华为云ECS软件仓库配置与镜像优化

1.Centos7系统yum仓库配置，本项目使用华为云内网私有yum仓库

1.1配置yum源，安装工具包

[root@ecs-host ~]# rm -rf /etc/yum.repos.d/*.repo

[root@ecs-host ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.myhuaweicloud.com/repo/CentOS-Base-7.repo

[root@ecs-host ~]# vim /etc/yum.repos.d/local.repo

[local_repo]

name=CentOS-$releasever - Localrepo

baseurl=ftp://192.168.1.252/localrepo

enabled=1

gpgcheck=0

[root@ecs-host ~]# yum clean all

[root@ecs-host ~]# yum repolist

[root@ecs-host ~]# yum install -y net-tools lftp rsync psmisc vim-enhanced tree lrzsz bash- completion iproute

1.2优化系统服务

[root@ecs-proxy ~]# systemctl stop postfix atd

[root@ecs-proxy ~]# yum remove -y postfix at audit kexec-tools firewalld-*

[root@ecs-proxy ~]# sed 's,^manage_etc_hosts:.*,# &,' -i /etc/cloud/cloud.cfg

[root@ecs-proxy ~]# vim /etc/hosts

# ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

[root@ecs-host ~]# yum clean all

[root@ecs-host ~]# poweroff

2.Rocky8系统镜像yum仓库配置，本项目使用nginx作为代理，提供互联网yum公共仓库。

2.1代理 Yum 仓库

[root@ecs-proxy ~]# dnf install -y nginx

[root@ecs-proxy ~]# vim /etc/nginx/default.d/dnf_proxy.conf

resolver 100.125.1.250 100.125.129.250 valid=5 ipv6=off;

location ~ ^/rockylinux/(.*)$ {

proxy_pass https://repo.huaweicloud.com/rockylinux/$1;

}

[root@ecs-proxy ~]# systemctl enable --now nginx

2.2配置私有 Yum 仓库

[root@ecs-proxy ~]# dnf install -y createrepo

[root@ecs-proxy ~]# mkdir -p /var/localrepo

[root@ecs-proxy ~]# createrepo --update /var/localrepo

[root@ecs-proxy ~]# ln -s /var/localrepo /usr/share/nginx/html/

2.3模板机配置 Yum 客户端

[root@ecs-host ~]# rm -f /etc/yum.repos.d/{epel,Rocky-[!ABE]}*

[root@ecs-host ~]# sed -ri 's,https://repo.huaweicloud.com,http://192.168.1.252,' /etc/yum.repos.d/*.repo

[root@ecs-host ~]# vim /etc/yum.repos.d/local.repo

[local_repo]

name=Rocky Linux $releasever - Localrepo

baseurl=http://192.168.1.252/localrepo

enabled=1

gpgcheck=0

[root@ecs-host ~]# dnf makecache

Rocky Linux 8 - AppStream 187 kB/s | 4.8 kB 00:00

Rocky Linux 8 - BaseOS 172 kB/s | 4.3 kB 00:00

Rocky Linux 8 - Extras 105 kB/s | 3.5 kB 00:00

Rocky Linux 8 - Localrepo 2.9 MB/s | 3.0 kB 00:00

Metadata cache created.

2.4优化系统配置

[root@ecs-host ~]# systemctl stop atd kdump nis-domainname

[root@ecs-host ~]# dnf remove -y postfix at audit kexec-tools firewalld-* *-firmware unbound-libs

[root@ecs-host ~]# dnf install -y rsync tree bash-completion lrzsz tar iptables patch ipset time

[root@ecs-host ~]# echo 'ListenAddress 0.0.0.0' >>/etc/ssh/sshd_config

[root@ecs-host ~]# sed -ri 's,^(OPTIONS).*,\1="-4u chrony",' /etc/sysconfig/chronyd

[root@ecs-host ~]# sed 's,^manage_etc_hosts:.*,# &,' -i /etc/cloud/cloud.cfg

[root@ecs-host ~]# vim /etc/hosts

::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

[root@ecs-host ~]# dnf clean all

[root@ecs-host ~]# poweroff