If you are installing EDB on RHEL/CentOS machines, RPMs are the way to go.
There are many, many reasons for this, a few of which are:
It's the standard way to install on RHEL derivatives
It uses consistent installation paths
It's easily integrated into Puppet, Chef, and other provisioning tools
Updating is as simple as "yum update" rather than finding and downloading individual installers
Some products (like BART and EFM) are only available via RPMs
RPMs leverage OS dependencies for things like OpenSSL meaning that you don't have to wait for EDB to patch Postgres in order to get an OpenSSL patch - if you install with RPMs. If you install with the one-click installer, we bundle OpenSSL and you'll need to get those patches from us which is not the most efficient way.
And many other reasons...
But, many of our customers (government, financial, and others) run their databases on machines that can not reach out to the internet, so they can't get patches fromhttp://yum.enterprisedb.com. So, what are they to do?
Well, it turns out that there isan easyand elegant way to address this, and it involves these steps:
Clone the EDB YUM repositories (the example below will do this withreposync)
Copy that clone to your disconnected machines (via one-way transfer,sneaker net, whatever options you have)
Setup a local EDB YUM repository on that disconnected network one of two ways (both of which will be demonstrated below)
File basedlocal repository (good for small number of machines)
HTTP based local repository (good for larger number of machines)
Let's get started!
Steps (run as root):
# # These first set of steps that clone the EDB YUM repository have to be done on # a machine that is connected to the internet. Can be some desktop you have # or could be spinning up an AWS VM for a few minutes to clone the EDB YUM # repository into a zip file that you will transfer to your disconnected network. #
# # Set YUM username/password in edb.repo # export YUM_USER=<yum user> export YUM_PASSWORD=<yum password> sed -i "s/<username>:<password>/$YUM_USER:$YUM_PASSWORD/g" /etc/yum.repos.d/edb.repo
# # Since we will be pulling RHEL 6 and RHEL 7 RPMs to this machine, # we need to overide the yum directories so that they don't get # confused. While we are at it, we'll just list the EDB YUM repositories # in the main yum.conf file so that we don't have to deal with all the # other YUM repos in /etc/yum.repos.d # echo "[main]" > ~/yum.conf echo "cachedir=/tmp/yum_cache" >> ~/yum.conf echo "persistdir=/tmp/yum_persist" >> ~/yum.conf echo "reposdir=/dev/null" >> ~/yum.conf echo " " >> ~/yum.conf cat /etc/yum.repos.d/edb.repo >> ~/yum.conf
# # Make sure that the YUM cache directories are empty (in case # you run this over and over like I do). If these directories are # not cleaned out, YUM will try to keep track of what it already # synched. Normally that is good, but in this case, I always # want YUM to go back and refresh from the actual repos. # rm -rf ~/edb_repos /tmp/yum_cache /tmp/yum_persist
# # First, we reposync the EDB repo repository which is OS version agnostic because # it just contains a single RPMs with the edb.repo file and the GPG key. # reposync -c ~/yum.conf --norepopath -r edb-repos -p ~/edb_repos/edbrepos
# # Next, let's enable all the EDB repos and hard code the version of RPMs # we want to be the RHEL 6 x86_64 RPMs. # sed -i "s/enabled=0/enabled=1/g" ~/yum.conf sed -i "s/\$releasever-\$basearch/6-x86_64/g" ~/yum.conf
# # Now, make sure that the YUM caches are empty, and sync # each of the repos to the folder that matches what the edb.repo # defines as the baseurl for each repo. # rm -rf /tmp/yum_cache /tmp/yum_persist reposync -c ~/yum.conf --norepopath -r ppas95 -p ~/edb_repos/9.5/redhat/rhel-6-x86_64 reposync -c ~/yum.conf --norepopath -r ppas94 -p ~/edb_repos/9.4/redhat/rhel-6-x86_64 reposync -c ~/yum.conf --norepopath -r ppas93 -p ~/edb_repos/9.3/redhat/rhel-6-x86_64 reposync -c ~/yum.conf --norepopath -r ppas92 -p ~/edb_repos/9.2/redhat/rhel-6-x86_64 reposync -c ~/yum.conf --norepopath -r ppas91 -p ~/edb_repos/9.1/redhat/rhel-6-x86_64 reposync -c ~/yum.conf --norepopath -r enterprisedb-tools -p ~/edb_repos/tools/redhat/rhel-6-x86_64 reposync -c ~/yum.conf --norepopath -r enterprisedb-tools-testing -p ~/edb_repos/tools-testing/redhat/rhel-6-x86_64 reposync -c ~/yum.conf --norepopath -r enterprisedb-dependencies -p ~/edb_repos/dependencies/redhat/rhel-6-x86_64 reposync -c ~/yum.conf --norepopath -r enterprisedb-xdb60 -p ~/edb_repos/xdb60/redhat/rhel-6-x86_64
# # Now we are going to synch the RHEL 7 repos which are not aviailable # for EPAS 9.1-9.3, so disable those three repos and change the release # version in the baseurls to 7. # sed -i "\/ppas93/,/gpgcheck/ s/enabled=1/enabled=0/" ~/yum.conf sed -i "\/ppas92/,/gpgcheck/ s/enabled=1/enabled=0/" ~/yum.conf sed -i "\/ppas91/,/gpgcheck/ s/enabled=1/enabled=0/" ~/yum.conf sed -i "s/6-x86_64/7-x86_64/g" ~/yum.conf
# # Clean the YUM cache and synch the RHEL 7 repos to the directories # that match the baseurls in the edb.repo # rm -rf /tmp/yum_cache /tmp/yum_persist reposync -c ~/yum.conf --norepopath -r ppas95 -p ~/edb_repos/9.5/redhat/rhel-7-x86_64 reposync -c ~/yum.conf --norepopath -r ppas94 -p ~/edb_repos/9.4/redhat/rhel-7-x86_64 reposync -c ~/yum.conf --norepopath -r enterprisedb-tools -p ~/edb_repos/tools/redhat/rhel-7-x86_64 reposync -c ~/yum.conf --norepopath -r enterprisedb-tools-testing -p ~/edb_repos/tools-testing/redhat/rhel-7-x86_64 reposync -c ~/yum.conf --norepopath -r enterprisedb-dependencies -p ~/edb_repos/dependencies/redhat/rhel-7-x86_64 reposync -c ~/yum.conf --norepopath -r enterprisedb-xdb60 -p ~/edb_repos/xdb60/redhat/rhel-7-x86_64
# # Install createrepo and run it against all the EDB repository directories # that we just synched. This will create the "repodata" directory that makes # these folders YUM repositories as opposed to just folders with RPMs. # yum install -y createrepo for i in `ls -d ~/edb_repos/edbrepos ~/edb_repos/*/redhat/*`; do createrepo $i done
# # Now zip up all the EDB repositories # tar -czvf edb_repos.tar.gz edb_repos
# # Here is where you would copy that zip of repositories to # whatever disconnected system you want to have these repositories available # on. You can burn it to disk or transfer it however you like. For simplicity # of this quickstart, I'm going to keep going forward on this same VM, but in # reality, the rest of these steps are done on the disconnected machine that you # transferred this zip file to. To simulate that I'm on a "different" VM, I'm going # to erase the edb-repo that we installed above. # yum erase -y edb-repo
# # Now, we can unzip these repositories anywhere we like. I'm going to put them # in an Apache folder because I'm going to show you how to access them via file # as well as via http if desired and I don't want them in two different locations. # mkdir -p /var/www/html tar -C /var/www/html -xvf ~/edb_repos.tar.gz
# # Let's first say we just want to access these repositories via the local filesystem # without any HTTP interface. No problem, install the EDB repo, edit the edb.repo # to point at the local filesystem path, set the release version to 6 or 7 depending # on your OS, enable the EPAS 9.5 and Tools repositories, and show that the EDB # packages are available. Now you can install with YUM just like normal, and as # long as you update the repositories in /var/www/html/edb_repos when # patches are available, it will be as if you were connected to yum.enterprisedb.com. # yum install -y /var/www/html/edb_repos/edbrepos/edb-repo-9.6-4.noarch.rpm sed -i "s,baseurl=http://<username>:<password>@yum.enterprisedb.com,baseurl=file:///var/www/html/edb_repos,g" /etc/yum.repos.d/edb.repo sed -i "s/\$releasever/7/g" /etc/yum.repos.d/edb.repo #sed -i "s/\$releasever/6/g" /etc/yum.repos.d/edb.repo sed -i "\/ppas95/,/gpgcheck/ s/enabled=0/enabled=1/" /etc/yum.repos.d/edb.repo sed -i "\/enterprisedb-tools/,/gpgcheck/ s/enabled=0/enabled=1/" /etc/yum.repos.d/edb.repo yum list ppas95-server yum list edb-bart
# # Now if you have several machines on the disconnected network and don't want to # copy these repositories to each machine, you can very easily setup an HTTP server # to host these repositories to other machines. We will do that now by installing httpd, # starting Apache, removing the EDB repo we installed earlier, installing the new EDB # repo from the HTTP interface, and updating the baseurls in edb.repo to point to # our new web enabled EDB YUM repositories. Then, show again that you have access # to the EPAS 9.5 and BART via these new web enabled repositories. # yum install -y httpd chkconfig httpd on service httpd start chcon -R -t httpd_sys_content_t /var/www/html yum erase -y edb-repo rpm -Uvh http://localhost/edb_repos/edbrepos/edb-repo-9.6-4.noarch.rpm sed -i "s,baseurl=http://<username>:<password>@yum.enterprisedb.com,baseurl=http://localhost/edb_repos,g" /etc/yum.repos.d/edb.repo sed -i "s/\$releasever/7/g" /etc/yum.repos.d/edb.repo #sed -i "s/\$releasever/6/g" /etc/yum.repos.d/edb.repo sed -i "\/ppas95/,/gpgcheck/ s/enabled=0/enabled=1/" /etc/yum.repos.d/edb.repo sed -i "\/enterprisedb-tools/,/gpgcheck/ s/enabled=0/enabled=1/" /etc/yum.repos.d/edb.repo yum list ppas95-server yum list edb-bart
# # Congratulations! Now, you can take advantage of all the benefits of RPMS and YUM # installations even if you do not have direct access to yum.enterprisedb.com. You will need # at least one machine that is connected to the internet in order to download the repositories # so that you can transfer them to your other network of course.