Q. Should one mirror debian.security.org? Good or Bad Idea?
just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? walter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
On Tue, 9 Dec 2003, Walter Tautz wrote: just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? I have a similar situation and I do mirror security. Of course, in /etc/apt/sources.list I have both my mirror _and_ security.debian.org, so that if an update already made it into the mirror all computers get it from there, otherwise they _still_ get it from security. I also use a proxy, so that anyway updates get downloaded once even if they come from security and not from the local mirror. It requires a little bit of work to properly set it up (not much), but then it works like a charm. Bye Giacomo -- _ Giacomo Mulas [EMAIL PROTECTED] _ OSSERVATORIO ASTRONOMICO DI CAGLIARI Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA) Tel. (OAC): +39 070 71180 248 Fax : +39 070 71180 222 Tel. (UNICA): +39 070 675 4916 _ When the storms are raging around you, stay right where you are (Freddy Mercury) _ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
On Tue, Dec 09, 2003 at 11:45:22AM -0500, Walter Tautz wrote: just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? The Nov ?? Deb weekly news contained: Debian Package Caching. Jonathan Oxer [11]wrote about caching Debian packages in order to save bandwidth when updating or installing multiple Debian machines. The [12]apt-cacher utility was originally written by Nick Andrew to maintain two Debian systems over a slow modem connection. It runs as CGI program and only needs to be set up on one machine. 11. http://articles.linmagau.org/modules.php?op=modloadname=Sectionsfile=indexreq=viewarticleartid=451 12. http://packages.debian.org/apt-cacher Haven't tried it yet. Regards, // George -- GEORGE GEORGALIS, System Admin/Architectcell: 646-331-2027IXOYE Security Services, Web, Mail,mailto:[EMAIL PROTECTED] Multimedia, DB, DNS and Metrics. http://www.galis.org/george -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
On Tue, Dec 09, 2003 at 05:58:51PM +0100, Giacomo Mulas wrote: On Tue, 9 Dec 2003, Walter Tautz wrote: just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? I have a similar situation and I do mirror security. Of course, in /etc/apt/sources.list I have both my mirror _and_ security.debian.org, so that if an update already made it into the mirror all computers get it from there, otherwise they _still_ get it from security. I also use a proxy, so that anyway updates get downloaded once even if they come from security and not from the local mirror. It requires a little bit of work to properly set it up (not much), but then it works like a charm. On a cluster I run, and on my Debian machines at home, I have /var/cache/apt shared between the nodes with NFS. I haven't done anything about sharing package lists yet, so all the nodes have to apt-get update individually. I think this is non-optimal, because apt-get update writes /var/cache/apt/pkgcache.bin (and srcpkgcache.bin), so the contents of those files depends on which machine did the last apt-get update, and they don't all have the same things in their sources.list. (e.g. some have only sarge, some have stable+unstable, some don't have and deb-src lines.) Anyway, it seems to work, and packages only get downloaded once. I know that apt does enough locking that NFS sharing /var/cache/apt is safe. -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , des.ca) The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces! -- Plautus, 200 BC signature.asc Description: Digital signature
Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
On Tue, Dec 09, 2003 at 11:45:22AM -0500, Walter Tautz wrote: just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? The way that I do this is to setup a copy of squid and then make apt go via the proxy; this allows all the updated lists and deb's to be cached locally. You could do something similar with 'apt-cacher', or 'apt-proxy' without the need to do any explicit mirroring. Steve -- # Debian Security Audit Project http://www.steve.org.uk/Debian/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Q. Should one mirror debian.security.org? Good or Bad Idea?
just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? walter
Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
On Tue, 9 Dec 2003, Walter Tautz wrote: just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? I have a similar situation and I do mirror security. Of course, in /etc/apt/sources.list I have both my mirror _and_ security.debian.org, so that if an update already made it into the mirror all computers get it from there, otherwise they _still_ get it from security. I also use a proxy, so that anyway updates get downloaded once even if they come from security and not from the local mirror. It requires a little bit of work to properly set it up (not much), but then it works like a charm. Bye Giacomo -- _ Giacomo Mulas [EMAIL PROTECTED] _ OSSERVATORIO ASTRONOMICO DI CAGLIARI Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA) Tel. (OAC): +39 070 71180 248 Fax : +39 070 71180 222 Tel. (UNICA): +39 070 675 4916 _ When the storms are raging around you, stay right where you are (Freddy Mercury) _
Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
On Tue, Dec 09, 2003 at 11:45:22AM -0500, Walter Tautz wrote: just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? The Nov ?? Deb weekly news contained: Debian Package Caching. Jonathan Oxer [11]wrote about caching Debian packages in order to save bandwidth when updating or installing multiple Debian machines. The [12]apt-cacher utility was originally written by Nick Andrew to maintain two Debian systems over a slow modem connection. It runs as CGI program and only needs to be set up on one machine. 11. http://articles.linmagau.org/modules.php?op=modloadname=Sectionsfile=indexreq=viewarticleartid=451 12. http://packages.debian.org/apt-cacher Haven't tried it yet. Regards, // George -- GEORGE GEORGALIS, System Admin/Architectcell: 646-331-2027IXOYE Security Services, Web, Mail,mailto:[EMAIL PROTECTED] Multimedia, DB, DNS and Metrics. http://www.galis.org/george
Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
On Tue, Dec 09, 2003 at 05:58:51PM +0100, Giacomo Mulas wrote: On Tue, 9 Dec 2003, Walter Tautz wrote: just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? I have a similar situation and I do mirror security. Of course, in /etc/apt/sources.list I have both my mirror _and_ security.debian.org, so that if an update already made it into the mirror all computers get it from there, otherwise they _still_ get it from security. I also use a proxy, so that anyway updates get downloaded once even if they come from security and not from the local mirror. It requires a little bit of work to properly set it up (not much), but then it works like a charm. On a cluster I run, and on my Debian machines at home, I have /var/cache/apt shared between the nodes with NFS. I haven't done anything about sharing package lists yet, so all the nodes have to apt-get update individually. I think this is non-optimal, because apt-get update writes /var/cache/apt/pkgcache.bin (and srcpkgcache.bin), so the contents of those files depends on which machine did the last apt-get update, and they don't all have the same things in their sources.list. (e.g. some have only sarge, some have stable+unstable, some don't have and deb-src lines.) Anyway, it seems to work, and packages only get downloaded once. I know that apt does enough locking that NFS sharing /var/cache/apt is safe. -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , des.ca) The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces! -- Plautus, 200 BC signature.asc Description: Digital signature
Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
On Tue, Dec 09, 2003 at 11:45:22AM -0500, Walter Tautz wrote: just wondering if this would be a good idea. We currently have 80 machines that do an update once a day on this host so I think it may be a good idea to mirror the archive locally, say once a day via rsync? The way that I do this is to setup a copy of squid and then make apt go via the proxy; this allows all the updated lists and deb's to be cached locally. You could do something similar with 'apt-cacher', or 'apt-proxy' without the need to do any explicit mirroring. Steve -- # Debian Security Audit Project http://www.steve.org.uk/Debian/