构建openstack YUM源(openstack-kilo on centos7)

8月 10th, 2016
构建openstack YUM源(openstack-kilo on centos7)
1.对于企业的openstack私有云,出于安全和某些因素的考虑,有些服务器无法访问公网,导致服务器无法更新某些RPM包,同时内部常有openstack新特性开发需求,版本的维护与升级,因此非常有必要构建企业私有的openstack YUM源;
1.1构建openstack YUM源有两个步骤:
    1.同步(下载)官方的源至企业yum服务器中;
    2.重新创建repo并通过nginx(apache)发布;
1.2设置用户名:
hostnamectl set-hostname cloud.htsec.com;
1.3修改/etc/sysconfig/network-scripts/ifcfg-enp0s3文件来设置静态IP:
    TYPE=Ethernet               #网络类型
    DEVICE=enp0s3               #网卡地址代号/子代号
    ONBOOT=yes                  #开机运行
    BOOTPROTO=static            #使用协议(静态)
    IPADDR=192.168.10.200       #IP地址
    NETMASK=255.255.255.0       #子网掩码
    GATEWAY=192.168.10.1        #网关
    HWADDR=00:16:3E:89:85:38    #MAC地址
    BROADCAST=216.18.194.199    #广播地址
    DNS1=8.8.8.8                #域名解析服务器1
    DNS2=8.8.4.4                #域名解析服务器2
1.4手动修改/etc/hosts文件:
192.168.10.200  cloud.htsec.com         cloud
1.5禁用selinux:
setenforce 0
1.6关闭防火墙:
systemctl stop firewalld.service
systemctl disable firewalld.service
systemctl status firewalld.service
1.7关闭网络管理:
service NetManager stop
1.8配置每个节点的公钥访问;
1.9配置NTP服务器;
2.YUM源下载:
2.1安装openstack需要用到8个repo,分两类:
    1.Centos源:CentOS-Base.repo,CentOS-Debuginfo.repo,CentOS-Media.repo,CentOS-Vault.repo;
    2.openstack源及相关依赖源(epel,foreman,puppet):epel.repo,foreman.repo,puppetlabs.repo,rdo-release.repo;
2.2openstack源地址:
    1.所有版本的openstack源:https://repos.fedorapeople.org/repos/openstack/
    2.openstack-kilo版本源:https://repos.fedorapeople.org/repos/openstack/openstack-kilo/
2.3下载openstack-kilo源:
wget -S -c -r -np -L https://repos.fedorapeople.org/repos/openstack/openstack-kilo/
wget -S -c -r -np -L https://repos.fedorapeople.org/repos/openstack/openstack-juno/
2.4下载epel源:
wget -S -c -r -np -L http://mirrors.yun-idc.com/epel/7/
2.5下载puppetlabs源:
wget -S -c -r -np -L https://yum.puppetlabs.com/el/7/
2.6下载foreman源:
wget -S -c -r -np -L http://yum.theforeman.org/plugins/1.10/el7/
wget -S -c -r -np -L http://yum.theforeman.org/releases/1.10/el7/
2.7下载nginx:
wget -S -c -r -np -L http://nginx.org/packages/centos/7/
2.8CentOS的源可以通过国内的镜像下载:
wget -S -c -r -np -L http://mirrors.sohu.com/centos/7
2.9调整目录结构:
2.9.1创建新的目录:
mkdir -p openstack-kilo openstack-juno epel puppetlabs foreman centos nginx;
2.9.2移动文件:
mv repos.fedorapeople.org/repos/openstack/openstack-kilo/* openstack-kilo/;
mv repos.fedorapeople.org/repos/openstack/openstack-juno/* openstack-juno/;
mv mirrors.yun-idc.com/epel/* epel/;
mv yum.puppetlabs.com/el/* puppetlabs/;
mv yum.theforeman.org/plugins foreman/;
mv yum.theforeman.org/releases foreman/;
mv mirrors.sohu.com/centos/* centos/
mv nginx.org/packages/centos/ nginx/
2.9.3删除不需要的软件包和文件:
find ./ -name index.html* -exec rm -rf {} \;
find ./ -name fedora-* -exec rm -rf {} \;
rm -rf repos.fedorapeople.org/
rm -rf mirrors.yun-idc.com/
rm -rf yum.puppetlabs.com/
rm -rf yum.theforeman.org/
rm -rf mirrors.sohu.com/
rm -rf nginx.org/
3.Nginx配置:
3.1安装nginx rpm包:
rpm -ivh /openstack/nginx/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
3.2修改/etc/yum.repos.d/nginx.repo文件,把yum源指向本地;
[nginx]
name=nginx repo
baseurl=file:///openstack/nginx/centos/7/x86_64
gpgcheck=0
enabled=1
3.3安装nginx:yum install -y nginx;
3.4修改/etc/nginx/conf.d/default.conf文件配置nginx:
server {
    listen       80;
    server_name  cloud.htsec.com;
    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;
    location / {
        #root   /usr/share/nginx/html;
        root   /openstack;
        autoindex on;
        index  index.html index.htm;
    }
    #error_page  404              /404.html;
    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}
    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}
    # deny access to .htaccess files, if Apache’s document root
    # concurs with nginx’s one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}
3.5服务重启:
systemctl enable nginx
systemctl start nginx
systemctl check nginx
4.制作rdo-release.rpm:
4.1下载rdo-release-kilo-1.src.rpm源码包:
[root@cloud ~]# wget http://cloud.htsec.com/openstack-kilo/rdo-release-kilo-1.src.rpm
4.2创建alan用户和组:
useradd alan;
4.3解压rpm包,会在~目录生成一个rpmbuild目录(其中SOURCE目录下存放repo文件,SPECS目录下存放spec文件):
rpm -i rdo-release-kilo-1.src.rpm;
4.4修改并添加repo文件:
vi rdo-release.repo
[openstack-kilo]
name=OpenStack Kilo Repository
baseurl=http://cloud.htsec.com/openstack-kilo/el7/
skip_if_unavailable=0
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-kilo
vi rdo-testing.repo
[openstack-kilo-testing]
name=OpenStack Kilo Testing
baseurl=http://cloud.htsec.com/openstack-kilo/testing/el7
skip_if_unavailable=0
gpgcheck=0
enabled=0
vi epel.repo
[epel]
name=EPEL Repository
baseurl=http://cloud.htsec.com/epel/7/x86_64
skip_if_unavailable=0
enabled=1
gpgcheck=0
vi foreman.repo
[foreman-releases]
name=Foreman Releases Repository
baseurl=http://cloud.htsec.com/foreman/releases/1.10/el7/x86_64
enabled=1
gpgcheck=0
[foreman-releases-source]
name=Foreman Releases Source Repository
baseurl=http://cloud.htsec.com/foreman/releases/1.10/el7/source
enabled=1
gpgcheck=0
[foreman-plugins]
name=Foreman Plugins Repository
baseurl=http://cloud.htsec.com/foreman/plugins/1.10/el7/x86_64
enabled=1
gpgcheck=0
[foreman-plugins-source]
name=Foreman Plugins Source Repository
baseurl=http://cloud.htsec.com/foreman/plugins/1.10/el7/source
enabled=1
gpgcheck=0
vi puppetlabs.repo
[puppetlabs-products]
name=Puppet Labs Products
baseurl=http://cloud.htsec.com/puppetlabs/7/products/x86_64
enabled=1
gpgcheck=0
[puppetlabs-deps]
name=Puppet Labs Dependencies
baseurl=http://cloud.htsec.com/puppetlabs/7/dependencies/x86_64
enabled=1
gpgcheck=0
[puppetlabs-devel]
name=Puppet Labs Devel
baseurl=http://cloud.htsec.com/puppetlabs/7/devel/x86_64
enabled=1
gpgcheck=0
vi centos.repo
[base]
name=CentOS7 Base Repository
baseurl=http://cloud.htsec.com/centos/7/os/x86_64
enabled=1
gpgcheck=0
[updates]
name=CentOS7 Updates Repository
baseurl=http://cloud.htsec.com/centos/7/updates/x86_64
enabled=1
gpgcheck=0
[extras]
name=CentOS7 Extras Repository
baseurl=http://cloud.htsec.com/centos/7/extras/x86_64/
enabled=1
gpgcheck=0
[centosplus]
name=CentOS7 Plus Repository
baseurl=http://cloud.htsec.com/centos/7/centosplus/x86_64/
enabled=1
gpgcheck=0
4.5修改.spec文件内容:
vi rdo-release.spec
Name:           rdo-release
Version:        kilo
Release:        1
Summary:        RDO repository configuration
Group:          System Environment/Base
License:        Apache2
URL:            https://github.com/redhat-openstack/rdo-release
Source0:        rdo-release.repo
Source2:        rdo-testing.repo
Source1:        RPM-GPG-KEY-RDO-kilo
Source3:        epel.repo
Source4:        foreman.repo
Source5:        puppetlabs.repo
Source6:        centos.repo
Source7:        RPM-GPG-KEY-CentOS-7
BuildArch:      noarch
%description
This package contains the RDO repository
%install
install -p -d %{buildroot}%{_sysconfdir}/yum.repos.d
install -p -m 644 %{SOURCE0} %{buildroot}%{_sysconfdir}/yum.repos.d
install -p -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/yum.repos.d
install -p -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/yum.repos.d
install -p -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/yum.repos.d
install -p -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/yum.repos.d
install -p -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/yum.repos.d
#GPG Keys
install -p -d %{buildroot}%{_sysconfdir}/pki/rpm-gpg
install -Dpm 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pki/rpm-gpg
install -Dpm 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/pki/rpm-gpg
%files
%{_sysconfdir}/yum.repos.d/*.repo
%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-*
%post
# Adjust repos as per dist and version
source /etc/os-release
DIST=$ID
RELEASEVER=$VERSION_ID
if [ “$DIST” != ‘fedora’ ]; then
  DIST=el
  FDIST=el
  # $releasever doesn’t seem to be a reliable way to get the major version on RHEL
  # e.g. if distroverpkg isn’t present in yum.conf mine was set to 6Server
  # because this was the version of the package redhat-release-server-6Server
  RELEASEVER=$(sed -e ‘s/.*release \([0-9]\+\).*/\1/’ /etc/system-release)
else
  FDIST=f
fi
for repo in rdo-release rdo-testing epel foreman puppetlabs centos ; do
  for var in DIST FDIST RELEASEVER; do
    sed -i -e “s/%$var%/$(eval echo \$$var)/g” %{_sysconfdir}/yum.repos.d/$repo.repo
  done
done
4.6重新打包rpm:
[root@cloud ~]# rpmbuild -ba rpmbuild/SPECS/rdo-release.spec
4.7把生成的rpm放到指定的目录:
[root@cloud ~]# mv /root/rpmbuild/RPMS/noarch/rdo-release-kilo-1.noarch.rpm /openstack/openstack-kilo/rdo-release-kilo-1-ht.noarch.rpm
[root@cloud ~]# mv /root/rpmbuild/SRPMS/rdo-release-kilo-1.src.rpm /openstack/openstack-kilo/rdo-release-kilo-1-ht.src.rpm
5.安装openstack-kilo:
wget http://cloud.htsec.com/openstack-kilo/rdo-release-kilo-1-ht.noarch.rpm
rpm -ivh rdo-release-kilo-1-ht.noarch.rpm –replacefiles
yum update -y
yum install -y openstack-packstack
packstack –allinone
标签:
目前还没有任何评论.