How to install and configure Argonaut-fai-mirror

Add argonaut mirror service to a fai server from fusiondirectory interface

In our exemple, the fd-server we will acts as fai-server too, so we will install the argonaut mirror service inside fd-server.

In fd-server, like for server service, you must add a new service so:

1. Click on the fd-server:

2. Click on Services:

3. Create new Argonaut Mirror settings service:

4. Fill the configuration informations and then click Save:

Argonaut mirror settings

  • Local debian mirror directory : Folder in which will store packages of mirror.

Argonaut Debconf Crawler config

  • Local packages folder : Folder in which the crawler will store packages during analysis.

Argonaut Repository configuration

  • Proxy : Specifies the http proxy (like Squid) to use for http and hftp method, e.g. http://user:pass@url:port/
  • Errors : Normally debmirror will report an error if any deb files or sources fail to download and refuse to update the meta data to an inconsistent mirror. Normally this is a good things as it indicates something went wrong during download and should be retried. But sometimes the upstream mirror actually is broken. If you check this option, debmirror will ignore missing or broken deb and source files but still be pedantic about checking meta files (debmirror option –ignore-small-errors).
  • Source : If you check this option debmirror will include sources (debmirror option –source). Otherwise debmirror don't include sources (debmirror option –nosource).
  • GPG Check : If you check this option debmirror will verify if Release.gpg file exist, if not it fails. Otherwise debmirror don't fail if the Release.gpg file is missing. If the file does exist, it is mirrored and verified, but any errors are ignored (debmirror option –ignore-release-gpg).
  • Contents : If you check this option debmirror additionally download Contents.<arch>.gz files (debmirror option –getcontents). Note that these files can be relatively big and can change frequently, especially for the testing and unstable suites.
  • Verbose : If you check this option debmirror displays progress between file downloads.

5. Click OK one more time to save configuration data.

Add an official Debian mirror to your systems list in fusiondirectory interface

First of all, we need the fai schema installed:

root@fd-server:~# apt-get install fusiondirectory-plugin-fai fusiondirectory-plugin-fai-schema
root@fd-server:~# fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/fai.schema
root@fd-server:~# fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/fai-fd-conf.schema

Add an official Debian mirror to your systems list, that we can use as a parent. To do this, create a New Server, in our exemple ftp.debian.org. Assign a fake value to the IP Address field (e.g. 192.168.56.110) and a fake value to the MAC Address field (e.g. 00:11:22:33:44:55) and save:

Open it again, click on the 'Services' tab and add a new service Debian Repository:

Fill the required information for all repositories:

Repositories

  • URL : Put the URL of a debian repository from which you want to take the packages (e.g. http://ftp.debian.org/debian).
  • Parent server : leave empty.
  • Release : Put the name of a debian release of your choice (e.g. squeeze).
  • Mirror mode : install this mirror is an installation mirror ; update this mirror is just for updates, it must not be used for selecting packages lists (backport mirror for instance); custom custom:DIST this mirror is a custom release based on the release DIST.
  • Local mirror : leave unchecked.
  • Architectures : Put one or more architectures of your choice (e.g.i386).
  • Sections : Put one of more sections like main, contrib, non-free.

then you need to apply on every single repository clicking the Add button in the left down corner of the window:

Click on Save and then on OK when you have finished.

Add a repository service to a fai server in fusiondirectory interface

In the fd-server, you can do the same above steps to create a new “debian repository” service, then a “new realease”.

Use the same settings as the above “official debian mirror”, just choose the server added above as the parent server and check the “local mirror” box:

then click “Add” button in the left down corner of the window:

Click on Save and then on OK when you have finished.

Test the mirroring script

We need to test the above settings and create an initial mirror (you can hit CTRL-C to abort). Execute the following command:

root@fd-server:~# argonaut-repository

It should generate an output that looks similar to the following:

Generating sources.list and debmirror cronjob for server
IP:     192.168.56.105
Base:   dc=labo,dc=opensides,dc=be
Outdir: /etc/argonaut/fai

parent: ftp.debian.org
sources.list: deb http://ftp.debian.org/debian squeeze main
mirror-update-cronjob: 
debmirror --nocleanup --ignore-release-gpg --nosource --ignore-small-errors  --arch=i386 --dist=squeeze --section=main --method=http --host=ftp.debian.org --root=/debian  /srv/www/debian/

The script generates a script named /etc/argonaut/fai/mirror-update-cronjob. To test it, execute the command:

root@fd-server:~# sh /etc/argonaut/fai/mirror-update-cronjob

it generate an output that looks similar to the following:

~# sh /etc/argonaut/fai/mirror-update-cronjob
gpgv: ressource bloc de clés `/root/.gnupg/trustedkeys.gpg': erreur d'ouverture de fichier
gpgv: AVERTISSEMENT: plusieurs signatures ont été détéctées. Seulement la première
sera vérifiée.
gpgv: Signature faite le sam. 04 mai 2013 14:31:50 CEST avec la clé RSA ID 473041FA
[GNUPG:] ERRSIG AED4B06F473041FA 1 2 00 1367670710 9
[GNUPG:] NO_PUBKEY AED4B06F473041FA
gpgv: Impossible de vérifier la signature: clé publique non trouvée

If it begins to download packages files, you're done. You only need to verify that there is a cronjob to do this nightly at /etc/cron.daily/argonaut-mirror, with the following content:

PATH=/sbin:/bin:/usr/sbin:/usr/bin

@daily root /etc/argonaut/fai/mirror-update-cronjob

You can find your local mirror at /srv/www.

Troubleshooting

If the command:

root@fd-server:~# sh /etc/argonaut/fai/mirror-update-cronjob

it generate an output that looks similar to the following:

gpgv: keyblock resource `/root/.gnupg/trustedkeys.gpg': file open error
gpgv: Signature made Sat 29 Sep 2012 01:31:52 PM CEST using RSA key ID 473041FA
[GNUPG:] ERRSIG AED4B06F473041FA 1 2 00 1348918312 9
[GNUPG:] NO_PUBKEY AED4B06F473041FA
gpgv: Can't check signature: public key not found
gpgv: Signature made Sat 29 Sep 2012 01:41:02 PM CEST using RSA key ID B98321F9
[GNUPG:] ERRSIG 64481591B98321F9 1 2 00 1348918862 9
[GNUPG:] NO_PUBKEY 64481591B98321F9
gpgv: Can't check signature: public key not found
Errors:
 Release signature does not verify
Failed to download some Release or Release.gpg files!
WARNING: releasing 1 pending lock...

you have to do one of the following:

  • Add the debian public key in your server.
  • Add –ignore-release-gpg in your /etc/argonaut/fai/mirror-update-cronjob file.
  • Uncheck the case “GPG Check” in your Argonaut mirror settings window configuration.
en/documentation/plugin/argonaut_plugin/how_to_setup_argonaut_plugin_fai_mirror.txt · Last modified: 2017/10/31 10:32 (external edit)
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0