Mirrors

Anaconda Team Edition enables you to create a local copy of a repository so users can access approved software components from a centralized on-premise or cloud location.

Note

In order to mirror, you must first create a channel for your organization to use.

The mirror can be complete, partial, or include/exclude specific packages or types of packages based on CVE score, license type, and version. You can also create a mirror in an air-gapped environment, allowing access to approved packages and other artifacts without access to the larger internet.


Common use case of channel filtering with multiple mirrors configured to that channel:

You can set up multiple mirrors into a single channel of whatever artifacts you choose. Filters can be set at the channel level to apply to all mirrors of a channel, or at the mirror level to apply to specific mirrors.

For example, say you want to achieve the following mirroring goals:

  1. Prevent all packages with a GPL license from being mirrored

  2. Prevent a specific Windows package from getting into the channel

To achieve the first goal, you can exclude packages by all GPL License types via the channel editor. To achieve the second goal, you can create separate mirrors—perhaps one for each operating system—that filter by the subdirectory.


This topic provides guidance on the following actions:

Creating mirrors

To create a mirror, click the green Mirror button from any channel page.

../_images/mirrorbutton.png

You will be presented with the Create mirror page:

../_images/createmirror.png

Set the details, filters, and frequency you’d like, and then click Submit.

Active or passive mirroring

Mirroring can be either active or passive. An active mirror would clone channel artifacts with their binary content (files) and metadata. A passive mirror would only clone channel artifacts metadata, while the actual files would be fetched on demand (on first request).

Essentially, when you mirror actively, you’re really mirroring passively and manually going through and fetching files from the upstream channel.

Defining your external source and mirror type

Select the mirror Type that matches the external source channel. You can mirror Conda, PyPI, or CRAN.

Conda

Use http://repo.anaconda.com/pkgs/main as the external source channel for conda type.

../_images/condatype.png

PyPI

Use https://pypi.org/ as the external source channel for PyPI (python_simple) type.

../_images/pypitype.png

CRAN

Use https://cran.r-project.org/ as the external source channel for CRAN type.

../_images/crantype.png

Mirroring filters

CVE filters

On the Edit mirror page, you have the ability to limit the files being mirrored based on their CVE score. Use the cell labeled CVE score to set the maximum CVE score you’re willing to mirror. Ensure the box to the left is checked.

You also have the ability to omit files that have not gone through Anaconda’s curation process. If this box is checked, packages with at least one Reported CVE will not be mirrored. If this box is left unchecked, those packages will be mirrored regardless. This filter applies only to active mirroring.

../_images/cvefilter.png

Package filters

You can filter which packages will be included in a mirror in the Package Filters section on the Edit mirror page. Include and exclude by package name and license type.

../_images/packagefilter.png

Filter packages By License Type to include or exclude them from your mirror. See License types for more details on licenses.

Tip

When limiting the mirror to specific architecture, it’s a good idea to include the noarch package type to ensure that cross-platform packages are included. For example, if you have no need for Windows compatible packages, you would include win-32, win-64, and noarch package types.

Date range filters

You can also filter packages by the date the package was modified on the source site.

../_images/daterange.png

View channel filters

Click the View Channel Filters button at the bottom of the Package Filters section on the Edit mirror page to view the filters applied to all mirrors within the channel.

../_images/viewchanbutton.png

Mirror frequency

You can modify how frequently a channel is mirrored at the bottom of the Edit mirror page. You can also run the mirror immediately by checking the box beside Run Now.

Custom mirroring frequency expressions are written in cron syntax. you can use https://crontab.guru to learn about and validate cron expressions.

Warning

Mirroring large channels, such as anaconda repository main for conda-forge, can take several hours. It is not recommended to set a frequency higher than daily due to mirror collision between current and updating mirror.

../_images/mirrorfrequency.png

Note

Even if you want to run the mirror immediately by selecting the Run Now checkbox, you still need to set a frequency for how often you would like the channel updated to reflect the current state of the mirrored repository.

Editing mirrors

Click the three dots on a mirror, and then click Edit.

../_images/editmirrorbutton.png

You will be presented with the Edit mirror page:

../_images/editmirror.png

Make the changes you’d like implemented, and then click Submit.

Edit mirror frequency

You can modify how frequently a channel is mirrored at the bottom of the Edit mirror page. You can also run the mirror immediately by checking the box beside Run Now.

Custom mirroring frequency expressions are written in cron syntax. you can use https://crontab.guru to learn about and validate cron expressions.

Warning

Mirroring large channels, such as anaconda repository main for conda-forge, can take several hours. It is not recommended to set a frequency higher than daily due to mirror collision between current and updating mirror.

../_images/mirrorfrequency.png

Viewing mirror history

You can view the history of mirrors you have created by clicking the History tab in a channel.

On the History page, you will see the following possible states for mirroring:

  • completed

  • failed

  • pending

  • running

../_images/mirrorhistory.png

Viewing CVEs by channel

On a channel page, click the CVEs tab to view the CVEs within that channel.

Note

The number located on the CVEs tab itself represents the number of CVEs that match packages in your channel, not the full collection of CVEs maintained by Team Edition.

../_images/cvebychannel.png

Viewing CVEs by package

Click on a package to view its details. Under the Files tab, you can see the CVE score and the number of associated CVEs for each package listed. If you click on that number, you can then access all associated CVEs for greater detail.

The score displayed in the Score column represents the highest score of the associated Active and Reported CVEs. If no Active or Reported CVEs are found, the maximum score for Cleared, Disputed, and Mitigated CVEs is diplayed instead.

../_images/cvebypackage.png