Tuesday, March 17, 2015

Switching Red Hat Linux to Oracle Linux

Normally, I'd rather fight than switch, but...

I recently decided to switch all of my Linux systems to Oracle Linux.  Why, you may ask?  Because I thought it was simpler.  Here's why:  

I was using Red Hat Enterprise Linux for some systems and CentOS for others and still Oracle Linux for Oracle systems.  I even had a couple Ubuntu servers.  I really like Red Hat flavored package management but I really preferred CentOS.  It tended to be easier to work with and have a lot more packages available in the repositories without adding any more.  

I used Red Hat Enterprise Linux in super critical places where the users demanded a corporate support contract.  Over time, I came to find it constraining and it was quite a bit different than the CentOS I was using.

As for Oracle Linux, I used it for Oracle (of course).  Oracle Linux had an RPM that setup the Oracle DBMS environment (including kernel tuning).  It was just a lot easier and was almost identical in feel to CentOS (which I was very used to).  And then I discovered ULN (Unbreakable Linux Network) and KSplice!  Now I could leave my systems up even when patching the kernel.  Amazing!

So now I could use Oracle Linux where I used CentOS (and pay nothing!) or use Oracle Linux and pay for the hypervisor and get all VMs free and get KSplice live kernel patching.  RHEL did not offer this and wanted to charge a separate license for each VM.  (Plus, Red Hat really didn't seem focused on the small higher ed market).

CentOS to Oracle Linux

To convert CentOS to Oracle Linux was really, really easy.  Oracle has shell script: centos2ol.sh.

# curl -O https://linux.oracle.com/switch/centos2ol.sh 
# sh centos2ol.sh

Red Hat to Oracle Linux

To convert Red Hat, however, is quite a bit more steps but fairly easy as well. 

The first thing is to remove all of the Red Hat licensing. I shotgunned that with all of these commands:
  
# subscription-manager list --consumed
# subscription-manager remove --all
# subscription-manager config --rhsm.manage_repos=0
# subscription-manager list --consumed
# subscription-manager remove --serial=[insert serial number]


Next was a bit complicated since the default install did not have wget and was not in the default repository.  I used Perl and the Perl module LWP:

 #!/usr/bin/perl -w
use LWP::Simple;
getstore('https://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6','/etc/pki/rpm-gpg/RPM-GPG-KEY-oracle');
getstore('http://public-yum.oracle.com/public-yum-ol6.repo','/etc/yum.repos.d/public-yum-ol6.repo');
getstore('http://linux-update.oracle.com/rpms/ULN-CA-CERT','/usr/share/rhn/ULN-CA-CERT');

This worked nicely, not having wget, and I was ready to edit the configuration files.  First, note the following changes in /etc/yum.repos.d/public-yum-ol6.repo.

[ol6_u6_base]
name=Oracle Linux $releasever Update 6 installation media copy ($basearch)
baseurl=http://public-yum.oracle.com/repo/OracleLinux/OL6/6/base/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1   <<==== changed from 0 to 1

Do the same for _latest and _add_ons.

Now edit  /etc/sysconfig/rhn/up2date and change /usr/share/rhn/RHNS-CA-CERT to sslCACert=/usr/share/rhn/ULN-CA-CERT.  Also, change serverURL setting from https://xmlrpc.rhn.redhat.com/XMLRPC to https://linux-update.oracle.com/XMLRPC.

Now run:
# yum clean all && yum clean metadata && yum clean dbcache && yum makecache
# yum repolist
# yum list
# yum update
You will see:

[blah blah]...
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
Importing GPG key 0xEC551F03:
 Userid: "Oracle OSS group (Open Source Software group) "
 From  : /etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
Is this ok [y/N]: y
   ...
Replaced:
  redhat-logos.noarch 0:60.0.14-1.el6                                          

Complete!
Now reboot and then login and check it out!

#  cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.6 (Santiago)

But we really know it's: 

#  cat /etc/oracle-release
Oracle Linux Server release 6.6

 OPTIONAL

I really like EPEL so:

#  perl -MLWP::Simple -e "getstore('http://mirrors.cat.pdx.edu/epel/6/x86_64/epel-release-6-8.noarch.rpm','epel-release-6-8.noarch.rpm');"
(feel free to use wget if you've got it)

 QUESTIONS

Q: Will I have to relabel for SELinux?

No, I'm asking you.  Not sure, but so far so good so probably not or I'd have noticed an issue by now.

 BUGS

[Still trys to look to Red Hat but fails]
....
Loaded plugins: product-id, rhnplugin, subscription-manager
There was an error communicating with RHN.
RHN Satellite or RHN Classic support will be disabled.
Error communicating with server. The message was:
Sysid checksum is incorrect
Also, AFTER REBOOT, this annoying nag IF you didn't buy a subscription:

[root@oats ~]# yum update
Loaded plugins: product-id, rhnplugin, subscription-manager
There was an error communicating with ULN.
ULN support will be disabled.
Error communicating with server. The message was:
Sysid checksum is incorrect
Setting up Update Process
No Packages marked for Update

CONCLUSION

As you know, I like it.  I get to use Oracle Linux on the small one-offs for free and I have a half dozen systems that will enjoy KSplice - the rest get a basic subscription.  Well, that's my opinion (for now).

4 comments:

  1. I've added
    # yum clean all && yum clean metadata && yum clean dbcache && yum makecache
    BEFORE
    # yum repolist

    ReplyDelete
  2. Why have you done a reboot after yum update? Have you switched to UEK?

    ReplyDelete
  3. For RHEL7ish...
    perl -MLWP::Simple -e "getstore('http://mirrors.cat.pdx.edu/epel/7/x86_64/e/epel-release-7-8.noarch.rpm','epel-release-7-8.noarch.rpm');"

    ReplyDelete
  4. https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm

    ReplyDelete