I would like to use rsync command for create a CentOS public mirror server but I got an error on rsync command
rsync -aqzH --delete msync.centos.org::CentOS /path/to/local/mirror/root
Error :
#ERROR: Unknown module 'CentOS'
Reference :
How to create public mirrors for CentOS
How can if fix this ?
the referenced wiki page says:
For your first mirror synchronization, you must use one of the
external mirrors providing rsync access. You can find that list here:
https://centos.org/download/mirrors/
This means you must do your initial sync from some other public mirror, not msync.centos.org. After you have finished the sync and your web server is ready, you can email your mirror info to the mailing list. If everything is OK, your mirror will be added to the list of public CentOS mirrors. After your mirror is approved, you can do incremental rsyncs directly from rsync://msync.centos.org/CentOS/
Related
I'm trying to share a file between two servers using onionshare.cli. I can get it working using the GUI. The only problem is trying to do it through the CLI. I can also get it working when using the onionshare.cli --public flag.
The issue is trying to get torsocks wget on an onion address that requires a private key for client-authentication. How do I pass the private key when using wget.
Sending Machine
Receiving machine
Being new to Ansible collections I’m hoping I’ve missed something obvious here in my attempt to refactor some old Ansible roles into collections using private GitHub repositories.
I have GitHub setup with 2 linked accounts. I’ll call the main personal account GITHUB_AC_P. The personal account is linked to a child organizational account I’ll call GITHUB_AC_O. I can switch between these accounts in the GitHub web UI and use the following single entry in ~/.ssh/config to access both accounts with git clients:
Host GITHUB_AC_P.github.com
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_github_REDACTED_GITHUB_A
I first added Ansible Galaxy collection files to a new GitHub repository named ansible.common in account GITHUB_AC_O. I plan to reuse this collection in other Ansible Galaxy collections. It currently has a single role and the following galaxy.yml file:
namespace: REDACTED_NS
name: common
version: 0.0.1
description: "Common Ansible collection"
readme: README.md
authors:
- REDACTED_AUTHOR
The following command reports “installed successfully” and I see the collection in ~/.ansible/collections/ansible_collections/REDACTED_NS/common:
ansible-galaxy collection install git#GITHUB_AC_P.github.com:GITHUB_AC_O/ansible.common.git,main
I then created a second Ansible Galaxy collection in a new GitHub repository named ansible.harden_host. This is also in account GITHUB_AC_O. This currently has no roles and uses the following galaxy.yml file to reference the above common collection (the value of REDACTED_NS is the same in both galaxy.yml files):
namespace: REDACTED_NS
name: harden_host
version: 0.0.1
description: "Ansible collection to harden hosts"
readme: README.md
authors:
- REDACTED_AUTHOR
dependencies: {
REDACTED_NS.common: git#GITHUB_AC_P.github.com:GITHUB_AC_O/ansible.common.git,main
}
But when I run the following:
ansible-galaxy collection install --verbose git#GITHUB_AC_P.github.com:GITHUB_AC_O/ansible.harden_host.git,main
It fails with message:
Starting galaxy collection install process
Process install dependency map
ERROR! Unknown error when attempting to call Galaxy at 'https://galaxy.ansible.com/api/': <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)>
Why is this trying to hit galaxy.ansible.com instead of my GitHub account?
When I add --ignore-certs and run the following:
ansible-galaxy collection install --ignore-certs git#GUTHUB_AC_P.github.com:GITHUB_AC_O/ansible.harden_host.git,main
It fails with this different message:
ERROR! Failed to find collection REDACTED_NS.common:git#GITHUB_AC_P.github.com:GITHUB_AC_O/ansible.common.git
I pasted the URI from this error (right of the colon) into a ansible-galaxy collection install command to verify there’s no typo in the URI. This worked fine.
The string REDACTED_NS does not equal the value of GITHUB_AC_P or GITHUB_AC_O.
If someone could please explain what’s wrong here and how the issue can be fixed that would be much appreciated.
Solved; it seems the answer was hiding in plain site in Ansible's Using collections document, which says to use the following form for git based dependencies:
dependencies: {'git#github.com:organization/repo_name.git': 'devel'}
The form I was using was for Galaxy servers, hence it was hitting galaxy.ansible.com (unless I overrode the default with e.g. --server localhost).
So the following form works (git repo followed by git reference):
namespace: REDACTED_NS
name: harden_host
version: 0.0.1
description: "Ansible collection to harden hosts"
readme: README.md
authors:
- REDACTED_AUTHOR
dependencies: {
'git#GITHUB_AC_P.github.com:GITHUB_AC_O/ansible.common.git': 'main'
}
I have been working on an installation of OKD on an air-gapped environment. The first major step has been mirroring the OKD images so that they can be moved over to the new environment and pulled locally. I've been following a combination of the OpenShift documentation and this article, as well as this resource for getting my certificates set up. I have been making slow but consistent progress.
However, I am now having trouble when attempting to actually mirror the files using
oc adm -a ${LOCAL_SECRET_JSON} release mirror \
--from=quay.io/${PRODUCT_REPO}/${RELEASE_NAME}:${OCP_RELEASE}-${ARCHITECTURE} \
--to=${LOCAL_REGISTRY}/${LOCAL_REPOSITORY} \
--to-release-image=${LOCAL_REGISTRY}/${LOCAL_REPOSITORY}:${OCP_RELEASE}-${ARCHITECTURE}
I get the following, encouraging response:
info: Mirroring 120 images to host.okd-registry.dns:5000/ocp4/openshift4 ...
followed by blobs: and manifests: lines, and finally the line
stats: shared=0 unique=7 size=105.3MiB ratio=1.00
I then get about 50 lines stating
error: unable to retrieve source image quay.io/openshift-release-dev/ocp-v4.0-art-dev manifest
sha256:{some value}: unauthorized: access to the requested resource is not authorized
I have a quay account but I am not sure if that is required even after my research, and if it is, where or how I would log into it. I have attempted doing so using oc login followed by various addresses within the release structure, but if this is the solution, I may be using the wrong arguments as I have not been able to find any instructions on doing this.
I have also tried the command with sudo. I doubt that is an issue but I tried it anyway.
I suppose the issue could be with my certificates, but I am not sure how to determine if this is the case.
Any guidance or suggestions would be much appreciated.
It has been determined that the OKD documentation is inaccurate at the time that I am posting this answer, and was instructing readers to pull from the OCP image repository rather than the OKD repository, which apparently requires additional credentials. A bug has been logged and the documentation will hopefully be updated soon.
The correct environment variables and full command to mirror the images are as follows:
LOCAL_REGISTRY=localhost:5000 (or your local domain name and port for the registry)
LOCAL_REPOSITORY=okd
LOCAL_SECRET_JSON=<full path to your pull secret>
OCP_RELEASE=4.5.0-0.okd-2020-10-15-235428
PRODUCT_REPO=openshift
RELEASE_NAME=okd
ARCHITECTURE=not-used-in-okd
oc adm -a ${LOCAL_SECRET_JSON} release mirror \
--from=quay.io/${PRODUCT_REPO}/${RELEASE_NAME}:${OCP_RELEASE} \
--to=${LOCAL_REGISTRY}/${LOCAL_REPOSITORY} \
--to-release-image=${LOCAL_REGISTRY}/${LOCAL_REPOSITORY}:${OCP_RELEASE} --dry-run
We are running TFS and Release Management on premises, and i want to deploy my applications to a remote datacenter.
Access is over the internet, so there is no windows shares available.
I am using the vNext templates, and afaik RM seems to only support unc paths over windows shares.
How can i use Release Management to deploy software to this datacenter?
Im working on this solution:
Use WebDav on a IIS located inside the datacenter.
RM server and Target can use the WebDav client built into windows and access it by an unc path.
I haven't gotten this to work yet, as RM won't use the correct credentials to logon to the webdav server.
Updated with my solution
This is only a proof of concept, and is not production tested.
Setup a WebDav site accessible from both RM server and Target server
Install the feature "Desktop experience" on both servers
Make the following DLL
using System;
using System.ComponentModel.Composition;
using System.Diagnostics;
using System.IO;
using Microsoft.TeamFoundation.Release.Common.Helpers;
using Microsoft.TeamFoundation.Release.Composition.Definitions;
using Microsoft.TeamFoundation.Release.Composition.Services;
namespace DoTheNetUse
{
[PartCreationPolicy(CreationPolicy.Shared)]
[Export(typeof(IThreadSafeService))]
public class DoTheNetUse : BaseThreadSafeService
{
public DoTheNetUse() : base("DoTheNetUse")
{}
protected override void DoAction()
{
Logger.WriteInformation("DoAction: [DoTheNetUse]");
try
{
Logger.WriteInformation("# DoTheNetUse.Start #");
Logger.WriteInformation("{0}, {1}", Environment.UserDomainName, Environment.UserName);
{
Logger.WriteInformation("Net use std");
var si = new ProcessStartInfo("cmd.exe", #"/c ""net use \\sharedwebdavserver.somewhere\DavWWWRoot\ /user:webdavuser webdavuserpassword""");
si.UseShellExecute = false;
si.RedirectStandardOutput = true;
si.RedirectStandardError = true;
var p = Process.Start(si);
p.WaitForExit();
Logger.WriteInformation("Net use output std:" + p.StandardOutput.ReadToEnd());
Logger.WriteInformation("Net use output err:" + p.StandardError.ReadToEnd());
}
//##########################################################
Logger.WriteInformation("# Done #");
}
catch (Exception e)
{
Logger.WriteError(e);
}
}
}
}
Name it "ReleaseManagementMonitor2.dll"
Place it in the a subfolder to The service "ReleaseManagementMonitor"
Configure the shared path as the solution below states.
DO NOT OVERWITE THE EXISTING "ReleaseManagementMonitor2.dll"
The reason that this works is MEF.
The ReleaseManagementMonitor service tries to load the dll "ReleaseManagementMonitor2.dll" from all subfolders.
This dll implements a service interface that RM recognises.
It the runs "net use" to apply the credentials to the session that the service runs under, and thereby grants access to the otherwise inaccessible webdav server.
This solution is certified "Works on my machine"
RM does work only with UNC, you are right on that.
You can leverage that to make your scenario work -
In Theory
Create a boundary machine on the RM domain, where your drops can be copied.
The deploy action running on your datacenter can then copy bits from this boundary machine, using credentials that have access on that domain. (These credentials are provided by you in the WPF console)
How this works
1. Have a dedicated machine on the RM server domain (say D1) that will be used as a boundary machine.
2. Define this machine as a boundary machine in RM by specifying a shared path that will be used by your data centre. Go to settings tab in your WPF console, create a new variable - { Key = RMSharedUNCPath, Value = \\BoundaryMachine\DropsLocation }. RM now understands you want to use this machine as your boundary machine.
3. Make sure you take care of these permissions
RM Server should have write permissions on the \\BoundaryMachine\DropsLocation share.
Pass down credentials of domain D1 to the target machine in the data centre (Domain D2), that can be used to access the share.
4. Credentials can be passed down fron the WPF console, you will have to define the following two config variables in the settings tab again.
Key = RMSharedUNCPathUser ; Value = domain D1 user name
Key = RMSharedUNCPathPwd ; Value = password for the user defined above.
PS - Variable names are case sensitive.
Also, to let RM know that you want to use the SharedUNC mechanism, check the corresponding checkbox for the RM server and connect to it via IP and not DNS name as these must be in different domains, i.e.
Try to use Get-Content on local-server then Set-Content on the remote server passing the file contents over;
Could package everything into an archive of some kind.
The Release Management is copying VisualStudioRemoteDeployer.exe to C:\Windows\DtlDownloads\VisualStudioRemoteDeployer folder on the target server then is copying the scripts from the specified location to target server using robocopy.
So you have to give permissions from your target server to your scripts location.
Release Management update 4 supports "Build drops stored on TFS servers"
http://blogs.msdn.com/b/visualstudioalm/archive/2014/11/11/what-s-new-in-release-management-for-vs-2013-update-4.aspx
I'm having a hard time pushing my commits to a remote repository with libgit2sharp. Using the git bash it works fine.
The remote is addressed via UNC like "//computer_name/remote.git". So it's a folder on a machine in the local network which has an accessible folder.
Cloning it to a local repo with libgit2sharp worked just fine and constructing a remote was successful too with
Remote remote = localrepo.Network.Remotes["origin"];
Now when I try pushing to the remote with:
localrepo.Network.Push(remote, "HEAD", "origin");
I get the exception in git_push_add_refspec() in Proxy.cs
An error was raised by libgit2. Category = Invalid (Error).
Not a valid reference 'origin'
So then I tried:
repo.Network.Push(remote, "HEAD", #"refs/remotes/origin/master");
and got the exception in git_push_finish() in Proxy.cs
An error was raised by libgit2. Category = Net (Error).
Remote transport doesn't support push.
Is there a right way to do this or is there a support problem for my usecase?
Thanks in advance!
[UPDATE]
Now my command looks like this
repo.Network.Push(remote, "HEAD", #"refs/remote/origin/master", pushStErrHnd, null);
The PushStatusErrorHandler has only one line of code in which it should write the PushErrorStatus to console. But console remains blank and then the above exception occurs.
[UPDATE 2]
The static variable Repository.Version was 0.9.5 when I experienced the above.
As nulltoken has already mentioned, local push has just recently been added. You will need to make sure that you have a recent LibGit2Sharp build (you will need LibGit2Sharp containing commit 547a6bd, committed on March 12)
Also, there is a slight mistake in the API usage. The destination reference should be the reference to update on the remote (e.g. #"refs/remote/origin/master" should probably be #"refs/heads/master").
Push to a local repository has been recently added to libgit2 (see PR #1406) and eventually embedded in LibGit2Sharp. However, this feature hasn't been properly tested yet.
In order to try and help you, could you please update your questions with the answers to the few questions below:
Push accept an additional parameter to give more information about issues: onPushStatusError. Could you please provide the output of each potential PushStatusErrors?
You state "Cloning it to a local repo worked". How did you perform the clone? Through git? Through LibGit2Sharp?
What happens if you change the url of the remote to a file URI format (eg. file://computer_name/remote.git)?
UPDATE
The amazing #yorah is working on a Pull Request to enhance the test coverage regarding your scenario.
Cloning from a local repository
Adding a new Commit
Pushing the newly created commit
Retrieving the list of the remote references