本文介绍了如何在局域网中自建Centos软件镜像仓库,配置base、extras、updates及epel源的方法。
部署前提:
如果只是部署base仓库,可以在离线环境;如果需要有extras、updates及epel则该服务器需要处于联网环境。
建立用户及安装依赖包:
groupadd nginx && useradd -r -g nginx nginx
yum -y install gcc gcc-c++ glibc openssl openssl-devel pcre-devel zlib-devel
yum group install "Development Tools"安装nginx:
cd /opt/Downloads
wget http://download.wenjun1984.cn/Nginx/tengine-2.3.2.tar.gz
tar -zxvf tengine-2.3.2.tar.gz && cd tengine-2.3.2
./configure --user=nginx --group=nginx \
--prefix=/opt/Apps/nginx \
--pid-path=/opt/Apps/nginx/nginx.pid \
--lock-path=/opt/Apps/nginx/nginx.lock \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-http_slice_module \
--with-mail \
--with-mail_ssl_module \
--with-file-aio \
--with-http_v2_module \
--add-module=modules/ngx_backtrace_module \
--add-module=modules/ngx_debug_pool \
--add-module=modules/ngx_debug_timer \
--add-module=modules/ngx_http_concat_module \
--add-module=modules/ngx_http_footer_filter_module \
--add-module=modules/ngx_http_proxy_connect_module \
--add-module=modules/ngx_http_reqstat_module \
--add-module=modules/ngx_http_slice_module \
--add-module=modules/ngx_http_sysguard_module \
--add-module=modules/ngx_http_trim_filter_module \
--add-module=modules/ngx_http_upstream_check_module \
--add-module=modules/ngx_http_upstream_consistent_hash_module \
--add-module=modules/ngx_http_upstream_dynamic_module \
--add-module=modules/ngx_http_upstream_dyups_module \
--add-module=modules/ngx_http_upstream_session_sticky_module \
--add-module=modules/ngx_http_user_agent_module,编译nginx。
make && make install
/opt/Apps/nginx/sbin/nginx -V配置nginx:
mkdir /opt/Apps/nginx/conf/conf.d
# 修改配置文件:
vim /opt/Apps/nginx/conf/nginx.conf
user nginx nginx;
worker_processes 2;
worker_rlimit_nofile 65536;
events {
use epoll;
worker_connections 10240;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
log_format main
'{"@timestamp":"$time_iso8601",'
'"@source":"$server_addr",'
'"hostname":"$hostname",'
'"ip":"$http_x_forwarded_for",'
'"client":"$remote_addr",'
'"request_method":"$request_method",'
'"scheme":"$scheme",'
'"domain":"$server_name",'
'"referer":"$http_referer",'
'"request":"$request_uri",'
'"args":"$args",'
'"size":$body_bytes_sent,'
'"status": $status,'
'"responsetime":$request_time,'
'"upstreamtime":"$upstream_response_time",'
'"upstreamaddr":"$upstream_addr",'
'"http_user_agent":"$http_user_agent",'
'"https":"$https"'
'}';
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128m;
fastcgi_cache_path /opt/Apps/nginx/nginx_fastcgi levels=1:2 keys_zone=fastcgi:30m max_size=100m;
proxy_connect_timeout 120;
proxy_send_timeout 120;
proxy_read_timeout 120;
proxy_buffer_size 8k;
proxy_buffers 4 8k;
proxy_busy_buffers_size 16k;
proxy_temp_file_write_size 16k;
proxy_max_temp_file_size 1024m;
proxy_cache_path /opt/Apps/nginx/nginx_proxy levels=1:2 keys_zone=proxy:30m max_size=100m;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 8;
gzip_proxied any;
gzip_types text/plain application/x-javascript text/css application/xml image/png image/jpeg image/gif audio/ogg audio/mp3 application/javascript text/javascript;
gzip_vary on;
include /opt/Apps/nginx/conf/conf.d/*.conf;
}
stream {
include /opt/Apps/nginx/conf/conf.d/*.stream;
}配置repo站点:
vim /opt/Apps/nginx/conf/conf.d/repo.conf
server {
listen 80;
server_name yum.test.com;
access_log /opt/Apps/nginx/logs/repo_access.log main;
error_log /opt/Apps/nginx/logs/repo_error.log error;
location / {
root /opt/Apps/repo;
index index.html index.htm;
autoindex on;
autoindex_exact_size on;
autoindex_localtime on;
}
}/opt/Apps/repo即为之后创建的镜像仓库地址。
配置Nginx服务
vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/opt/Apps/nginx/nginx.pid
ExecStartPre=/usr/bin/rm -f /opt/Apps/nginx/nginx.pid
ExecStartPre=/opt/Apps/nginx/sbin/nginx -t
ExecStart=/opt/Apps/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=65535
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target启动Nginx
systemctl enable nginx.service
systemctl start nginx.service
安装必要软件:
yum install -y yum-utils
yum install -y createrepo
yum install -y wget
制作base仓库
mkdir -p /opt/Apps/repo/centos/7/base
# base仓库需要挂载一个CentOS的完整镜像
mkdir -p /mnt/centos79
mount -t iso9660 -o loop /opt/Downloads/CentOS-7-x86_64-DVD-2009.iso /mnt/centos79/
cp -r /mnt/centos79/* /opt/Apps/repo/centos/7/base/
createrepo /opt/Apps/repo/centos/7/base/以下操作需要全量下载软件包,等待时间较长。
制作extras仓库
reposync -r extras -p /opt/Apps/repo/centos/7
createrepo /opt/Apps/repo/centos/7/extras
制作updates仓库
reposync -r updates -p /opt/Apps/repo/centos/7
createrepo /opt/Apps/repo/centos/7/updates
制作epel仓库
reposync -r epel -p /opt/Apps/repo/centos/
createrepo /opt/Apps/repo/centos/7/epel/制作group仓库:
mkdir /opt/Apps/repo/centos/7/group/
cd /opt/Apps/repo/centos/7/group/
wget http://download.wenjun1984.cn/CentOS/comps.xml
createrepo -g /opt/Apps/repo/centos/7/group/comps.xml /opt/Apps/repo/centos/7/base/分配一个域名,指向yum仓库,比如:yum.test.com
找任意一台与镜像仓库网络联通的服务器进行测试。
创建repo源:
rm -rf /etc/yum.repos.d/*.repo
vim /etc/yum.repos.d/Dominos.repo
# 不需要的仓库可以注释掉
# 内网仓库全部关闭gpgcheck校验
# base仓库
[base]
name=Dominos Local CentOS7 Base
baseurl=http://yum.test.com/centos/7/base
enabled=1
gpgcheck=0
# extras仓库
[extras]
name=Dominos Local CentOS7 Extras
baseurl=http://yum.test.com/centos/7/extras
enabled=1
gpgcheck=0
# updates仓库
[updates]
name=Dominos Local CentOS7 Updates
baseurl=http://yum.test.com/centos/7/updates
enabled=1
gpgcheck=0
# epel仓库
[epel]
name=Dominos Local Extra Packages CentOS7
baseurl=http://yum.test.com/centos/7/epel
enabled=1
gpgcheck=0
加载repo源:
yum clean all
yum makecache
# 查看当前全部的repo源
yum repolist all测试repo源:
yum install nginx
yum group install "Development Tools"