What is a repository manager

Repository management with Pulp

Pulp enables the admin to consolidate many different software repositories in one central place. Pulp can draw on a wide variety of sources, for example querying a regular Yum server is just as problem-free as accessing the Red Hat Network or software packages that are available via a web server. Pulp does not act as a proxy between the clients and the various repositories, but mirrors the packets locally and updates them at a specified interval. It is therefore necessary to ensure that there is sufficient disk space in advance.

However, Pulp can also outsource individual repositories to external servers. The whole thing is called a content delivery server in Pulp terminology. The central server simply routes certain client requests to external servers, which then answer the request. This makes it very easy to set up geographically distributed systems. With the help of finely granulated access rules, Pulp ensures that clients are only allowed to query certain repositories. The authentication of users can even be done for an LDAP server, which also ensures use in very large environments.

The software can also score points in the reporting area. There is not only a history that shows which client system has accessed which repository and when, the current package status of the clients can also be displayed. This makes it very easy to find out if an important update has not yet been installed on a system. For admins who are keen to experiment, it is certainly also interesting to mention that Pulp has a residual API with which many of the tasks that arise can be automated very conveniently for scripts. The complete architecture of a pulp environment is shown in Figure 1.

Figure 1: Many different components work together at Pulp.

installation

Ready-made RPM packages for Fedora, Red Hat Enterprise Linux and Cent OS are currently available for the use of Pulp [2]. Access to the source code is possible via a corresponding Git repository [3]. After downloading the appropriate Yum repository configuration file, the server can be installed as usual using Yum (Listing 1).

 

After the MongoDB database has been initialized, the server is ready for use. Make sure that the appropriate server name is listed in the configuration file »« and that client systems have access to ports 5672, 5674 and 443.

The client systems also need access to the aforementioned pulp repository. It is easiest to specify this when installing the systems. If the systems are installed automatically using Kickstart, the corresponding client software can be installed and configured at the same time. The systems are then ready for use immediately after installation and manual configuration is not required.

The client package is called "" and ideally should also be installed on the server. This is necessary for admin work. It is important that the configuration file of the client software "" is adapted accordingly so that all references to the server take place via the FQDN (fully qualified domain name) (Listing 2). This is important, otherwise the server's certificate verification will fail. The FQDN of the server is in the certificate. If the client tries to access it using a different name, the software complains about a wrong name. Then start the client agent accordingly (»«).

Server name in the configuration

 

If a content delivery server is to be used in addition to the actual server, the »« package must be installed. The service must then be configured via the configuration file »« and started with »«.

Pulp comes with an admin account by default. The first thing to do is to change it:

# pulp-admin -u admin -p admin user ↩ update --username admin --password Enter new password for user admin: Re-enter new password for user admin: Successfully updated [admin]

Any administrative action on the server requires prior authentication. So that the user name and password are not requested for every command, it is advisable to log on to the server once and save the user credentials (in the form of a user certificate) under "". You can use the command »« to bring them back to nirvana, for example if you need to log in with other credentials:

# pulp-admin auth login -u admin -p ↩ password User credentials successfully stored at ↩ [/home/pulp-user/.pulp]

New users can be added and deleted or modified using the »« command. In order to assign certain rights to the user, the account must be modified accordingly using the »« command and given the necessary rights. Instead of assigning rights to individual users, there is also the option of assigning certain roles to them and then giving the roles the desired rights. This makes it easier to group individual users with similar rights. Existing roles are shown by Pulp with the command »«, which rights a role has, you can find out with the command »« (Listing 3).

Assign rights via roles

 

Repositories and distributions

In order to supply the server with data, the administrator has to synchronize the desired repositories. Pulp understands a repository to be the collection of software RPMs, update RPMs and installation files (distributions) such as the kernel and initrd. A repository is created and then synchronized with the following command line call:

# pulp-admin repo create --id Fedora14↩ -x86_64 --feed yum: http: //download.fedora↩ project.org/pub/fedora/linux/releases/14/↩ Everything / x86_64 / os / Successfully created repository [example] # pulp-admin repo sync --id Fedora14-x86_64

Pulp indicates the status of the synchronization with the command »«. There are also other very useful commands with which the admin can adjust the repository. For example, it is possible to create filters so that certain packets are not synchronized. The automatic update of a repository is also possible using the »« option. This must either be specified directly when creating the repository, or afterwards. The »« command allows individual configuration settings to be changed later.

Pulp displays an overview of all distributions with »« (Listing 4). When installing a new system, the URL to the desired distribution can be specified at the same time, so that the installation program can download the necessary kernel, initrd and installer files directly from here.

 

If the package »« is already installed on a client and configured accordingly, you must register it with the Pulp server in the next step. This is done by calling "". This step can of course be automated in the same way as the installation of the package, for example as part of a kickstart profile. With »« the client then receives a list of all available repositories on the server (Listing 5). The line »« shows in cron format when the repository is to be updated. In the example, every day at 0:10.

Overview of the repositories

 

comments powered by Disqus