How to sync EPEL or any other third-party repositories in Red Hat Satellite 6?

Solution Verified - Updated -

Environment

  • Red Hat Satellite 6.x

Issue

  • How to sync EPEL repositories in Red Hat Satellite 6?
  • How to add third-party repositories in Red Hat Satellite 6?

Resolution

Disclaimer:  Links contained herein to external website(s) are provided for convenience only.  Red Hat has not reviewed the links and is not responsible for the content or its availability.  The inclusion of any link to an external website does not imply endorsement by Red Hat of the website or their entities, products or services.  You agree that Red Hat is not responsible or liable for any loss or expenses that may result due to your use of (or reliance on) the external site or content.

Also see the Red Hat blog posting on setting up EPEL with screen shots.

On the Satellite

  1. If the upstream repository has a GPG key, download it.
    • In the Satellite web interface, browse:  Content menu ---> Content Credentials.
    • Click the "Create Content Credential" button.
      • Name:  {Enter an appropriate name for the key.  For example, RPM-GPG-KEY-EPEL-7.}
      • Type:  GPG Key
      • Content Credential Contents:  {Paste the contents of the downloaded GPG key into this text box.  Alternatively, click the "Browse" button and select the downloaded GPG key file.}
      • Click the "Save" button.
  2. Create the 3rd-party product.
    • In the Satellite web interface, browse:  Content menu ---> Products.
    • Click the "Create Product" button.
      • Name:  {Enter an appropriate name for the product.  For example, EPEL.}
      • GPG Key:  {Please see footnote.}1
      • SSL CA Cert:  {Set as appropriate.  Most likely, it can be left blank.}
      • SSL Client Cert:  {Set as appropriate.  Most likely, it can be left blank.}
      • SSL Client Key:  {Set as appropriate.  Most likely, it can be left blank.}
      • Sync Plan:  {Set as appropriate.  Can be left blank.}
      • Description:  {Set as appropriate.  Can be left blank.}
      • Click the "Save" button.
  3. Create a repository inside the 3rd-party product.
    • After the completion of step 2, one should be left at the Repositories tab of the new product.  Click the "New Repository" button.
      • Name:  {Enter an appropriate name for the repository.  For example, EPEL7.}
      • Label:  {Should self-populate, but change as desired.}
      • Description:  {Set as appropriate.  Can be left blank.}
      • Type:  yum
      • Restrict to Architecture:  {Set as appropriate.  Can be left blank.}
      • Restrict to OS version:  {Set as appropriate.  Can be left blank.}
      • Upstream URL:  {Set as appropriate.}
      • Ignorable Content:  {Select appropriate ones.}
      • Verify SSL:  {Enabled by default; select as appropriate.}
      • Upstream Username:  {Set if appropriate.}
      • Upstream Password:  {Set if appropriate.}
      • Download Policy:  {Please see footnote.}2
      • Mirror on Sync:  {Set as appropriate.}
      • HTTP Proxy Policy:  {Set as appropriate.}
      • Checksum:  {Set to Default, by default.  Should be appropriate for most uses; set differently if needed.}
      • GPG Key:  {Please see footnote.}3
      • SSL CA Cert:  {Set as appropriate.  Most likely, it can be left blank.}
      • SSL Client Cert:  {Set as appropriate.  Most likely, it can be left blank.}
      • SSL Client Key:  {Set as appropriate.  Most likely, it can be left blank.}
      • Click the "Save" button.
  4. Sync the newly created repository.
    • After the completion of step 3, one should be left at the Repositories tab of the new product.  Click the checkbox next to the new repository name and then the "Sync Now" button.
  5. Make sure that the repository has been added to the desired content views and a new version has been published and promoted to the desired lifecycle environment.
    • If using composite content views, then one will need to select the version of the content view containing the new product / repository and then republish and promote a new version of the composite content view.

On the Content Host

  1. Execute the below command to list the available products and note the pool ID of the custom product that was created.

    # subscription-manager list --available

  2. Enter that pool ID into this second command:

    # subscription-manager attach --pool=<pool_id>

  3. Now the 3rd-party repository should be listed as available.  Note its repo label.

    # subscription-manager repos --list

  4. Enter its label into this second command:

    #  subscription-manager repos --enable <repo_label>

For more KB articles and solutions related to Red Hat Satellite 6.x repository issues, please refer to Red Hat Satellite Consolidated Troubleshooting Article for Red Hat Satellite 6.x Repository Issues.

  1. If the GPG key downloaded in step 1 is for the entire product, then it is appropriate to select it, here.  For example, the RPM-GPG-KEY-slaanesh GPG key is used to sign packages in multiple negativo17.org repositories, like the EPEL-7Server cdrtools one, or the EPEL-7Server multimedia one.
    If the GPG key is only good for a particular repository, then leave the Product's GPG Key drop-down blank. ↩︎

  2. Many repositories have new content added to them as it become available.  Other repositories, like the EPEL ones, will remove content when newer versions become available.  (For example, frobozz-1.0.1-2.el7.noarch.rpm will be removed when frobozz-1.0.4-1.el7.noarch.rpm is published.)  In such a situation, it is advisable to set the download policy to Immediate instead of On Demand.  This is because with the "On Demand" download policy, one could find themselves in the situation where the Satellite believes an older package (frobozz-1.0.1-2.el7.noarch.rpm) is available and tries to download it, failing because it has (unbeknownst to the Satellite) been replaced by a newer package (frobozz-1.0.4-1.el7.noarch.rpm).
    Please be aware that the "Immediate" download policy will take more time and use more of Satellite's storage. ↩︎

  3. If the GPG key downloaded in step 1 is for a specific repository, then it is appropriate to select it, here.  Some 3rd-parties use a different GPG key per repository.  EPEL is one.  The GPG keys provided at the base of the download site are only valid for the specified repositories.  For example, RPM-GPG-KEY-EPEL-7 is valid for the EPEL 7 repository but not the EPEL 8 one.
    (Note:  these example links are to the official EPEL site.  Please instead use a mirror URL in your satellite.) ↩︎

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments