A S3 plugin for yum.
It is very convenient to run a yum-repository on S3. S3 frees you from running your own webserver. You also dont have to worry about scalability when tons of servers update.
createrepo and the awesome
all you need. However, this only works for public repositories ...
Public vs. protected repositories
S3 bucket can be make public. Public buckets can be accessed with plain http.
- enable "website feature" of your s3 bucket
- you dont need the s3-plugin. Everything works out of the box.
This is where yum-s3 kicks in. yum-s3 uses the Boto library to fetch objects from S3, which allows using credentials.
- run ./package to build a RPM
How to configure a S3 based repo
[repoprivate-pool-noarch] name=repoprivate-pool-noarch baseurl=http://<YOURBUCKET>.s3-website-eu-west-1.amazonaws.com/<YOURPATH> enabled=1 gpgcheck=0 priority=1 s3_enabled=1 key_id=<YOURKEY> secret_key=<YOURSECRET>
By default, this plugin disables repos not available on S3. To access these public repos, include the
--public-repos flag when calling the yum CLI.
YUM edge cases (baseurl)
The is a flaw/issue/bug in yum, that stops yum-s3 from working, when you use a createrepo with a baseurl.
Why should I want to do this?
Suppose you have different environments (CI, testing, production). You want to upload the RPM only once to save outgoing bandwidth. Normally you could create symlinks on a webserver, but this is not possible with S3. But Yum offers a dedicated feature (baseurl), what can be used to make this possible.
Repository layout with "pool"
repo/ pool/ i386/ myprogram-1.0.rpm myprogram-1.1.rpm myprogram-1.2.rpm env/ CI/ myprogram-1.2.rpm -> ../../pool/i386/myprogram-1.2.rpm testing/ myprogram-1.1.rpm -> ../../pool/i386/myprogram-1.1.rpm production/ myprogram-1.0.rpm -> ../../pool/i386/myprogram-1.0.rpm
So when you add a RPM to a repository, you do the following steps
- add the RPM to the /pool directory
- create a symlink in the folder (like CI, testing, production)
- run createrepo with the --baseurl option
This will create the yum xml-files based on the symlinks that are present. So you can decide with the symlinks at createrepo-time, which packages are "visible".
Giving the --baseurl option to yum will make yum go the /pool directory to fetch the actual RPM.
How do I make yum honour the baseurl?
There is a patch to yum (version 3.2.29 that ships with SL6). See https://github.com/jbraeuer/yum-s3