From Fedora Project Wiki
m (Categorize)
Line 61: Line 61:


If, at a later point, you decide to create a full local Fedora mirror, simply remove the <code>ProxyPass</code> line from <code>httpd.conf</code>, and either place your local mirror in <code>/var/www/html/fedora</code> or alias another directory to /fedora.  Your clients do not need to be reconfigured.  You can also remove Squid and the SELinux policy.
If, at a later point, you decide to create a full local Fedora mirror, simply remove the <code>ProxyPass</code> line from <code>httpd.conf</code>, and either place your local mirror in <code>/var/www/html/fedora</code> or alias another directory to /fedora.  Your clients do not need to be reconfigured.  You can also remove Squid and the SELinux policy.
[[Category:Infrastructure]]

Revision as of 22:04, 8 January 2010

A proxy mirror is a local mirror that does not sync the entire Fedora install tree. Instead, it serves files through a reverse caching proxy that connects to a public Fedora mirror and downloads files as needed, then serves them from the local machine once they have been cached. This is useful in several circumstances:

  1. You don't have the disk space or bandwidth to set up a full mirror.
  2. You are testing functionality of a local mirror environment before fully mirroring the Fedora tree.
  3. You are setting up multiple targeted installations of Fedora (such as Web servers) that will be installing only a small subset of Fedora packages.

Installing Squid

Only squid will work for this!
Apache mod_proxy does not work because it will not cache Range requests.

First, install the squid package. Then create a new /etc/squid/squid.conf with the following:

http_port 3128 accel defaultsite=$MIRROR_HOSTNAME
cache_peer $MIRROR_HOSTNAME parent 80 0 no-query originserver
http_access allow all

cache_dir ufs /var/spool/squid 1024 16 256
maximum_object_size 524288 KB
range_offset_limit -1

access_log /var/log/squid/access.log

Replace $MIRROR_HOSTNAME with the hostname of your preferred Fedora mirror, such as download.fedora.redhat.com.

Once your configuration is saved, start Squid with service squid start.

Installing Apache

A Web server is not required for your proxy mirror.
However, you may find a Web server useful for serving local content relevant to your Fedora installations, such as Kickstart files.

You will also need a Web server if you later decide to convert to a full local mirror.

This guide will assume that you are installing the Apache Web server, to provide you with the most flexibility later on.

Install the httpd package. Then add the following to /etc/httpd/conf/httpd.conf:

ProxyPass /fedora/ http://localhost:3128/fedora

You will need to ensure that the path portion of the URL matches the path of the mirror you are proxying to. So if your chosen mirror keeps its Fedora tree in /pub/fedora, adjust the configuration appropriately:

ProxyPass /fedora/ http://localhost:3128/pub/fedora

Once your configuration is saved, start Apache with service httpd start.

SELinux

If you have SELinux enabled on your mirror server (and don't wish to disable it), you will need to grant Apache access to the Squid port. You can do this with the command setsebool -P httpd_can_network_connect on.

Using Your Proxy Mirror

To test your proxy mirror, point a Web browser to http://proxymirror/fedora/ (where proxymirror is the name or IP of your proxy mirror server), and you should see the directory index from your selected Fedora mirror. You can now point local clients to the appropriate subdirectory, such as http://proxymirror/fedora/releases/9/Fedora/i386/os. Squid will download files as necessary, and serve local cached copies when available.

Converting To A Full Mirror

If, at a later point, you decide to create a full local Fedora mirror, simply remove the ProxyPass line from httpd.conf, and either place your local mirror in /var/www/html/fedora or alias another directory to /fedora. Your clients do not need to be reconfigured. You can also remove Squid and the SELinux policy.