Save Bandwidth by Setting Up a Fedora Mirror

7
10767

Registering your mirror

Now that your configuration is almost done, you must register your mirror, regardless if it is a private or a public mirror.

Get a Fedora account

First, you need to go to https://admin.fedoraproject.org/accounts/ and get yourself a Fedora account. Without this, you can’t proceed further. However, you may choose to not sign the Fedora Contributor License Agreement (CLA), which is not required if you only want to be a mirror administrator. Still, do consider signing the CLA, as other contributions to Fedora require it, and with all the fun you’re having as a mirror administrator, you may find other aspects of Fedora you want to be part of, as well.

Register your mirror

At this point, let me introduce MirrorManager, the database that automatically keeps track of the mirrors. Go to https://admin.fedoraproject.org/mirrormanager/ and log in with the credentials you just created. Here you need to do only two things.
First, create a site using the [Add Site] link under My Sites and Hosts. What you need to put into the fields is explained at the side of these fields and is self-explanatory—take a look at Figure 3.

Figure 3: Enter your site/mirror credentials
Figure 3: Enter your site/mirror credentials

Once you fill in the form and save the site, you will find a new link, My Hosts. Now add a host to it (see Figure 4). The difference between a host and a site is that a site is about the details of the parent organisation (for example, a university), while the host is about the details of the individual machines hosting the Fedora repositories (for example, a server). Obviously, a site can have multiple hosts.

Figure 4: Create a host
Figure 4: Create a host

You can restrict your mirror within the organisation using the Private checkbox. Once you save the host, you will have a few more options to fine tune your mirror.

One particularly unique feature of MirrorManager is its ability to specify a list of network addresses (netblocks) that belong to each organisation. By adding your organisation’s netblock delegation to the database, MirrorManager will automatically direct all users coming from within that netblock to your mirror, with no configuration changes necessary on the part of the user. For example, if your organisation has the usable public IP range, say, from 118.102.161.66 to 118.102.161.96 and it has a subnet mask 255.255.255.224 — it means that you need to enter 118.102.161.64/27 as your netblock.

Run report_mirror

Now that your site and the host have been created, it is time to inform the MirrorManager database about your mirror content. For this, you need to install mirrormanager-client. You can do it very easily using the following command:

# yum -y install mirrormanager-client

You need to edit a configuration file minimally. Once the installation is done, you will find the configuration file under /etc/mirrormanager-client/report_mirror.conf. Edit it suitably to reflect the content and the paths of your mirror.

[global]
# if enabled=0, no data is sent to the database
enabled=1
server=https://admin.fedoraproject.org/mirrormanager/xmlrpc
[site]
# if enabled=0, no data about this site is sent to the database
enabled=1
name=WBSUB mirror
password=*****
[host]
# if enabled=0, no data about this host is sent to the database
enabled=1
name=118.102.181.66
[Fedora Linux]
enabled=1
path=/var/www/html/pub/fedora/linux #replace this with your path_to_content

You will find more categories under this. If you have these contents, set enabled=1 or set enabled=0. You can also delete them without a problem.

Once this much has been done, run report_mirror script using:

$ /usr/bin/report_mirror -c /etc/mirrormanager-client/report_mirror.conf

Once successfully completed, it will show “Checked in successfully”. You can now see the contents of your mirror under your MirrorManager host. You should run report_mirror following each successful rsync run.

That’s all!

Congratulations! You have successfully finished mirroring Fedora. Also, you have acquired a rare set of practical skills in the process. It is time to celebrate, but don’t forget a few complementary things that are yet to be done.

Subscribe to mailing lists

To be notified about the releases and other details, you should subscribe to the http://www.redhat.com/mailman/listinfo/mirror-list announcement list, and to http://www.redhat.com/mailman/listinfo/mirror-list-d, which is a discussion list.

These lists are private, so you need to send an e-mail to mirror-admin AT fedoraproject DOT org with the link to your host in MirrorManager so that they can approve your subscription.

Secure Your Server

Once your server is on the public domain, be sure to get all sort of attacks directed towards you. It is advisable that you apply all security patches, setup a firewall using iptables and restrict ssh access to one or two particular users using AllowUsers directive.

However, detailed discussions in this regard is not in the scope of this article. You need to know security practices and secure your server  as efficiently as possible.

Further information

For further information and if you like to contribute, you should go through these sites:

In the end, let me take this opportunity to express my heartiest thanks to Matt Domsch, Fedora Mirror Wrangler, and Eric ‘Sparks’ Christensen, Fedora Documentation Project Lead, who have reviewed this article, suggested improvements and helped me to make it better.

If you have questions, comments or suggestions, subscribe and drop a mail to fedora-india mailing list at www.redhat.com/mailman/listinfo/fedora-india or stop by #fedora-india or #fedora-admin on IRC. You can also drop me a mail at susmit AT fedoraproject DOT org.

7 COMMENTS

  1. Re the mount ISO “use cp -p” or DIE … errr, not quite. ;-)

    It’s a good idea to get used to doing the right thing, but if you don’t, then rsync -a (which implies -t) will save you in this case.

    Missing files get copied completely. Identical date/time/size/name files get skipped. But filenames with different date stamps get checksummed on both sides — and only the differences are sent. In this case there *are* none, so you spend a bit of time (but not much bandwidth) figuring that out — but the entire file doesn’t come down.

    (If a file _really has_ changed, then just the checksum and changes are transmitted, not the entire file.)

    VERY good article besides that single nit.

  2. @DamnitDog, you are right.

    The rsync will only change the timestamp if it is already present, it won’t pull the entire content.

    Sorry for the mistake.

  3. […] all. but i am talking with reference to this LINK my purpose is to just copy a 690 MiB of file … can any one help me […]

  4. Thanks for the useful post.

    I try the same, but i am getting the error, on starting the apache service, after adding the following lines in httpd.conf:

    Header set Cache-Control “must-revalidate”
    ExpiresActive On
    ExpiresDefault “now”

    ERROR:
    Invalid command ‘Header’, perhaps misspelled or defined by a module not included in the server configuration

    What can i do to resolve this? I think this is related to some module that is not included in my conf file. Can you please tell me the name of that.

    Thanks & Regards,
    Your Fan :-)
    Rahul Panwar

  5. A proxy mirror is a local mirror that does not sync the entire Fedora install tree. Instead, it serves files through a reverse caching proxy that connects to a public Fedora mirror and downloads files as needed.

LEAVE A REPLY

Please enter your comment!
Please enter your name here