Ubuntu APT package caching with a proxy server
Q We've been using Ubuntu 8.04 for computer learning in the community. I want to set up an Ubuntu update server that will be used by 30 client machines. This server updates the packages, and these packages should be available for all the Ubuntu clients and servers in the network so that none of the other machines need to go on the internet and use my limited bandwidth. If a client machine needs a package it should look for it in the local server, and if it's not there the server should download it from the internet and serve it to the client, keeping a copy in case other clients need the same package. Then I can be sure that any packages get downloaded only once, which should save time as well as bandwidth.
A What you're looking for is known as a caching proxy server. These are commonly used by intranets and ISPs to reduce bandwidth requirements. The individual web browsers, or any other applications, request the files from the proxy, which downloads it, sends a copy to the program requesting it and keeps a copy for the next time that object is requested. The most popular open source proxy server is Squid (www.squid-cache.org), but this would be overkill for your needs. There are a number of lightweight proxy servers designed specifically for caching packages for Debian based distros, including Ubuntu. At least four of these are included in the standard Ubuntu repositories, one of which is apt-cacher. You only have to install this on the server (the computer that will be acting as the cache).
Once you've installed apt-cacher, there are a few settings in the config file at /etc/apt-cacher/apt-cacher.conf that you'll need to change. The first is cache_dir, which is where apt-cacher stores the files it downloads. Make sure this points somewhere with a lot of space, if possible using a separate filesystem so that it won't affect your system if it fills up. The next settings you'll need to change are allowed_hosts and denied_hosts, which control the computers that are allowed to connect. In most cases, you want all computers on your LAN to have access and no others, so you can leave denied_hosts empty and set allowed_hosts to the address range of your LAN. This can be either a network address and mask or a pair of addresses defining the range, for example
Read through the comments in the file, but you can leave the rest of the settings at their defaults to start with. Now edit /etc/default/apt-cacher and set AUTOSTART to 1, so the server starts each time you boot. Once the configuration is set up, reload the server with
sudo /etc/init.d/apt-cacher restart
Now you need to set up each of your computers to get their packages through
apt-cacher, starting with the server running it. Create a file in /etc/apt/conf.d, say /etc/apt/apt-conf.d/10apt-cacher, containing this line
Repeat this process on the other machines, but use the IP address of the server instead of 127.0.0.1. Try installing a package or two on one of the computers, then look in the packages directory under cache_dir and you should see the Deb files there. Install the same packages on another computer and you will see almost instant download times.
- Restricting web access with a proxy server
- Force all web traffic to go through a proxy server
- Block attempts to use Apache as a proxy server
- Sync NTP server at specific times
- When NFS server is rebooted, clients need to be rebooted too