Local Repository

From pressy's brainbackup
Jump to: navigation, search

Local Repository

Hopefully you have a lot of Solaris systems; so it might make sense to create your own mirrored local repository for Solaris and other packages.

Let's start creating the repo with the GA build avaiable from the download sites for everyone: 

root@psvsparc1:/downloads/11.3repo# ls
install-repo.ksh           sol-11_3-repo_2of5.zip     sol-11_3-repo_4of5.zip     sol-11_3-repo_md5sums.txt
sol-11_3-repo_1of5.zip     sol-11_3-repo_3of5.zip     sol-11_3-repo_5of5.zip
root@psvsparc1:/downloads/11.3repo# install-^C
root@psvsparc1:/downloads/11.3repo# chmod +x install-repo.ksh
root@psvsparc1:/downloads/11.3repo# ./install-repo.ksh -d /ai/repo/
Using sol-11_3-repo download.
Uncompressing sol-11_3-repo_1of5.zip...done.
Uncompressing sol-11_3-repo_2of5.zip...done.
Uncompressing sol-11_3-repo_3of5.zip...done.
Uncompressing sol-11_3-repo_4of5.zip...done.
Uncompressing sol-11_3-repo_5of5.zip...done.
Repository can be found in /ai/repo/.
root@psvsparc1:/downloads/11.3repo# pkgrepo rebuild -s /ai/repo/
Initiating repository rebuild.

OK, now we could use this local repo but we also want other servers to use it. We need a new service for that: 

root@psvsparc1:~# svccfg -s application/pkg/server setprop pkg/inst_root=/ai/repo
root@psvsparc1:~# svccfg -s application/pkg/server setprop pkg/readonly=true
root@psvsparc1:~# svccfg -s application/pkg/server setprop pkg/port=8080
root@psvsparc1:~# svcadm refresh application/pkg/server
root@psvsparc1:~# svcadm enable application/pkg/server

That's it... now let's connect the client: 

root@client:~# pkg unset-publisher solaris
Updating package cache                           1/1
root@client:~# pkg set-publisher -O http://psvsparc1:8080 solaris
root@client:~# pkg publisher
PUBLISHER                   TYPE     STATUS P LOCATION
solaris                     origin   online F http://psvsparc1:8080/

OK... at the end of the day we want to get updates... you will need an active support contract and then you can connect to the support repository... this example updates the local solaris repository to the latest or newest patchset / SRU avaiable at oracle. SSL files can be obtained from http://pkg-register.oracle.com/ 

root@psvsparc1:~# pkgrecv -s https://pkg.oracle.com/solaris/support -d /ai/repo \
> --key /var/pkg/ssl/pkg.oracle.com.key.pem \
> --cert /var/pkg/ssl/pkg.oracle.com.certificate.pem -m latest '*'
Processing packages for publisher solaris ...
Retrieving and evaluating 6949 package(s)...
PROCESS                                         ITEMS    GET (MB)   SEND (MB)
Completed                                   1191/1191   2836/2836   4383/4383

root@psvsparc1:~#
root@psvsparc1:~# pkgrepo -s /ai/repo refresh
Initiating repository refresh.
root@psvsparc1:~#

The client sees the GA version, his own installation and the newest one: 

root@client:~# pkg list -af entire
NAME (PUBLISHER)                                  VERSION                    IFO
entire (solaris)                                  0.5.11-0.175.3.11.0.6.0    ---
entire (solaris)                                  0.5.11-0.175.3.10.0.7.0    i--
entire (solaris)                                  0.5.11-0.175.3.1.0.5.0     ---
root@client:~#
other repositories

You might want to use other Oracle software repositories... no problem: 

root@psvsparc1:~#  zfs create -o atime=off rpool/ai/repo-ss
root@psvsparc1:~#  pkgrepo create /ai/repo-ss
root@psvsparc1:~#  pkgrecv --key /var/pkg/ssl/pkg.oracle.com.key.pem --cert /var/pkg/ssl/pkg.oracle.com.certificate.pem -s https://pkg.oracle.com/solarisstudio/support/ -d  /ai/repo-ss '*'
Retrieving and evaluating 347 package(s)...
PROCESS                                         ITEMS    GET (MB)   SEND (MB)
Completed                                     130/130   4667/4667 14730/14730

root@psvsparc1:~# pkgrepo -s /ai/repo-ss/ refresh
root@psvsparc1:~# pkgrepo get -s /ai/repo-ss
SECTION    PROPERTY                     VALUE
publisher  prefix                       ""
repository check-certificate-revocation False
repository signature-required-names     ()
repository trust-anchor-directory       /etc/certs/CA/
repository version                      4
root@psvsparc1:~# svccfg -s pkg/server add solarisstudio
root@psvsparc1:~# svccfg -s pkg/server:solarisstudio addpg pkg application
root@psvsparc1:~# svccfg -s pkg/server:solarisstudio setprop pkg/port=8082
root@psvsparc1:~# svccfg -s pkg/server:solarisstudio setprop pkg/inst_root=/ai/repo-ss
root@psvsparc1:~# svccfg -s pkg/server:solarisstudio addpg general framework
root@psvsparc1:~# svccfg -s pkg/server:solarisstudio addpropvalue general/enabled boolean: true
root@psvsparc1:~# svccfg -s pkg/server list
:properties
default
solarisstudio
root@psvsparc1:~# svcadm enable application/pkg/server:solarisstudio
root@psvsparc1:~#
root@psvsparc1:~#
root@psvsparc1:~#

And another one: 

root@psvsparc1:~# svccfg -s pkg/server add ha-cluster
root@psvsparc1:~# svccfg -s pkg/server:ha-cluster addpg pkg application
root@psvsparc1:~# svccfg -s pkg/server:ha-cluster setprop pkg/port=8081
root@psvsparc1:~# svccfg -s pkg/server:ha-cluster setprop pkg/inst_root=/ai/repo-sc
root@psvsparc1:~# svccfg -s pkg/server:ha-cluster addpg general framework
root@psvsparc1:~# svccfg -s pkg/server:ha-cluster addpropvalue general/enabled boolean: true
root@psvsparc1:~# svccfg -s pkg/server list
:properties
default
solarisstudio
ha-cluster
root@psvsparc1:~#
root@psvsparc1:~# svcadm enable application/pkg/server:ha-cluster
root@psvsparc1:~# svcs -a | grep ha-cluster
online         14:34:23 svc:/application/pkg/server:ha-cluster
root@psvsparc1:~#
root@psvsparc1:~# netstat -aun | grep 808
      *.8082               *.*            root       4414 pkg.depotd          0      0  128000      0 LISTEN
      *.8081               *.*            root       3940 pkg.depotd          0      0  128000      0 LISTEN
      *.8080               *.*            root       2081 pkg.depotd          0      0  128000      0 LISTEN
root@psvsparc1:~#

Client: 

root@client:~# pkg set-publisher -O http://psvsparc1:8081 ha-cluster
root@client:~# pkg publisher
PUBLISHER                   TYPE     STATUS P LOCATION
solaris                     origin   online F http://psvsparc1:8080/
ha-cluster                  origin   online F http://psvsparc1:8081/
root@client:~# pkg list -af ha-cluster/group-package/ha-cluster-framework-full
NAME (PUBLISHER)                                  VERSION                    IFO
ha-cluster/group-package/ha-cluster-framework-full (ha-cluster) 4.3-0.24.0                 ---
ha-cluster/group-package/ha-cluster-framework-full (ha-cluster) 4.2-0.30.0                 ---
ha-cluster/group-package/ha-cluster-framework-full (ha-cluster) 4.1-0.18.2                 ---
ha-cluster/group-package/ha-cluster-framework-full (ha-cluster) 4.0.0-0.22.1               ---
root@client:~# pkg set-publisher -O http://psvsparc1:8082 solarisstudio
root@client:~# pkg publisher
PUBLISHER                   TYPE     STATUS P LOCATION
solaris                     origin   online F http://psvsparc1:8080/
ha-cluster                  origin   online F http://psvsparc1:8081/
solarisstudio               origin   online F http://psvsparc1:8082/
root@client:~#

Performance

Tried once to update around 50 Solaris boxes and ran into a time-out on some... found that on docs.oracle.com 

# svccfg -s application/pkg/server:default setprop pkg/threads=200
# svcadm refresh application/pkg/server:default
# svcadm restart application/pkg/server:default
Retrieved from "http://wiki.pressy.net/index.php?title=Local_Repository&oldid=223"