有时候做项目,甲方对服务器安全管理比较严格,服务器环境全部都没有Internet网络,有时候通过堡垒机从项目服务器上传或下载操作,还要走申请审核才放开权限,所以往往在部署项目时会很不便,有时还因定期漏洞扫描,需要更新补丁包,所以根据没有Internet网络环境安装软件包常见方式有三种。

  • 上传系统DVD ISO镜像到指定服务器挂载,并配置本地yum源。
  • 在本地部署项目系统同环境,通过编译安装软件或者库,在打包上传到项目服务器。
  • 根据第一种方式通过Nginx反代,再把内网其他yum源配置改成内网URL,让内网其他服务器无Internet网络也能快速安装软件。

所以本次操作是按第一种方法配置本地离线yum源。

1、创建ISO镜像存放和挂载目录

Terminal window
mkdir -pv /mnt/{iso,cdrom}

iso目录是存放系统ISO镜像目录 cdrom目录则是挂载目录

2、挂载ISO镜像

Terminal window
mount -o loop /mnt/iso/CentOS-7-x86_64-DVD-2009.iso /mnt/cdrom
df -Th  # 查看挂载是否成功

ls -l查看cdrom挂载目录信息

Terminal window
-rw-r--r--.  3 root root     14 Oct 30  2020 CentOS_BuildTag
drwxr-xr-x.  3 root root   2048 Oct 27  2020 EFI
-rw-rw-r--. 21 root root    227 Aug 30  2017 EULA
-rw-rw-r--. 21 root root  18009 Dec 10  2015 GPL
drwxr-xr-x.  3 root root   2048 Oct 27  2020 images
drwxr-xr-x.  2 root root   2048 Nov  3  2020 isolinux
drwxr-xr-x.  2 root root   2048 Oct 27  2020 LiveOS
drwxr-xr-x.  2 root root 673792 Nov  4  2020 Packages
drwxr-xr-x.  2 root root   4096 Nov  4  2020 repodata
-rw-rw-r--. 21 root root   1690 Dec 10  2015 RPM-GPG-KEY-CentOS-7
-rw-rw-r--. 21 root root   1690 Dec 10  2015 RPM-GPG-KEY-CentOS-Testing-7
-r--r--r--.  1 root root   2883 Nov  4  2020 TRANS.TBL

3、配置本地Yum源 创建本地repo文件并配置

Terminal window
mkdir -pv /opt/repo_bak
mv /etc/yum.repos.d/*.repo /opt/repo_bak/
touch /etc/yum.repos.d/local.repo

local.repo文件添加如下配置

Terminal window
[local]
name=local
baseurl=file:///mnt/cdrom    # /mnt/cdrom是挂载ISO镜像目录
gpgcheck=0
enabled=1
gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-CentOS-7

⚠️ 注意 都使用离线Yum源了,系统自带的Yum源文件(在/etc/yum.repos.d/目录下)则先备份再删除,不然重新yum makecache操作会失败,并输出以下信息。

Terminal window
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org"




 One of the configured repositories failed (Unknown),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:


     1. Contact the upstream for the repository and get them to fix the problem.


     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).


     3. Run the command with the repository temporarily disabled
            yum --disablerepo=<repoid> ...


     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:


            yum-config-manager --disable <repoid>
        or
            subscription-manager repos --disable=<repoid>


     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:


            yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true


Cannot find a valid baseurl for repo: base/7/x86_64

4、更新本地Yum源并验证

Terminal window
[root@localhost ~]# yum clean all      # 清除本地所有yum缓存
Loaded plugins: fastestmirror, langpacks
Cleaning repos: local
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
Cleaning up list of fastest mirrors
[root@localhost ~]# yum makecache      # 重新生成本地yum缓存
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
local                                                                                            | 3.6 kB  00:00:00
(1/4): local/group_gz                                                                            | 153 kB  00:00:00
(2/4): local/filelists_db                                                                        | 3.3 MB  00:00:00
(3/4): local/primary_db                                                                          | 3.3 MB  00:00:00
(4/4): local/other_db                                                                            | 1.3 MB  00:00:00
Metadata Cache Created
[root@localhost ~]# yum search openssl     # 验证本地yum源
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
================================================= N/S matched: openssl =================================================
apr-util-openssl.x86_64 : APR utility library OpenSSL crytpo support
openssl-devel.x86_64 : Files for development of applications which will use OpenSSL
perl-Crypt-OpenSSL-Bignum.x86_64 : Perl interface to OpenSSL for Bignum
perl-Crypt-OpenSSL-RSA.x86_64 : Perl interface to OpenSSL for RSA
perl-Crypt-OpenSSL-Random.x86_64 : Perl interface to OpenSSL for Random
pyOpenSSL.x86_64 : Python wrapper module around the OpenSSL library
xmlsec1-openssl.x86_64 : OpenSSL crypto plugin for XML Security Library
m2crypto.x86_64 : Support for using OpenSSL in python scripts
nss_compat_ossl.x86_64 : Source-level compatibility library for OpenSSL to NSS porting
openssl.x86_64 : Utilities from the general purpose cryptography library with TLS implementation
openssl-libs.x86_64 : A general purpose cryptography library with TLS implementation
openssl098e.x86_64 : A compatibility version of a general cryptography and TLS library
perl-Crypt-SSLeay.x86_64 : Crypt::SSLeay - OpenSSL glue that provides LWP https support
perl-Net-SSLeay.x86_64 : Perl extension for using OpenSSL
qca-ossl.x86_64 : OpenSSL plugin for the Qt Cryptographic Architecture v2


  Name and summary matches only, use "search all" for everything.
[root@localhost ~]#
Centos 7挂载ISO镜像配置本地离线Yum源
https://huoshen.pages.dev/cn/p/ae84c963/
作者
Koevn
发布于
许可协议
CC BY-NC-SA 4.0