Monday, July 12, 2010

Speeding up your Updates with Ubuntu and APT Cacher NG

If you are in a building with more than one computer running Ubuntu, you may have wondered why everyone has to download updates separately. The answer is, they don't. Here's how to accomplish it with a tool called apt-cacher-ng.

apt-cacher-ng is a fork of a project called apt-cacher, which in turn is an alternative to apt-proxy which is poorly maintained and upon my testing, was unreliable.

Setting up the APT Cacher Server

Begin by installing apt-cacher-ng from Synaptic Package Manager, or from the Terminal with the following command:

sudo apt-get install apt-cacher-ng

By default, the version of apt-cacher included with Ubuntu does not currently include security updates. We can easily add the security updates in, however, by following these steps:

As root, create a new file called /etc/apt-cacher-ng/ubuntu_security

sudo nano /etc/apt-cacher-ng/ubuntu-security

This file will be a list of mirrors from which the updates may be downloaded. We only want to insert a single line, the location of Ubuntu's official security updates server:

Save and close the file.

Next, edit the file /etc/apt-cacher-ng/acng.conf

sudo nano /etc/apt-cacher-ng/acng.conf

While we're here, you will see a couple of lines like this:

# Set to 9999 to emulate apt-proxy

I recommend that you follow the instructions and set the port to 9999 to emulate apt-proxy. Not only will this make your server compatible with systems expecting an apt-proxy server, but it will also make the port number easier for you to remember.

Next, look for this section:

# Repository remapping. See manual for details.
# In this example, backends file is generated during package installation.
Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian
Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu
Remap-debvol: file:debvol_mirror*.gz /debian-volatile ; file:backends_debvol

We're going to add one more line at the end of this section to describe the Ubuntu Security repository that we are adding (make sure the following all goes on one line):

Remap-ubusec: file:ubuntu_security /ubuntu-security ;

Now, save changes to this file and restart the apt-cacher-ng service.

sudo service apt-cacher-ng restart

If all went well, the server is now working. No you may proceed to setting up the clients. I strongly recommend making the server into a client of its own apt-cacher, as there is no reason for that system to download the updates from the Internet twice.

Setting up an APT Cacher Client

The basic idea of how to set up a client is to change all the lines in /etc/apt/sources.list to point at the local apt-cacher-ng server instead of at the internet servers. I recommend taking an additional step first so that you can easily flex between different servers. We will create a hostname alias called "apt-cacher" that points at your apt-cacher-ng server so you can simply re-point the hostname whenever you want to switch servers.

sudo nano /etc/hosts

We will add our own entry just after these two lines: localhost your-computer-name

If the apt-cacher-ng server is running on the same computer which you are setting up as a client, its IP address will be, otherwise, you need to find (or set) the static LAN IP address for your server. I will assume it is in this example because that's what it is in our building here at CCC. The line you will add will look like this: apt-cacher

Save and close the hosts file.

Now we will replace the entries in the sources.list to point at the cacher:

sudo nano /etc/apt/sources.list

The easiest way to handle this will be a search and replace.

First, replace every instance of "" with "apt-cacher:9999" (no quotes on either) If you are using nano, this is accomplished by pressing Ctrl+W, Ctrl+R, then entering the search string and pressing enter, then entering the string to replace it with, and pressing enter again, then when prompted, press "A" for all.

Next, replace every instance of "" with "apt-cacher:9999/ubuntu-security" (no quotes on these, either.) If you are using nano, use the same steps as given above.

(In this example, we won't be handling the partner repository or any third party repositories which you might have installed.)

Save and close your sources.list. Your final sources.list if you are running Ubuntu 10.04 Lucid Lynx will look something like this:

# deb cdrom:[Ubuntu 10.04 LTS _Lucid Lynx_ - Release i386 (20100429)]/ lucid main restricted
# See for how to upgrade to
# newer versions of the distribution.

deb http://apt-cacher:9999/ubuntu/ lucid main restricted
deb-src http://apt-cacher:9999/ubuntu/ lucid main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://apt-cacher:9999/ubuntu/ lucid-updates main restricted
deb-src http://apt-cacher:9999/ubuntu/ lucid-updates main restricted

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://apt-cacher:9999/ubuntu/ lucid universe
deb-src http://apt-cacher:9999/ubuntu/ lucid universe
deb http://apt-cacher:9999/ubuntu/ lucid-updates universe
deb-src http://apt-cacher:9999/ubuntu/ lucid-updates universe

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://apt-cacher:9999/ubuntu/ lucid multiverse
deb-src http://apt-cacher:9999/ubuntu/ lucid multiverse
deb http://apt-cacher:9999/ubuntu/ lucid-updates multiverse
deb-src http://apt-cacher:9999/ubuntu/ lucid-updates multiverse
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb lucid partner
# deb-src lucid partner

deb http://apt-cacher:9999/ubuntu-security lucid-security main restricted
deb-src http://apt-cacher:9999/ubuntu-security lucid-security main restricted
deb http://apt-cacher:9999/ubuntu-security lucid-security universe
deb-src http://apt-cacher:9999/ubuntu-security lucid-security universe
deb http://apt-cacher:9999/ubuntu-security lucid-security multiverse
deb-src http://apt-cacher:9999/ubuntu-security lucid-security multiverse

After you have have saved your sources.list, run the following command:

sudo apt-get update

This will download the package index from the apt-cacher server. You should see lots of "Get" "Hit" and "Ign" lines coming from http://apt-cacher (and other lines for partner and 3rd party servers) if everything is working right. Remember that the update command will still be running at the normal speed because it has to fetch the indexes from the Internet every time to determine if the cache needs to download any new files. Also, the first time a given package is downloaded will still be at normal speed, as well.

To try it out, run sudo apt-get upgrade to download any available updated packages, or just install a new package of your choice. The apt-cacher should be functioning from the command line tools, from Update Manager, and from Synaptic Package Manager. Just remember not to adjust your repository checkboxes under the "Ubunto Software" tab in Synaptic's Settings:Repositories menu, because it no longer knows which repositories we've enabled (they are visible, however, on the "Other Software" tab, and you may adjust them there.)

How To Switch Locations

If you are using a laptop or netbook, you may appreciate the ability to quickly switch from one loication to another, and even to be able to download updates when you are not near your regular apt-cacher-ng server at all.

I have come up with a strategy to accomplish this. All you need to do (and you must do this while your current apt-cacher-ng server is accessible), is repeat the above steps for "Setting up the APT Cacher Server" on your local machine, then you can simply edit your /etc/hosts file and change the entry for apt-cacher to point at when you're on the run, or back to your server's IP when you are at home or work. Making that one line change will allow you to continue using all of the APT tools smoothly.

There is one disadvantage, especially for netbooks or devices with smaller hard drives, and that is that you will be storing two different caches on your hard drive for files which were downloaded while "on the go", one in the apt-cacher folder, and the other in the system's regular apt system cache under /var/cache/apt

Because of this, you may want to occasionally issue the command:

sudo apt-get clean

This will clean the system cache of installed packages out of /var/cache/apt, saving some disk space. This is generally a good idea to do on any Ubuntu system with disk space limitations, whether or not you are running apt-cacher-ng.

Also, if you ever need to delete the files under /var/cache/apt-cacher-ng, you may safely do so, and apt-cacher will download them again the next time they are needed.

Congratulations on successfully setting up apt-cacher-ng -- I hope! It has saved hours and hours of downloading here in our classroom.


Michael said...

This is great but what if your apt chacher ng server is not you laptop and you want to switch fast? I would make one of the lines in the host file point to
How could this be done so that you won't have to change the sourses.list?
We need to be able to point your computer to the apt server at apt-cacher and make it point to ubuntu server or your server when ever you want.

aleix said...

You can do it, through dnsmasq and apache proxy module...

Mkhumbiekanowa said...

I understand that apt-cacher-ng can handle multi-repo's from different distro's but how can I separate debian packages according to there distro's, I like to keep ISO's of them according to there distro.

Poncho said...

There are some mistakes in the redaction, you indicates in one step the creation of the file "ubuntu_security" and then you refer to this file as "ubuntu-security"(with hyphe instead of low hyphen).
Just a little detail :).