Not connected to the global network from the viewpoint of security such as the production environment, There are so-called standalone servers.
When you want to install additional libraries and packages on such a server How can I install it?
I've been addicted to my previous work, and I'd like to write a little summary of the solutions at that time. I hope it will be helpful to anyone.
At the end of the article, I introduce a script that automatically executes this method. (With GIF image) Since it was created by me personally, I do not guarantee the operation, but if you have a chance, please use it.
Define the words used in the article as follows:
word | Definition |
---|---|
Standalone environment | A server that does not connect to the global network. Place of installation. |
Local PC | My work PC. It is connected to the network. |
name | OS | version | Remarks |
---|---|---|---|
Standalone environment | CentOS | 7 | AWS EC2 (For verification) |
Local PC | macOS | Catalina | |
Docker container | CentOS | 7 |
Follow the procedure below.
Later in the article, I will explain the detailed procedure above.
If you don't have a Docker environment, you may be able to run it on your local PC. However, there may be cases where it does not work depending on the dependency. We recommend that you use a clean environment with almost nothing in it.
--Dependency may cause the installation to fail depending on the state of the standalone environment.
--For packages that have no dependencies and are single rpm, it is faster and easier to install with the rpm
command.
--With this method, we recommend that you install all the required packages at once.
Let's actually do it!
We have prepared AWS EC2 as a stand-alone server for use in the verification environment. In order to isolate it from the global network, communication other than ssh (port 22) is prohibited.
↓ Result of executing yum update
in a standalone environment
Launch a Docker container in the same environment as the standalone environment as much as possible. This time, we will launch a CentOS 7 container. When you get up, let's access the container.
$ docker run -itd --name centos7 centos:centos7
$ docker exec -it centos7 bash
First, create a directory to download the package to.
# mkdir standalone_install
Download all the packages required for the stand-alone environment in the created directory.
This time, I will download git
and ʻiproute2` (assortment of network commands) together.
By adding the --downloadonly
option, it is possible to execute only the download without installing.
# yum install -y --downloadonly --downloaddir=standalone_install git iproute2
yum install --downloadonly --downloaddir=<directory> <package> [^1]
If you look inside the downloaded directory, you will see that it contains a large number of rpm
files.
Install the repository creation command createrepo
.
# yum install -y createrepo
Create a repository using the create repo
command that you just installed.
Simply specify the directory and run it to create the metadata and act as a repository.
# createrepo standalone_install
↓ repodata
is the metadata created by the create repo
command.
The following procedure will move the file to the standalone environment, so compress the file if necessary.
Move the repository folder created by the createrepo
command to the standalone environment.
This time, it's a little troublesome, but move it according to the following procedure.
#exit ← Exit from the container. Ctrl+D is also OK.
$ docker cp centos7:/standalone_install/ ./
$ scp -r standalone_install standalone_ec2:/home/centos/
All that remains is to work in a standalone environment.
Create a .repo
file and set up the transferred repository.
The setting items are as follows.
item name | Setting items |
---|---|
name | The name of the repository |
baseurl | The path of the directory where the repository entity is located |
gpgcheck | ~~Guppigu check~~Whether to verify the GPG signature. 0=false,1=true |
$ sudo vi /etc/yum.repo.d/standalone_install.repo
[standalone_repo]
name=standalone_repo
baseurl=file:///home/centos/standalone_install/
gpgcheck=0
/
in file: ///
.Specify the repository with the --enablerepo
option to install the package.
At that time, --disablerepo = *
is set so that it does not go to search for external repositories.
(The --disablerepo
option must be set before the --enablerepo
)
$ sudo yum install -y --disablerepo=* --enablerepo=standalone_repo git iproute2
I was able to install it this way even in the verification environment (EC2)! (This image doesn't prove it at all ... lol)
The key points of this installation method are as follows.
--Use the same OS and version of Docker container as the standalone environment
--Downloading the rpm
file using the --downloadonly
option
--Creating a repository with the create repo
command
--Create a .repo
file and set up the repository
--Specify the repository with --enablerepo
and install
As I mentioned at the beginning of the article, I personally created a script that automatically executes this installation method. The Readme describes how to use it, so please use it if you have the opportunity. https://github.com/hesma2/standalone_install
↓ Operation image (Steps 1 to 3 are executed by one script)
-Use yum, just download without installing packages -yum | Create yum repository -6.3. YUM and YUM Repository Settings