs

[23016] https://access.redhat.com/solutions/23016

Bryan Smith's picture

Responses