[[124049]]

對(duì)于企業(yè)的 Openstack 私有云，出于安全和某些因素的考慮，有些服務(wù)器無(wú)法訪問(wèn)公網(wǎng)，導(dǎo)致服務(wù)器無(wú)法更新某些 RPM 包，同時(shí)內(nèi)部常有 Openstack 新特性開(kāi)發(fā)需求、版本的維護(hù)與升級(jí)，因此非常有必要構(gòu)建企業(yè)私有的 openstack yum 源。 構(gòu)建 openstack yum 源有兩個(gè)步驟：1.同步(下載)官方的源至企業(yè) yum 服務(wù)器中；2. 重新創(chuàng)建 repo 并通過(guò) nginx(apache)發(fā)布。

Overview

以 Redhat Openstack 官網(wǎng)安裝手冊(cè)為例，安裝 Openstack 需要用到兩類共計(jì) 8 個(gè) repo，

1). Centos 源

CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo

2). openstack 源及相關(guān)依賴源(epel, foreman, puppet)：

epel.repo foreman.repo puppetlabs.repo rdo-release.repo

構(gòu)建本地源步驟

1.yum源文件下載

(1).下載必要工具：

[root@yumserver ~]# yum -y install wget

[root@yumserver ~]# yum -y install createrepo

(2).下載yum源到本地：

[root@yumserver ~]# mkdir -p /wget-yum

[root@yumserver ~]# cd /wget-yum

下載Centos 源：

[root@yumserver wget-yum]# wget -S -c -r -np -L http://mirrors.sohu.com/centos/6.5/

下載foreman源：

[root@yumserver wget-yum]# wget -S -c -r -np -L http://yum.theforeman.org/plugins/1.5/el6/

[root@yumserver wget-yum]# wget -S -c -r -np -L http://yum.theforeman.org/releases/1.5/el6/

下載epel源：

[root@yumserver wget-yum]# wget -S -c -r -np -L http://mirrors.yun-idc.com/epel/6/

下載puppetlabs源：

[root@yumserver wget-yum]# wget -S -c -r -np -L https://yum.puppetlabs.com/el/6/

下載openstack源：

[root@yumserver wget-yum]# wget -S -c -r -np -L https://repos.fedorapeople.org/repos/openstack/openstack-havana/

[root@yumserver wget-yum]# wget -S -c -r -np -L https://repos.fedorapeople.org/repos/openstack/openstack-icehouse/

(3).刪除不需要的軟件包和文件：

[root@yumserver wget-yum]# find ./ -name index.html* | xarge rm -rf

[root@yumserver wget-yum]# find ./ -name fedora-20 | xarge rm -rf

[root@yumserver wget-yum]# find ./ -name fedora-19 | xarge rm -rf

[root@yumserver wget-yum]# find ./ -name i386 | xarge rm -rf

(4).調(diào)整目錄結(jié)構(gòu)：

[root@yumserver wget-yum]# mkdir foreman

[root@yumserver wget-yum]# mv yum.theforeman.org/plugins foreman/

[root@yumserver wget-yum]# mv yum.theforeman.org/releases foreman/

[root@yumserver wget-yum]# rm -rf yum.theforeman.org

[root@yumserver wget-yum]# mv mirrors.yun-idc.com/epel ./

[root@yumserver wget-yum]# rm -rf mirrors.yun-idc.com

[root@yumserver wget-yum]# mkdir puppetlabs

[root@yumserver wget-yum]# mv yum.puppetlabs.com/el /puppetlabs/

[root@yumserver wget-yum]# rm -rf yum.puppetlabs.com

[root@yumserver wget-yum]# mv repos.fedorapeople.org/repos/openstack ./

[root@yumserver wget-yum]# rm -rf repos.fedorapeople.org

[root@yumserver wget-yum]# ls

centos epel foreman openstack puppetlabs

#p#

2.nginx配置：

[root@yumserver wget-yum]# rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm

[root@yumserver wget-yum]# yum -y install nginx

[root@yumserver wget-yum]# vi /etc/nginx/nginx.conf

<span style="color: rgb(69, 69, 69); font-family: Arial, sans-serif; font-size: 14px; line-height: 20px;">[root@yumserver&nbsp;wget-yum]# vi&nbsp;/etc/nginx/nginx.conf</span> 
user  nginx; 
worker_processes  8; 
error_log  /var/log/nginx/error.log warn; 
pid        /var/run/nginx.pid; 
events { 
    worker_connections  8192; 
} 
http { 
    autoindex on; 
    autoindex_exact_size off; 
    autoindex_localtime on; 
    charset utf-8,gbk;  
    include       /etc/nginx/mime.types; 
    default_type  application/octet-stream; 
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" ' 
                      '$status $body_bytes_sent "$http_referer" ' 
                      '"$http_user_agent" "$http_x_forwarded_for"'; 
    access_log  /var/log/nginx/access.log  main; 
    sendfile        on; 
    keepalive_timeout  65; 
    include /etc/nginx/conf.d/*.conf; 
} 
[root@yumserver wget-yum]# vi /etc/nginx/conf.d/default.conf 
  
server { 
    listen       80; 
    server_name  openstack-yum-server.cn; 
    location / { 
        #root   html; 
        root /wget-yum; 
        autoindex on; 
        index  index.html index.htm; 
    } 
    error_page   500 502 503 504  /50x.html; 
    location = /50x.html { 
        root   /usr/share/nginx/html; 
    } 
} 

[root@yumserver wget-yum]# /etc/init.d/nginx restart

3. release.rpm制作：

(1).下載icehouse源碼包：

[root@yumserver ~]# wget https://repos.fedorapeople.org/repos/openstack/openstack-icehouse/rdo-release-icehouse-4.src.rpm

(2).創(chuàng)建padraig用戶和組：

[root@yumserver ~]# groupadd -g 2000 padraig

[root@yumserver ~]# useradd -u 2000 -g padraig -m padraig -d /home -s /bin/bash

(3).解壓rpm，并修改各個(gè) .repo 文件的 url：

[root@yumserver ~]# rpm -i rdo-release-icehouse-4.src.rpm

修改 .repo 文件，以 rdo-release.repo 為例

[openstack-havana] 
name=OpenStack Havana Repository 
baseurl=http://openstack-yum-server.cn/openstack/openstack-havana/epel-6/ 
enabled=1 
skip_if_unavailable=0 
gpgcheck=0 
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-Havana 
priority=98 

(4).修改 .spec 文件內(nèi)容：

[root@yumserver ~]# cd rpmbuild/

[root@yumserver rpmbuild]#

SOURCES SPECS

[root@yumserver ~]# cd SPECS

[root@yumserver SPECS]# vi rdo-release.spec

URL: https://github.com/redhat-openstack/rdo-release

Source0: rdo-release.repo

Source1: RPM-GPG-KEY-RDO-Icehouse

Source2: foreman.repo

Source3: RPM-GPG-KEY-foreman

Source4: puppetlabs.repo

Source5: RPM-GPG-KEY-puppetlabs

Source6: epel.repo

Source7: RPM-GPG-KEY-EPEL-6

%install

install -p -D -m 644 %{SOURCE0} %{buildroot}%{_sysconfdir}/yum.repos.d/rdo-release.repo

install -p -D -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/yum.repos.d/foreman.repo

install -p -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/yum.repos.d/puppetlabs.repo

install -p -D -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/yum.repos.d/epel.repo

#GPG Keys

install -Dpm 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-RDO-Icehouse

install -Dpm 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-foreman

install -Dpm 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs

install -Dpm 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

for repo in rdo-release foreman puppetlabs epel ; do

(5).修改SOURCES文件內(nèi)容，并增加相應(yīng)文件：

[root@yumserver SPECS]# cd ../SOURCES

[root@yumserver SOURCES]# ls

epel.repo foreman.repo puppetlabs.repo rdo-release.repo RPM-GPG-KEY-EPEL-6 RPM-GPG-KEY-foreman RPM-GPG-KEY-puppetlabs RPM-GPG-KEY-RDO-Icehouse

(6).重新打包rpm：

[root@yumserver SPECS]# yum -y install rpm-build

[root@yumserver SPECS]# pwd

/root/rpmbuild/SPECS

[root@yumserver SPECS]# rpmbuild -ba rdo-release.spec

#p#

4. 解決依賴關(guān)系，創(chuàng)建倉(cāng)庫(kù)：

[root@yumserver updates]# ls

repodata x86_64

[root@yumserver updates]# pwd

yum-repo/openstack/openstack-icehouse/updates

[root@yumserver updates]# createrepo x86_64

5. repo 更新 RPM 包：

createrepo x86_64 --update

**********************************************************************************************************************************

編譯后的rpm源碼包示例：

new-rdo-release-havana-8.0.src.rpm
new-rdo-release-icehouse-4.0.src.rpm

troubleshooting:

yum repolist 出現(xiàn)

[root@controller yum.repos.d]# yum repolist
Loaded plugins: axelget, fastestmirror, security
Loading mirror speeds from cached hostfile

http://openstack-yum-server/ceph/el6/x86_64/repodata/repomd.xml: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 403 Forbidden"
Trying other mirror.
http://openstack-yum-server/ceph/el6/noarch/repodata/repomd.xml: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 403 Forbidden"
Trying other mirror.
.....

解決方案：
1)
每個(gè) repo 配置新增 proxy=None
[openstack-havana-updates]

.....
_proxy_=None
2)

關(guān)閉防火墻， service iptables stop

原文出自：http://blog.csdn.net/wsfdl/article/details/41808939