Koji RPM Build System Installation Part 4
Lets see what we have running so far by the last articles of this series:
- Postgresql DB
- Koji-Hub
- Koji CLI
- Koji-Web
Thats all nice but useless unless we add something that actually does all the work, the actual RPM building…
Kojid
Kojid, also called Koji-Builder, is the service that takes care of building your SRPM and RPMs. You can have dozens of builders, each on their own host, if you need to build alot of RPM. Fedoras own Koji instance is using around 50-60 build hosts ! So lets get started
Now we need to generate another SSL certificate
./certgen.sh kojid #OU/CN=kojid
Then in /etc/kojid/kojid.conf set
user=kojid.example.com
server=http://koji.example.com/kojihub
workdir=/tmp/koji
topurl=http://koji.example.com/kojifiles
;client certificate
cert = /etc/pki/koji/kojid.pem
;certificate of the CA that issued the client certificate
ca = /etc/pki/koji/koji_ca_cert.crt
;certificate of the CA that issued the HTTP server certificate
serverca = /etc/pki/koji/koji_ca_cert.crt
Now we need to add this build host to Koji. Its the same procedure for every build-host you will add in the future.
#you can name the builder whatever you want, e.g. kojid-1, koji.example.com, its only a name
#you can add any architectures you want this builder to handle, e.g x86_64, i368, ppc, armhfp, ppc64
koji add-host kojid.example.com x86_64 i386
koji add-host-to-channel kojid createrepo
service kojid start
Now your new builder should show up in Koji-Web under “Hosts” Tab. If its shown as “not ready”, then check your logs in /var/logs/kojid.log
Kojira
Next and last service we need to setup is Kojira. Its a janitor service that cleans up your old repos and creates new ones whenever you build a RPM.
And again a SSL certificate (you love that generation script by now, dont you?)
./certgen.sh kojira #OU/CN=kojira
And in /etc/kojira/kojira.conf set
;client certificate
cert = /etc/pki/koji/kojira.pem
;certificate of the CA that issued the client certificate
ca = /etc/pki/koji/koji_ca_cert.crt
;certificate of the CA that issued the HTTP server certificate
serverca = /etc/pki/koji/koji_ca_cert.crt
Finishing steps
koji add-user kojira
koji grant-permission repo kojira
service kojira start
That was it for installing and setting up Koji and all its components. In the next article I will go over the initial configuration of Koji and security aspects like iptables and SELinux.
Hey,
Thank you so much for your instructive articles. Why did you stop at this point? Are you planning to continue the series? Could you suggest some links or tips on how to configure koji further (that is adding git repos, adding source rpm/srpm repos, etc)?
Kind regards,
Tomasz K.
I got distracted with other things and peoples interest in Koji wasnt that big. However I still have some more text and info somewhere. I’ll turn it into an article this week.
Edit: Just to make sure, you did see http://www.devops-blog.net/koji/koji-rpm-build-system-configuration-and-usage ?
That would be awesome. There aren’t many resources about koji around. I’m especially interested in adding git repo with sources and spec files, so that koji could use them to build an rpm, and then (using mash) create a yum repo. It is strange that folks aren’t interested in koji, since automation is now very hot topic.
Thanks for the link. I’ve missed that.
BTW. Do you know if it is possible with koji to add CentOS binary rpms yum repository and use it to build my own packages and to create my own yum repository including both CentOS rpms and my rpms? Do you have any tips how to configure that?
If I get you correct, that is how Koji actually works: You add external repos like CentOS, EPEL.. to your build channel(s) so dependencies can be resolved. Then you can build any RPM, either 3-rd party or your very own.
The repo/folder structure they end up in cant be used directly by yum. However there is inherent tool “mash” that turns/copies all RPMs to a real yum-able structure.
Ow. I thought koji has to use SRPMS (of complete distribution), I haven’t been aware that it can use yum repo with binary RPMs. That is very interesting. Thank you very much for help.