This site is now 100% read-only, and retired.

Question: Manage updates of more then one machine?

Posted by Anonymous on Wed 4 May 2005 at 07:49

Tags:

In my home network I have 2 Debian Sarge machines: one acting as a server (web, samba, cvs, etc), the other one as a client (KDE). To keep up with all updates I regularly perform 'aptitude update; aptitude upgrade'. Separately, for each machine.

So, many times I fetch updated package more then once over my internet connection.

It seems to me there must be a more economical way, so I am wondering how the pros, who manage many debian machines, do this.

Can I configure aptitude to look for the packages in a particular place in the network?

 

 


Re: Question: Manage updates of more then one mach
Posted by Steve (82.41.xx.xx) on Thu 5 May 2005 at 00:33
[ View Weblogs ]

There are two obvious solutions to this problem:Use a proxy server

Setup a caching proxy server with squid, and then point the second machine's apt configuration to it. Do this by adding the following to the file /etc/apt/apt.conf (creating it if necessary):

Acquire::http::Proxy "http://proxy.host.name:port/";
Acquire::ftp::Proxy "http://proxy.host.name:port/";
Use a tool

apt-proxy is designed to do this job.

Steve
-- Steve.org.uk

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (81.178.xx.xx) on Thu 5 May 2005 at 00:48
Another tool to cache the packages is apt-cacher and one to automatically download them is cron-apt.

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by eric (194.2.xx.xx) on Mon 9 May 2005 at 14:56
[ View Weblogs ]
Hi, managing some debian boxes at home&work, i rapidly became interested in this 'apt proxy tools', and i try apt-proxy, apt-cacher and approx.
And no one works ! (or better said : I can't figure out to make one of these works !)

- has anyone good feedback with these tools ?
- which one works well ?
- which version is recommended (eg : apt-proxy, i read somewhere that stable version 1.3 is recommended and not testing/unstable one (1.9)) ?

thanks everyone
and sorry for bad english ;-)

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (216.70.xx.xx) on Thu 19 May 2005 at 18:48
I setup a (noncaching) apache proxy which simply translates the requests to a static mirror destination via a local squid cache.

Advantages of using this method are:

1) users can use the "caching proxy mirror" like any other full mirror. i.e. no proxy settings required in the clients, and users can browse the mirror tree like they could a full mirror.

2) you don't have to run a public squid service, only an apache proxy.

3) clients won't "miss" files in the proxy cache because they weren't using the same mirror to fetch their packages.

4) it only downloads packages in real time as they are needed, and then they're cached for future requests (based on the size of your squid cache).

5) multiple "caching proxy mirrors" can be setup with just a few lines of apache config (i.e. other distros, etc)

(I also put an index.html in the DocumentRoot explaining how to use the mirror. -And don't forget to add a robots.txt to prevent search engines from trying to index your entire cache!)


  ServerName   debian.proxy.example.com
  DocumentRoot /var/www/debian.proxy.example.com
  NoCache *
  RewriteEngine on
  RewriteRule ^/debian-non-US(.*) http://non-us.debian.org/debian-non-US$1 [P]
  RewriteRule ^/debian-security(.*) http://security.debian.org/debian-security$1 [P]
  RewriteRule ^/debian(.*) http://ftp.us.debian.org/debian$1 [P]
  ProxyRemote * http://127.0.0.1:3128/  


-Thor Kooda

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (200.90.xx.xx) on Tue 16 Aug 2005 at 23:28
I think (I haven't done it... at least yet) that simply by exporting /var/cache/apt/archives on a nfs, when each machine runs:
"apt-get update"
updates it's own packages list
and when runs
"apt-get upgrade"
check if the package is allready downloaded, else get it.

REMEMBER: I guess this, not done it, I manage 4 computers and my ISP is so fast that upgrading takes about 6min each, so no need to, however, if somebody does this, and work, please let me know (posting here).

[ Parent ]

Re: Question: Manage updates of more then one machine?
Posted by Anonymous (209.149.xx.xx) on Thu 5 May 2005 at 01:52
Because I often manage a lot of machines in varied locations, I wrote up a little script to regularly check and notify me of updates.

You can find this script here: http://chris.quietlife.net/tmp/check-apt.txt

It depends on apt-listchanges (if you want to get the changes in the new packages).

It downloads the new updates, e-mails you the changes, but *does not* install them (since I'm lazy, not insane).

It still requires you to actually log in and do "apt-get upgrade" to actually install the packages.

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (12.155.xx.xx) on Thu 5 May 2005 at 02:54
Has anybody done this with regards to security, e.g. a script to check your currently installed package list against some security listing?

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Steve (82.41.xx.xx) on Thu 5 May 2005 at 03:23
[ View Weblogs ]

Yes, I wrote debian-updates specifically to test for Security updates.

It'll need adjusting post-Sarge probably, but it looks like the script posted earlier will work. Assuming that the apt.sources list only contains "stable" and "security" sections the only changes every night will be as a result of DSAs.

Steve
-- Steve.org.uk

[ Parent ]

Re: Question: Manage updates of more then one machine?
Posted by Anonymous (212.97.xx.xx) on Mon 9 May 2005 at 10:31
"Because I often manage a lot of machines in varied locations, I wrote up a little script to regularly check and notify me of updates."

I use cron-apt directly for this. It will only e-mail me when a box has pending upgrades (and will tell me what are they).

Then an apt-upgrade coupled with apt-listbugs output and there you go.

And it works properly on Sarge too!

[ Parent ]

Re: Question: Manage updates of more then one machine?
Posted by Anonymous (24.121.xx.xx) on Thu 5 May 2005 at 02:27
Along with this, does anyone have recommendations for "pushing" updates to clients?

[ Parent ]

Re: Question: Manage updates of more then one machine?
Posted by Anonymous (131.111.xx.xx) on Thu 5 May 2005 at 09:19

Another possibility - NFS mount /var/cache/apt so all machines share the same package cache.

Re. pushing updates to machines - I have a script which I run daily which sshes to each machine I administer in turn, and runs 'apt-get upgrade -u -y' on each. (It's probably not a good idea to run this automatically in case there are any configuration questions - in the past I've accidentally caused a database server to be down for several hours by not realising apt was asking me what to do about a changed config file...)

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Serge (213.119.xx.xx) on Thu 5 May 2005 at 13:03
[ View Weblogs ]
I have been struggling with finding out how exactly avoiding debconf to ask you questions (and assuming the defaults), but somehow didn't manage to find the right config.


I must be lazy or stupid :) Any hints?


--

Serge


[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (130.64.xx.xx) on Thu 5 May 2005 at 18:53
At the very least you want to do a "dpkg-reconfigure debconf" and set the priority to the highest setting. That'll get rid of most questions, but not necessarily all of them.

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Serge (213.119.xx.xx) on Thu 5 May 2005 at 19:11
[ View Weblogs ]
the priority to the highest setting. That'll get rid of most questions, but not necessarily all of them.

That must be what I'm experiencing, but then I still don't know what's missing or how this stuff works exactly.
I like to go deep on certain details :-)

--

Serge van Ginderachter


[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (83.194.xx.xx) on Fri 6 May 2005 at 16:54
You can use this kind of script:

#!/bin/sh
apt-get update
export DEBIAN_FRONTEND=noninteractive
yes '' | apt-get -y -o 'DPkg::Options={"--force-confdef";"--force-confold"};' upgrade
But not always a very good solution... Cheers Julien

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (68.63.xx.xx) on Mon 30 May 2005 at 23:42
set DEBIAN_FRONTEND=noninteractive
(you may want to check the spelling)

[ Parent ]

Re: Question: Manage updates of more then one machine?
Posted by Anonymous (63.109.xx.xx) on Thu 5 May 2005 at 17:55
I have a number of debian boxes on my home network. I have an apt-proxy setup on my file server to cut download time.
I also have a cron script on most of my machines:
apt-get update
apt-get upgrade -d -y
apt-get dist-upgrade -d -y

The key here is the -d this way it downloads the packages to each machine and I don't need to wait for the download when I manually do an upgrade later so that I can answer and configuration questions.

The other advantage of this is if I have a new machine I'm installing or a machine without the script. My apt-proxy is always kept up to date for the most common packages.


[ Parent ]

Re: Question: Manage updates of more then one machine?
Posted by Anonymous (62.252.xx.xx) on Fri 6 May 2005 at 12:59
Likewise for any of my systems, except I also modify /etc/cron-apt/config to use the MAILTO directive, and set the MAILON directive to "changes". This way, I get an email any time there are changes to the current state of upgrades to be installed.

Useful stuff :-)

[ Parent ]

Re: Question: Manage updates of more then one machine?
Posted by Anonymous (68.63.xx.xx) on Mon 30 May 2005 at 23:47
If you are going through the trouble to do nfs, you might as well get apt-move and set it up. It's a lot cleaner and easier to maintain than just sharing a cache. I update the machine with the most packages first, then apt-move update the mirror, then repeat the process for the other machines (and have deb file:/mirrors/debian at the top of your sources.list for this to pull from your mirror first.

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by fantomas (213.102.xx.xx) on Thu 5 May 2005 at 19:39
apt-move is the tool I prefer. From its description:

apt-move is used to move a collection of Debian package files into a proper archive hierarchy as is used in the official Debian archive.

Configuring it in the file /etc/apt-move.conf is not to hard.
After doing

$ apt-get upgrade

the command

$ apt-move update

puts the just downloaded archives in the archive directory specified in the configuration file.
This archive can be transferred (CDROM, rsync, NFS, ..) to other machines. On that machine you point apt-get to the archive directory, e.g., with the line

deb file:/home/pub/debian testing main contrib non-free

in /etc/apt/sources.list.
apt-move has also other useful options like "sync" which gets all the packages installed on the system into the archive hierarchy.

[ Parent ]

Re: Question: Manage updates of more then one machine?
Posted by Anonymous (80.58.xx.xx) on Fri 6 May 2005 at 10:59
What I'm doing is create a local mirror with the packages I install usually. To do that i have apt-move.

Configuring /etc/apt/sources.list pointing to local mirror (i.e. mounting NFS ), I only have to download once each .deb

[ Parent ]

Re: Question: Manage updates of more then one machine?
Posted by Anonymous (195.162.xx.xx) on Fri 6 May 2005 at 15:25

I have pretty much the same setup as you have, except that both machines are used as desktop. If the update is quite big, I just scp the package cache from one machine to the other. The package set isn't exactly the same, but that's not a problem if you clean the cache every once in a while.

There are many other methods, better methods, as mentioned in the other comments, but I like to keep it simple. For two machines I'm not going to install a proxy.

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (195.137.xx.xx) on Thu 12 May 2005 at 15:01
Thanks for all the response and good tips. I choose to install apt-cacher. This seems to work fine in my situation, I have tried it only once sofar. When I upgrade the client, a lot of packages seem to be fetched from the server (with apt-cacher installed). Unfortunately, I don't now how to force the generation of reports to verify its working...

Rgds, the anonymous question poser.

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (195.174.xx.xx) on Thu 19 May 2005 at 00:16
more then one machine -> more than one machine

[ Parent ]

Re: Question: Manage updates of more then one mach
Posted by Anonymous (195.137.xx.xx) on Thu 2 Jun 2005 at 09:06
Pardon my French...

[ Parent ]