Red Hat Enterprise Linux operating systems usually require that you download some linux package dependencies in order to install features and baseline system applications. This can be a little tricky when you are running your VMs in an airgapped environment with limited or no internet access.

The recommended approach is to install Redhat Satellite. Satellite is a content library, external integration and subscription management solution that you can deploy which dramatically makes operations a lot easier for airgapped systems, especially at scale.

But there might be times were you do might have a special use case, such as only having a handful of RHEL systems to manage where deploying a system like Satellite might not be necessary. In this case, setting up a Local Yum/DNF Repository will be sufficient. In this setup, a VM is deployed as the Airgap/LocalRepo, and then client machines residing in the secure domain/zone that do not have internet access will "subscribe" to that Airgap server and can download required applications from the repositories.

In the following example, I am deploying an Airgap server on vSphere 7 with NSX-T. I have deployed 8.4 due to a special requirement in my environment. Insure that DFW and GWF firewall rules are open and configured in NSX-T in order to insure network access be

1.) Install RHEL8 in vCenter

Create a new VM with vCenter. I used the "rhel-8.4-x86_64-dvd" ISO image. Give it 2CPUs, 16GB Memory and a 300GB disk.

2.) Configure OS

After deploying the VM, power it on and configure the OS. Insure that the / rhel-root storage partition has at least 200GB of space. Configure your network settings and other customization. Click Begin Installation to compete the process.

3.) Configure Proxy Access

Log into the VM, perform the following operations.

sudo vi /etc/profile

PROXY_URL="http://YOUR_PROXY:PORT/"

export http_proxy="http://YOUR_PROXY:PORT/"
export https_proxy="http://YOUR_PROXY:PORT/"
export ftp_proxy="http://YOUR_PROXY:PORT/"
export no_proxy="127.0.0.1,localhost"

Expose Proxy to system:

proxy=http://YOUR_PROXY:PORT
export http_proxy=http://YOUR_PROXY:PORT

Test proxy functionality:

curl --proxy "http://YOUR_PROXY:PORT" https://google.com

4.) Configure OS Firewall

firewall-cmd --zone=public --permanent --add-service=http
firewall-cmd --zone=public --permanent --add-service=https
firewall-cmd --reload

5.) Configure RHEL Subscription Registration

sudo subscription-manager register --username USERNAME --password PASSWORD --auto-attach

######### TAKE SNAPSHOT OF AIRGAP SERVER IN VCENTER#########

6.) Deploy NGINX

dnf update
dnf install nginx
systemctl start nginx
systemctl enable nginx
systemctl status nginx

Test nginx by going to http://YOUR_AIRGAP_IP

7.) Create Local Repo

Download yum-utils and create repo folder location:

yum install yum-utils createrepo
mkdir -p /var/www/html/repos
yum repolist all

Sync desired repo to our local directory:

reposync -p /var/www/html/repos --download-metadata --repo=codeready-builder-for-rhel-8-x86_64-rpms

8.) Configure NGINX

vi /etc/nginx/nginx.conf

Add the following under location:

        location / {
                allow all;
                sendfile on;
                sendfile_max_chunk 1m;
                autoindex on;
                autoindex_exact_size off;
                autoindex_format html;
                autoindex_localtime on;

Restart nginx:

systemctl restart nginx
systemctl status nginx

Test nginx by going to http://YOUR_AIRGAP_IP. A list of downloaded repositories should be displayed:

8.) Configure Client

On the client side, configure access towards the Airgap server.

sudo vi /etc/yum.repos.d/local.repo 

Add the following to the file:

[LocalRepo_BaseOS]
name=rhel-8-for-x86_64-baseos-rpms
enabled=1
gpgcheck=0
baseurl=http://YOUR_AIRGAP_VM_IP/rhel-8-for-x86_64-baseos-rpms/

[LocalRepo_Supplementary]
name=rhel-8-for-x86_64-supplementary-rpms
enabled=1
gpgcheck=0
baseurl=http://YOUR_AIRGAP_VM_IP/rhel-8-for-x86_64-supplementary-rpms/

[LocalRepo_AppStream]
name=rhel-8-for-x86_64-appstream-rpms
enabled=1
gpgcheck=0
baseurl=http://YOUR_AIRGAP_VM_IP/rhel-8-for-x86_64-appstream-rpms

Test repo reachability:

yum clean all
yum repolist all 
dnf repolist  -v

Test package download (from client):

######### DELETE SNAPSHOT OF AIRGAP SERVER IN VCENTER#########

######### Deployment completed#########