This topic provides instructions for creating the Oracle Linux YUM repository server required for Kubernetes cluster deployment.

Procedure

  1. Install the following package, which include the utilities necessary to set up the repository. 
    # dnf install -y dnf-utils
  2. Create the following directories to hold the main OS and UEK respositories. 
    # mkdir -p /u01/repo/OracleLinux
# mkdir -p /u01/repo/logs
# mkdir -p /u01/repo/scripts
  3. Enable the YUM repositories in the below files: (The below example is with the default Installation of Oracle Linux):
    The ol8_baseos_latest and ol8_appstream repositories must be enabled in /etc/yum.repos.d/oracle-linux-ol8.repo file (enabled flag should be set to “1” For example: enabled=1)

    ol8_UEKR6 repository must be enabled in the /etc/yum.repos.d/uek-ol8.repo file (enabled flag should be set to “1” For ex: enabled=1)

    The reposync command is used to synchronize a remote YUM repository to a local directory.
    Execute the following commands to retrieve the packages using YUM. 
    # /usr/bin/reposync --newest-only --download-metadata --repoid=ol8_baseos_latest -p /u01/repo/OracleLinux
# /usr/bin/reposync --newest-only --download-metadata --repoid=ol8_appstream -p /u01/repo/OracleLinux
# /usr/bin/reposync --newest-only --download-metadata --repoid=ol8_UEKR6 -p /u01/repo/OracleLinux
    The first time, the repositories sync could take some time.
  4. Create a resync CRON job by performing the following steps:
    1. A resync of the Yum repositories involves repeating the reposync. You can script them and run them from the CRON. Create a script called /u01/repo/scripts/repo_sync.sh with the following contents. 
      #!/bin/bash

LOG_DIR=/u01/repo/logs
LOG_FILE=$LOG_DIR/repo_sync_$(date +%Y.%m.%d).log

if [ "$(ls -A "$LOG_DIR")" ]; then
      # If the directory is not empty, uncomment the find command
      find "$LOG_DIR"/repo_sync* -mtime +5 -delete >> "$LOG_FILE" 2>&1
else
      :
fi

# Sync repositories

/usr/bin/reposync --newest-only --download-metadata --refresh --
repoid=ol8_baseos_latest -p /u01/repo/OracleLinux >> $LOG_FILE 2>&1
/usr/bin/reposync --newest-only --download-metadata --refresh --repoid=ol8_appstream 
-p /u01/repo/OracleLinux >> $LOG_FILE 2>&1
/usr/bin/reposync --newest-only --download-metadata --refresh --repoid=ol8_UEKR6 
-p /u01/repo/OracleLinux >> $LOG_FILE 2>&1
    2. Run the executable file. 
      # chmod u+x /u01/repo/scripts/repo_sync.sh
    3. Set up a CRON job to run the scripts on a daily basis. The following script runs each day at 01:00. Use the crontab -e command to edit your user's CRON table:
      crontab -e
      Note: Add the following line at the end of the file: 
      0 1 * * * /u01/repo/scripts/repo_sync.sh > /dev/null 2>&1

      Save and exit the editor.

    4. Install the Apache HTTP servers, start it and make sure it restarts automatically on reboot.
      If you are using the Linux firewall, you must connect to port 80. 
      # dnf install -y httpd
# systemctl start httpd
# systemctl enable httpd
  5. Set permissions to Security-Enhanced Linux (SELinux).
    The modifications can be made permanent by changing the SELINUX parameter in the /etc/selinux/config file. The file contains an explanation of the allowable values. 
    # cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 

#
  6. Present the repositories using the HTTP server. 
    # mkdir -p /var/www/html/repo/OracleLinux/ol8_baseos_latest
# ln -s /u01/repo/OracleLinux/ol8_baseos_latest/ /var/www/html/repo/OracleLinux/ol8_baseos_latest/x86_64

# mkdir -p /var/www/html/repo/OracleLinux/ol8_appstream
# ln -s /u01/repo/OracleLinux/ol8_appstream/ /var/www/html/repo/OracleLinux/ol8_appstream/x86_64

# mkdir -p /var/www/html/repo/OracleLinux/ol8_UEKR6
# ln -s /u01/repo/OracleLinux/ol8_UEKR6/ /var/www/html/repo/OracleLinux/ol8_UEKR6/x86_64
  7. Copy the GPG key to the HTTP server. 
    cp /etc/pki/rpm-gpg/RPM-GPG-KEY-oracle /var/www/html/RPM-GPG-KEY-oracle-ol8