Configuring Ksplice Uptrack Clients for Offline Mode

Before configuring an offline client, you must set up a local ULN mirror that can act as a Ksplice mirror. See Configuring a Local Ksplice Mirror for the Offline Client for more information.

The offline Ksplice client eliminates the need for having a server on an intranet that has a direct connection to the Oracle Uptrack server. Also, a Ksplice offline client doesn't require a network connection to apply the update package to the kernel. For example, you could use the dnf command to install the update package directly from a memory stick. For more information about running Ksplice offline, see About Ksplice Offline Mode.

The following procedure describes how to configure the Ksplice Uptrack client for offline mode.

Note:

This procedure uses the dnf command to describe many package management actions. On releases earlier than Oracle Linux 8, substitute the commands with the appropriate yum commands.

1. Import the GPG key.

   sudo rpm --import /usr/share/rhn/RPM-GPG-KEY

2. Disable existing yum repositories in /etc/yum.repos.d.

   You can either edit any existing repository files and disable all the entries by setting enabled=0; or, you can use dnf config-manager, for example:

   sudo dnf config-manager --disable \*

   Or, you can rename any of the files in this directory so that they don't use the .repo suffix. This change causes the dnf command to ignore these entries, as shown in the following example:

   cd /etc/yum.repos.d
   for i in *.repo; do mv $i $i.disabled; done

3. Create a local-yum.repo configuration for the system to use the local ULN mirror.

   In the /etc/yum.repos.d directory, create the local-yum.repo file, which contains entries such as the following for an Oracle Linux 9 yum client:

   [local_ol9_x86_64_ksplice]
   name=Ksplice for Oracle Linux $releasever - $basearch
   baseurl=http://local_uln_mirror/yum/OracleLinux/OL9/ksplice/$basearch/
   gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
   gpgcheck=1
   enabled=1
   
   [local_ol9_baseos_latest]
   name=Oracle Linux 9 BaseOS Latest ($basearch)  
   baseurl=http://local_uln_mirror/yum/OracleLinux/OL9/baseos/latest/$basearch/
   gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
   gpgcheck=1
   enabled=1
   
   [local_ol9_appstream]
   name=Oracle Linux 9 Application Stream Packages ($basearch) 
   baseurl=http://local_uln_mirror/yum/OracleLinux/OL9/appstream/$basearch/
   gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
   gpgcheck=1
   enabled=1
   
   [local_ol9_addons]
   name=Oracle Linux $releasever - $basearch - addons
   baseurl=http://local_uln_mirror/yum/OracleLinux/OL9/addons/$basearch/
   gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
   gpgcheck=1
   enabled=1

   • Replace local_uln_mirror with the IP address or resolvable host name of the local ULN mirror.

   • To distinguish the local repositories from the ULN repositories, optionally prefix the labels for each entry with a string such as local_.

   • The example configuration enables the local_ol9_x86_64_ksplice, local_ol9_baseos_latest, local_ol9_appstream, and local_ol9_addons channels.

   • Note:

     The Ksplice offline client package is unable to install user space updates, so don't enable any *_userspace_ksplice channels unless you intend to use the offline version of the Ksplice Enhanced client.

4. Install the Ksplice offline client package.

   sudo dnf -y install uptrack-offline

5. Test the configuration.

   1. Clear the yum metadata cache.

      sudo dnf clean metadata

   2. Verify the configuration.

      sudo dnf repolist

      If the dnf commands can't connect to the local ULN mirror, check that the firewall settings on the local ULN mirror server allow incoming TCP connections to the HTTP port (port 80).

6. Install the Ksplice updates that are available for the kernel.

   sudo dnf -y install uptrack-updates-$(uname -r)

   As new Ksplice updates are made available, use the same command to pick up and apply these updates.

   Consider creating a systemd service unit to install the correct uptrack updates for the running kernel at boot time and a timer unit to run the service daily. The following procedure describes how to set up such a service and enable it.

   1. Create a systemd service unit configuration file.

      Create a systemd unit file at /etc/systemd/system/uptrack-update-packages.service, to include the following configuration:

      [Unit]
      Description=Update uptrack updates for running kernel
      After=network-online.target
      Wants=network-online.target
       
      [Service]
      Type=oneshot
      ExecStart=/bin/bash -c 'dnf -y install uptrack-updates-$(uname -r)'

      The unit file starts after the network is online, so that the dnf command can run and complete.

   2. Create a systemd timer unit configuration file.
      Create a systemd unit file at /etc/systemd/system/uptrack-update-packages.timer, to include the following configuration:

      [Unit]
      Description=Timer unit to update uptrack updates for running kernel
      
      [Timer]
      OnUnitActiveSec=1d
      RandomizedDelaySec=10min
      Persistent=true
      
      [Install]
      WantedBy=timers.target

      This unit runs the service at boot and then runs daily, thereafter. The service must run daily, because uptrack-update packages are only released for the kernel when uptrack updates are available.
   3. Reload the systemd daemon to recognize the new service.

      sudo systemctl daemon-reload

   4. Enable and run the new systemd timer.

      sudo systemctl enable --now uptrack-update-packages.timer

      Note that the service might return an error similar to the following, until an uptrack-update package becomes available:

      systemd[1]: Failed to start Update uptrack updates for running kernel.

To display information about Ksplice updates, use the rpm -qa | grep uptrack-updates and uptrack-show commands.