How to sync EPEL repositories in Red Hat Satellite 6?

Solution Verified - Updated -

Environment

  • Red Hat Satellite 6

Issue

  • How to sync EPEL repositories in Red Hat Satellite 6?
  • How to add third-party repositories in Red Hat Satellite 6?

Resolution

  1. Create a GPG Key to associate with EPEL product (which would be created in step2)
    Content >> Content Credentials >> Create Content Credentials >> Either paste the contents of the EPEL GPG key or import the file

  2. Create a new product called EPEL
    Content >> Products >> New Product >> specify Name and associate the GPG Key from step1
    Note : Only associate the GPG Key to the product, if only a single repository would be available under it. Otherwise the GPG Key can be associated with the repository (step 3)

  3. Create a repository under EPEL product
    Click on EPEL product >> Create Repository >> Fill details
    Name
    Type : yum
    URL : Specify the URL of the EPEL repsository
    Select GPG Key from drop-down
    Click Save

  4. Once the EPEL product and repository is created, click on EPEL repository >> click Sync Now

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

17 Comments

If you are planning to sync multiple versions of EPEL (5, 6, or 7), I recommend in Step #2: name the product with the version (e.g. EPEL 6); as the different releases of EPEL have different GPG keys associated with them.

Hi, I managed to add an EPEL product with three repositories and sync all the content Then I noticed that the repos are not visible to the machines registered (2 test hosts at the moment) So I added this GPG key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL

But nothing is showing up. @Mike do you think it's because that's not the right key?

EDIT: tried to associate EPEL 7Server and register --force to re-register but nothing shows up except for the Red Hat repos

Do you know how to debug this issue? There's not much to be done after refresh and repos --list ...

Thanks

I am having the same problem as Michele Frettoli. This solution is incomplete.

Hi Jeremy, I then managed to get it to work.

Try it with only one repo in one product, for example product "EPEL6 Server" with the repo for RHEL6.

Check if you see the repository with: subscription-manager repos --list

If it's not enabled, follow this: https://access.redhat.com/solutions/265523

If it does not show up, check that the GPG key is the right one (EPEL has multiple keys)

IF it does not show up again, verify that the host gets the product entitlement/subscription from satellite: go to "content hosts", and see if the host has "EPEL6 Server" subscription, if not, manually add it and check if you see it:

subscription-manager list --available

then attach the host to the subscription, enable the repo, and try again.

To make the Product visible I added it to the Content View applicable to the servers I wanted to use it on, and published a new version.

To make the Product available I used another approach: I used the discover repo button on top of the Product page. I used the URL link from the epel-release rpm deployment (if fact from the /etc/yum.repo.d/epel.repo file). It give a load of repositories, I deleted the ones I did not need afterwards. E.g. test and beta repos.

I had to flip the checksum to sha1

Ok, but as of 6.3, how can you install an EPEL RPM on the Satellite server ?

This solution worked for us:

# curl -O https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
# hammer gpg create \
  --key RPM-GPG-KEY-EPEL-7 \
  --organization "$ORG" \
  --name "EPEL-7"
# hammer product create \
  --gpg-key "EPEL-7" \
  --name "EPEL-7" \
  --description "EPEL 7 Repository" \
  --organization "$ORG"
# hammer repository create \
  --organization "$ORG" \
  --content-type yum \
  --gpg-key "EPEL-7" \
  --name "EPEL-7" \
  --product "EPEL-7" \
  --url "https://dl.fedoraproject.org/pub/epel/7/x86_64/"

On 6.4, you need to select Content-> Content Credentials to create the GPG file.

Can 6.4 handle a custom yum repository with multiple GPG keys ?

In 6.4 there isn't a way to do it via hammer?

I do not know as I am still on 6.2 I was looking for aan example and went here: https://packages.gitlab.com/app/gitlab/gitlab-ce/gpg and I think I originally misread the page. Now I just need to figure out which one to use

The instructions say;

Create a repository under EPEL product Click on EPEL product >> Create Repository >> Fill details Name Type : yum URL : Specify the URL of the EPEL repsository Select GPG Key from drop-down Click Save

Wouldn't it be helpful if your documentation gave the URL that I'm supposed to type?

I am interested in downloading just specific packages from EPEL, and I know this can be done wit reposync and a specific configuration using an includepkgs and/or include parameters in the repo file. Is this possible within Satellite 6?

The only other way of doing this, I think, is to change from being a yum repo, to a local file repo.

Download the files you specifically want from EPEL, beforehand.

Assuming you are on Satellite 6.3 and later, you can take advantage the new ondemand download policy.

When the ondemand policy is set for a repo, Satellite will retrieve the RPMs (as the name states) on demand. Once retrieved, they are kept permanently and served from Satellite directly to clients.

This would accomplish effectively the same goal. See this document which covers the various download policies supported.

Probably should mention this is for Satellite 6.0 to 6.3, GPG key creation for Satellite 6.4 has moved to:

Content >> Content Credentials >> Create Content Credential

From there, there's a drop down between GPG Key and SSL Certificate.