Archive
«  
  »

Apt Proxy

imported from wiki, 17 February 2005

Apt-proxy is a simple program that caches downloaded Debian packages. By setting up multiple client computers to use the same apt-proxy, requested packages are only downloaded from the remote server once and cached. This decreases the load on the remote server and improves the speed with which the apt-proxy clients can get hold of the latest Debian packages! Like most network programs, apt-proxy uses the client and server model. In this case, the computer running apt-proxy is the server and the computers using the server as their source for updates and upgrades are clients.

Note that the current version of apt-proxy has known unfixed security bugs, and release-critical bugs, and will most likely not be making it into Debian sarge. You may want to consider apt-cacher, which performs much the same task as apt-proxy, but has a nicer architecture.

The Server Side

Installing apt-proxy

For Debian users, who are, let’s face it, the people most likely to be wanting to use apt-proxy, installing the software is as simple as: 

apt-get install apt-proxy

  • The apt-proxy package and a couple of dependencies will be downloaded and installed. Apt-proxy is started automatically on request by inetd so only configuration remains to be seen to. Also ensure that you have wget installed.

==== Configuring apt-proxy ====Apt-proxy is configured by editing the etc/apt-proxy/apt-proxy.conf file. Although perhaps a little daunting at first, it is quote straight-forward once you have got the hang of the rather strict syntax. It is worth having about four terminal windows open for this stage: One for the apt-proxy man page, one for the apt-proxy.conf man page, one showing a working /etc/apt/sources.list and finally one for editing /etc/apt-proxy/apt-proxy.conf itself.

  1. Backup the existing /etc/apt-proxy/apt-proxy.conf.

  2. Edit the /etc/apt-proxy/apt-proxy.conf to include sections relating to each server (or set of servers).

  3. Configure one section for each apt source in the working /etc/apt/sources.list. You may want to comment out the suggested sections and configure your own. This is covered in more detail below.

  4. There are additional parameters that are set at the end of the configuration file. For most people, the defaults should be fine.

For example, in the /etc/apt/sources.list shown further down the page, there are two different apt sources specified, one as the “main” location for binary and source packages, one as the location for “non-US” binary and source packages. So, two sections in /etc/apt-proxy/apt-proxy.conf would be needed, one for each of these apt sources. You may notice from the /etc/apt/sources.list below that two different mirrors have been used at different times. This is common when one mirror has gone off-line or fallen behind in synchronisation. Instead of editing the client’s /etc/apt/sources.list when this happens, you can instead specify in /etc/apt-proxy/apt-proxy.conf more than one mirror to be used. This allows apt-proxy to locate a working mirror without changing any configuration files on the client. (This is useful when mirror.ac.uk goes off-line!)

So, for example, the entry in /etc/apt-proxy/apt-proxy.conf for a server list referred to as “debian”, with two possible mirrors as upstream sources, could look like: 

add_backend /debian/                                        $APT_PROXY_CACHE/debian/                                    http://www.mirror.ac.uk/sites/ftp.debian.org/debian/        http://debian.blueyonder.co.uk/

Notes

  • The add_backend line specifies the “nickname” of the apt source that is used in the /etc/apt/sources.list on the clients.

  • The APT_PROXY_CACHE line determines which directory within /var/cache/apt-proxy the packages downloaded from that “backend” are stored.

  • You can add a number of alternative mirrors to use for a single apt source.
  • It is important to maintain the backslashes on all lines in the same section except the last. This means the section is interpretted as a single line by apt-proxy.

The Client Side

Configuring clients to use apt-proxy is simply a case of editing /etc/apt/sources.list, replacing the existing sources with lines referring to the apt-proxy instead. For convenience, simply comment out the existing lines in /etc/apt/sources.list rather than removing them. This allows the uncommented lines to be returned to active use if the client is removed from the network and unable to contact apt-proxy.

Essentially, instead of specifying the full URL for the relevant mirror, one replaces it with the URL of the apt-proxy. In this example the apt-proxy server is called holly, which should be DNS resolvable. By default, apt-proxy runs on port 9999, and this needs to be specified in the lines in /etc/apt/sources.list. This is followed by a suffix (e.g. debian), that matches the section in /etc/apt-proxy/apt-proxy.conf containing the mirror that was previously used by this line in the file. It might be helpful to think of the suffix as a “nickname” that tells apt-proxy which list of mirrors to use.

So, for example, the replacement for a mirror.ac.uk line in /etc/apt/sources.list for the apt-proxy as configured above would be http://holly:9999/debian. The “tags” at the end of the line should be left as they are, because they are passed to apt-proxy and used to determine which files and package lists should be downloaded. In this way the same apt-proxy installation can be used for stable and unstable systems.

An example /etc/apt/sources.list file could be: 

#deb http://mirror.ox.ac.uk/debian/ unstable main #deb http://debian.blueyonder.co.uk/ unstable main deb http://holly:9999/debian unstable main  #deb-src http://www.mirror.ac.uk/sites/ftp.debian.org/debian unstable main #deb-src http://debian.blueyonder.co.uk/ unstable main deb-src http://holly:9999/debian unstable main  #deb http://non-us.debian.org/debian-non-US unstable/non-US main deb http://holly:9999/debian-non-US unstable/non-US main  #deb-src http://non-us.debian.org/debian-non-US unstable/non-US main deb-src http://holly:9999/debian-non-US unstable/non-US main

Using apt-proxy

Once you have configured both the server and the clients for apt-proxy, you are ready to begin using it. On a client:

  1. Run apt-get clean. This will purge the existing downloaded packages and package lists.

  2. Run apt-get update. This will get the apt-proxy to download initial package lists as well as passing them onto the client. You should see from the displayed output that apt-get is now using the apt-proxy as its source rather than your old sources. 

Get:1 http://holly unstable/main Packages [2942kB] Hit http://holly unstable/main Release                                                                                                                                                    Get:2 http://holly unstable/main Sources [1154kB]                                                                                                                                         Hit http://holly unstable/main Release                                                                                                                                                    Hit http://holly unstable/non-US/main Packages                                                                                                                                            Hit http://holly unstable/non-US/main Release                                                                                                                                             Hit http://holly unstable/non-US/main Sources                                                                                                                                             Hit http://holly unstable/non-US/main Release                                                                                                                                             Fetched 4095kB in 11s (371kB/s)                                                                                                                                                           Reading Package Lists... Done
  1. You can now use apt-get to install or upgrade packages as normal. Downloaded packages will be cached on the apt-proxy for use by other clients.

Tricks and Gotchas

  1. Don’t run apt-proxy from the command line, because it will create the cache directories in /var/cache/apt-proxy with the permissions of the user running the program. When run by inetd, apt-proxy is run by the user aptproxy, so if you run the program as another user, you might screw up the permissions.

  2. If you have run apt-proxy as a user other than aptproxy you will need to check (and probably change) the ownership of all directories and files within /var/cache/apt-proxy and /var/log/apt-proxy.log. This can be done with:

chown -R root.root /var/cache/apt-proxy/

  1. Ensure you have sufficient hard disk space available for /var/cache/apt-proxy. Apt-proxy will purge cached packages automatically, but you may still need to store a few hundred megabytes of data in the cache.

  2. Apt-proxy has been known to cause issues with upgrading/dist-upgrading, since the cache is read before the package descriptors are fetched. If you get errors from apt/aptitude about this, comment out the lines for apt-proxy in /etc/apt/sources.list. Then 

apt-get update && aptitude upgrade

A typical error is: [[PreDepends]]: libblkid1 (>= 1.34-1) but it is not installable. It is worth nothing that this sample error message is not exclusive with the use of apt-proxy.

This page originally by: TonyWhitmore.

Category: Linux Hints

Leave a Reply