We do have an update infrastructure in place by default for Red Hat VMs created from the Platform image on Azure :
Red Hat Update Infrastructure for on-demand Red Hat Enterprise Linux VMs in Azure
However, we have seen that some customers having large environments choose to manage the updates centrally and in a more granular manner within their organization.
For this, they need to configure a local repository on one of their servers, by downloading the packages from the RHUI.
Here is how we can create this local repository on Azure.
Red Hat shares an article below for creating a local mirror :
How to create a local mirror of the latest update for Red Hat Enterprise Linux 5, 6, 7 without using Satellite server?
Run the command below on the server where the repo needs to be configured :
yum install yum-utils createrepo
Create the directory to be used for the repo :
Run the commands below to check the available repos from RHUI :
Run the command below to sync them locally in the specified directory :
reposync --gpgcheck -l --repoid=rhui-rhel-7-server-rhui-rpms --download_path=/testrepo
Note there are multiple repo ids available. We need to pick the ones needed, and run the command multiple times if required.
We can download all the packages locally from RHUI using this method.
The packages get updated in RHUI every day and every few hours, and these would need to be synced on the local repo too.
Hence, we may determine an interval as practical for the environment and sync them locally at a appropriate frequency.
Once the local repository is ready, this may need to be accessible over a shared url.
We can use FTP or https share for this.
Steps for FTP below :
Install vsftpd package :
yum install -y vsftpd*
Edit the configuration file to have the content below :
#Disable anonymous user Access to secure FTP server
Allow local users to login in vsftpd.
Enable write access to local users.
Uncomment the line chroot_local_user
Enable writable chroot.
systemctl restart vsftpd.service
systemctl enable vsftpd.service
Apply SELinux context to ftp directory :
semanage fcontext -a -t public_content_rw_t "/<directory>(/.*)?"
restorecon -R /<directory>
setsebool -P ftpd_anon_write 1 OR on
chown ftp /<directory>
The client would be able to access the share using url like below :