Setting Up a Local ULN Mirror

A system that functions as a local ULN server mirrors channels in the Unbreakable Linux Network.

When you register an Oracle Linux system with ULN, that system is automatically subscribed to default channels in ULN, depending on the system's OS release and architecture. As such, the system can become a mirror to service clients that have the same OS and platform as the mirror.

However, you might also want the local ULN mirror to service clients that use different OS releases for other platforms. In this case, you would need to subscribe to any other channels that are required by those clients.

Note:

Mirroring ULN channels is often slower than mirroring yum repositories. Only consider creating a ULN mirror for channels that aren't otherwise available on the Oracle Linux yum server. Where possible, set up mirrors of Oracle Linux yum server repositories instead.

How to Configure the Local ULN Mirror

Setting up the system to be a local ULN mirror involves replicating channels from Unbreakable Linux Network.

The ULN mirror must meet the requirements described in Prerequisites for the Local Distribution Mirror. Also, you must have completed the following tasks:

For each step in this procedure, you can use either the ULN web interface or the uln-channel command. To display options that you can use with the uln-channel command, type uln-channel -h.

  1. Enable the system as a yum server.

    As a yum server, the system can subscribe to channels for OS versions and platforms other than the system's own OS and platform.

    • Using the ULN web interface

    1. On a browser, sign in at https://linux.oracle.com using valid SSO credentials.
    2. On the Systems tab, select the link named for the system chosen to be a ULN mirror.
    3. On the System Details page, select Edit.
    4. On the Edit System Properties page, select the Yum Server checkbox.
    5. Select Apply Changes.

    • Using the uln-channel command

    1. On the system's terminal window, type: 
      sudo uln-channel --enable-yum-server
    2. If prompted, specify the appropriate ULN username and authentication token.
  2. Subscribe the system to the channels that you intend to mirror.

    • Using the ULN web interface

    1. On the System Details page of the chosen ULN mirror, select Manage Subscriptions.
    2. On the System Summary page, select channels from the list of available or subscribed channels and select the arrows to move the channels between the lists.

      Note:

      If you have an Oracle Linux Support account and you want the mirror to host Ksplice packages for local Ksplice Offline clients, subscribe to the Ksplice for Oracle Linux channels for the architectures and Oracle Linux releases that you want to support.

    3. When you have finished selecting channels, select Save Subscriptions.

    • Using the uln-channel command

    1. On the system's terminal window, type: 
      sudo uln-channel -a -c channel [-c channel …]
    2. If prompted, specify the appropriate ULN username and authentication token.
    3. (Optional) To verify that the subscriptions completed successfully, type: 
      sudo uln-channel -l
  3. Create a protected and unprotected version of /etc/dnf/plugins/spacewalk.conf. For example:
    sudo cp /etc/dnf/plugins/spacewalk.conf /etc/dnf/plugins/spacewalk.conf.protected
sudo cp /etc/dnf/plugins/spacewalk.conf /etc/dnf/plugins/spacewalk.conf.unprotected

    Edit /etc/dnf/plugins/spacewalk.conf.protected to disable channels that you aren't using for the ULN mirror itself. See How to Localize Subscriptions for the ULN Mirror Server. This procedure disables the channels that don't apply to the system.

  4. Switch to the unprotected version of /etc/dnf/plugins/spacewalk.conf that enables all channels required for the mirror. For example:
    cp /etc/dnf/plugins/spacewalk.conf.unprotected /etc/dnf/plugins/spacewalk.conf
  5. Mirror the ULN Channels to the location of the base directory for the mirror. For example:
    sudo dnf reposync --delete --download-metadata -p /var/www/html/yum
    You can use the --repoid and --exclude options with the reposync command to control exactly which repositories you're mirroring and to help reduce disk space requirements by excluding source packages. For example:
    sudo dnf reposync --delete --download-metadata -p /var/www/html/yum \
 --repoid ol9_x86_64_baseos_latest \
 --exclude *.src,*.nosrc
sudo dnf reposync --delete --download-metadata -p /var/www/html/yum \
 --repoid ol9_x86_64_appstream \
 --exclude *.src,*.nosrc
  6. Switch to the protected version of /etc/dnf/plugins/spacewalk.conf that enables only those channels used by the system hosting the mirror. For example:
    sudo cp /etc/dnf/plugins/spacewalk.conf.protected /etc/dnf/plugins/spacewalk.conf
  7. Consider creating a cron script or systemd service and timer to regularly update the mirror. For example, create a file at /etc/cron.daily/uln-mirror-update that automatically switches to the unprotected version of /etc/dnf/plugins/spacewalk.conf, updates the mirror based on the channels enabled, then switches back to the protected version of /etc/dnf/plugins/spacewalk.conf. If the system is configured to use itself as a mirror, the local yum repository configuration must be disabled while the mirror is updated:
    #!/bin/bash
####### Regularly update yum repos ######

# Change DNF configuration to allow all repositories
cp /etc/dnf/plugins/spacewalk.conf.unprotected /etc/dnf/plugins/spacewalk.conf

# Check whether the system is configured as a client of itself
if [ -f /etc/yum.repos.d/local-yum.repo ]; then 
   mv /etc/yum.repos.d/local-yum.repo /etc/yum.repos.d/local-yum.repo.disabled;
fi

# Run the reposync. You can change this command to specify the 
# repoid and exclusions that you want for a more customized mirror

dnf reposync --delete --download-metadata -p /var/www/html/yum

# Change DNF configuration to use protected repositories
cp /etc/dnf/plugins/spacewalk.conf.protected /etc/dnf/plugins/spacewalk.conf

# Enable the yum configuration again
if [ -f /etc/yum.repos.d/local-yum.repo.disabled ]; then
   mv /etc/yum.repos.d/local-yum.repo.disabled /etc/yum.repos.d/local-yum.repo;
fi
    Ensure that the file is executable. For example: 
    sudo chmod +x /etc/cron.daily/uln-mirror-update

How to Localize Subscriptions for the ULN Mirror Server

Localizing the ULN mirror's channel subscriptions for the server hosting the mirror prevents the mirror's packages incompatible with the host system from being updated that would cause package collisions and damage package dependencies.

Ensure that you have subscribed to required channels to serve clients running different OS versions on different platforms, as described in How to Configure the Local ULN Mirror.

This task is required for ULN mirrors that serve heterogeneous clients. In this case, the mirror subscribes to multiple channels, including channels the host server itself doesn't need. You would need to configure the host server to prevent its own channel subscriptions from being updated with packages targeted for other clients.

Suppose that the server hosting the mirror is an Oracle Linux 9 system but the mirror is also serving Oracle Linux 8 clients on the x86_64 platform. The following steps would localize the Oracle Linux 9's channel subscriptions such that only those channels applicable to Oracle Linux 9 are enabled when not updating the ULN mirror:

  1. Identify the channels to which the server is subscribed.
    sudo dnf repolist
    ol8_addons                       Oracle Linux 8 Addons (x86_64)
ol8_appstream                    Oracle Linux 8 Application Stream (x86_64)
ol8_baseos_latest                Oracle Linux 8 BaseOS Latest (x86_64)
ol9_x86_64_UEKR7                 Oracle Linux 9 UEK Release 7 (x86_64)
ol9_x86_64_appstream             Oracle Linux 9 Application Stream Packages (x86_64)
ol9_x86_64_baseos_latest         Oracle Linux 9 BaseOS  Latest(x86_64)

    In addition to the system's own Oracle Linux 9 channels, the output would include Oracle Linux 8 channels intended for clients.

  2. Edit /etc/dnf/plugins/spacewalk.conf.protected to disable channel updates inapplicable to the server and enable those that are applicable.

    Use the following format:

    [repo_id]
enabled=0

    For the current example, you would disable all Oracle Linux 8 channels: 

    [ol8_addons]
enabled = 0

[ol8_appstream]
enabled = 0

[ol8_baseos_latest]
enabled = 0

[ol9_x86_64_UEKR7]
enabled = 1

[ol9_x86_64_appstream]
enabled = 1

[ol9_x86_64_baseos_latest]
enabled = 1

    Note:

    If you subsequently subscribe the system to any other incompatible channels on ULN, you must also disable those channels in /etc/dnf/plugins/spacewalk.conf.

  3. Edit /etc/dnf/plugins/spacewalk.conf.unprotected to enable all channels intended for the mirror.

    Use the following format:

    [repo_id]
enabled=0

    For the current example, you would enable both the Oracle Linux 8 and Oracle Linux 9 channels: 

    [ol8_addons]
enabled = 1

[ol8_appstream]
enabled = 1

[ol8_baseos_latest]
enabled = 1

[ol9_x86_64_UEKR7]
enabled = 1

[ol9_x86_64_appstream]
enabled = 1

[ol9_x86_64_baseos_latest]
enabled = 1