How to create a local mirror of the latest update for Red Hat Enterprise Linux 5, 6, 7, 8 without using Satellite server?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5
  • Red Hat Network (RHN)
  • Red Hat Subscription Management (RHSM)
  • reposync

Issue

  • What is reposync utility and how to use it?
  • How to create a local mirror of the latest update for Red Hat Enterprise Linux 5, 6, 7, or 8 without using Satellite server
  • Need to download all packages / rpms from specific channel locally
  • How to make a local repository

Resolution

RHEL 5,6,7

RHEL 5

# mkdir /var/repo
# reposync --gpgcheck -l --repoid=rhel-5-server-els-rpms --download_path=/var/repo --downloadcomps
# cd /var/repo/rhel-5-server-els-rpms
# createrepo -v /var/repo/rhel-5-server-els-rpms
# yum clean all
# yum list-sec
# find /var/cache/yum/ -name *updateinfo.xml*
# mv /var/cache/yum/rhel-5-server-els-rpms/365ae03ca85bb9d3bc509ea9129d1d3fb9a18381-updateinfo.xml.gz /tmp
# cd /tmp
# gzip -d 365ae03ca85bb9d3bc509ea9129d1d3fb9a18381-updateinfo.xml.gz
# mv 365ae03ca85bb9d3bc509ea9129d1d3fb9a18381-updateinfo.xml updateinfo.xml
# cp updateinfo.xml /var/repo/rhel-5-server-els-rpms/repodata/
# modifyrepo /var/repo/rhel-5-server-els-rpms/repodata/updateinfo.xml /var/repo/rhel-5-server-els-rpms/repodata/

RHEL 8

Install the required packages

  • Install the "yum-utils" and "createrepo" packages on the registered system.

    # yum install yum-utils createrepo
    

Create a basic local repository

NOTE: Change <repo-id> to the repository you intend to sync

  • Sync all the packages from a specified repository to a specified directory

    # reposync --gpgcheck -l --repoid=<repo-id>
    for example:
    # reposync --gpgcheck -l --repoid=rhel-6-server-rpms --download_path=/var/www/html
    
  • In the targeted directory, there will be a new directory named after the Repository ID. All the downloaded packages will be inside this directory.

    # cd /var/www/html/<repo-id>
    # createrepo -v /var/www/html/<repo-id>
    

Create a local repository that allows clients to use groups

How to download all the metadata for the repository that is being synced which will allow the use of various plugins such as 'yum groupinstall'

  • On RHEL6 and later, reposync supports the --download-metadata and --downloadcomps options. For example:

    # reposync --gpgcheck -l --repoid=repo-id --downloadcomps --download-metadata
    for example:
    # reposync --gpgcheck -l --repoid=rhel-6-server-rpms --download_path=/var/www/html --downloadcomps --download-metadata
    
  • To have access to the group data for the newly synced repo, please run the createrepo command as follows:

    # cd /var/www/html/<repo-id>
    # createrepo -v  /var/www/html/<repo-id>/ -g comps.xml
    

Modify the repodata to define which packages are security related.

  • These steps require that the createrepo command has already been run.

    # yum clean all
    # yum list-sec
    # find /var/cache/yum/ -name updateinfo.xml            ##For RHEL 5 use '-name *updateinfo.xml*'
    
  • From the find command above, identify the updateinfo.xml that matches the that you ran reposync against and move that file into your repodata directory.

    # mv updateinfo.xml /var/www/html/<repo-id>/repodata/updateinfo.xml
    # modifyrepo /var/www/html/<repo-id>/repodata/updateinfo.xml /var/www/html/<repo-id>/repodata
    
  • How to update security Erratas on system which is not connected to internet ?


Create a local repo with Red Hat Enterprise Linux 8

  • Ensure you have yum-utils-4.0.8-3.el8.noarch or higher installed so reposync correctly downloads all the packages.
  • Sync all enabled repositories and their repodata

    # reposync -p <download-path> --download-metadata --repo=<repo id>
    

NOTE:

  • createrepo is not required for RHEL 8. reposync will download everything including the repodata.

NOTE:

  • To keep the sync current, for example, cronjobs can be used. The createrepo command supports --update to efficiently update existing repositories.
  • The locally created repository is typically used by other RHEL clients via LAN, for example via HTTP/HTTPS (for example provided by the apache webserver which is part of RHEL), via FTP (i.e. vsftpd) or NFS (nfs-utils package). Share this local repository with the offline systems to update the offline systems.
  • reposync utility can only mirror repositories which the system is entitled to.
  • Accessing multiple repositories without the appropriate, active, subscription of RHEL version on 'single' system is not supported and will be considered as abuse of subscription.
  • Related information How do I delete old packages in local repository server?

Root Cause

Red Hat provides a utility called reposync which can be used to download the packages from the CDN. In order to download all packages from a specific channel, the system should be subscribed to that channel. If the system is not subscribed to the required channel then reposync will not be able to download and sync those packages on local system.

Diagnostic Steps

  • createrepo-0.9.9-26.el6.noarch which is part of RHEL6.9GA has an issue regarding --update, refer to bz1434369 for details.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

7 Comments

I am trying to reposync an upstream red hat repository server to a downstream red hat repository server. The goal is to have a local copy of the repos so that clients in a private subnet can use the downstream repo to update.

Is there a guide to do this? or is this configuration not supported?

Happy New Year!

If you find the information in this article not sufficient, the following article may help to solve your request:

  1. Creating a Local Repository and Sharing With Disconnected/Offline/Air-gapped Systems [Master Article]

Best regards,
Joerg

Could you add link to https://access.redhat.com/solutions/1443553 near to "Accessing multiple repositories without the appropriate, active, subscription of RHEL version on 'single' system is not supported and will be considered as abuse of subscription."? The KCS describe consolidation of RHEL 6, 7, 8 reposync processes into one server with container. And it's appropriate use case. Container cannot consolidate different architectures(Power, Z, ARM..), but I expect "RHEL 6, 7, 8 on x86_64" is enough for many users,.

Can we sync package for Rhel6, Rhel7 , Rhel 8 , from Rhel 8 itself ? or do we need different servers for different version of redhat ?

I may have been mislead on this but based on things I had read a while ago elsewhere, in order for the system to be able to download the packages each version of RHEL 5, 6, 7, and 8 need to have separate repo server running the version of the OS of for that specific repo.

It is not supported to synchronize the content through reposync command for every major release version of the single server. It is recommended to use the separate servers for each major release versions for downloading the packages or synchronizing the contents for the respective release versions because for running reposync commands, it is mandatory to enable the respective release version specific repositories on the servers which may not be possible through standard process for enabling the repositories through subscription-manager commands.

Is it supported to synchronize repositories for every release on the single machine through reposync ?

To do that, you should run some containers. Each container should be based on image of version(6,7,8) of RHEL, and bind a directory with host one to share rpm files.
Run reposync in each of them on subscribed RHEL 8 will work to sync RHEL 6,7,8 repositories. This is standard process for subscription-manager in containers.

For reference, following solution uses docker container to access RHEL 6 repositories from RHEL 7, but you can do basically same thing with podman and RHEL 8. https://access.redhat.com/solutions/1443553

Pages