Lionel’s blog

A friend of mine give me better rules for jesred. You can now browse the repository in the browser:

regex ^http://((.*)archive.ubuntu.com/ubuntu/(dists|pool)/.*(deb|bz2|Release|Release.gpg))$ http://apt-cacher:3142/\1
regex ^http://(security.ubuntu.com/ubuntu/(dists|pool)/.*(deb|bz2|Release|Release.gpg))$ http://apt-cacher:3142/\1

Thanks Jerôme!

• Leave a comment...

At work, I now have around 50 desktops running Ubuntu and around 40 servers (including customers machines) also running Ubuntu. As you can imagine, when you have a security update of X, this represents a lot of bandwith usage! Not to speak about Hardy upgrade! We started to look at different solutions to optimize our precious bandwith.

Some search gave:

• local mirror: huch… this is a bit too much for us
• squid usage: good, but you need to tweak too much your squid installation to keep your .deb inside the pool. And squid can make .deb expires even they are still valid.
• apt-proxy/apt-cacher/apt-cacher-ng: all looks good but… you have to modify your client configuration. As I am lazy, I don’t want to do that (and also, because I have mobile users who only want to use the cache when they are on the corporate network). Between the three, I chose apt-cacher, just based on some reading on the web… Other may be as good as apt-cacher!

We selected the association: squid + apt-cacher + jesred. Let’s have a look on each component:

• apt-cacher: .deb and Packages/Source cache. You can also import data from another source (for exemple from a cd-rom).
• squid: THE proxy, we use it as a transparent proxy in our case.
• jesred: rewrite squid URL and redirect access to the Ubuntu archive to apt-cacher.

The installation described below was made on a Ubuntu 8.04. The machine is a Xen virtual machine (I’ll talk about Xen another time ;-)). All the softwares are taken from Ubuntu repositories: squid beeing in main, other packages are in universe (ensure universe is enabled). Installation and configuration is really easy!

squid installation

# apt-get install squid

squid configuration

Edit /etc/squid.conf and add in ACL definititions:
acl mylan src 10.0.0.0/255.255.0.0

Allow traffic from you network:
http_access allow mylan

You can now test your squid. It should be operational.

apt-cacher installation

# apt-get install apt-cacher

I just changed the admin_email value in /etc/apt-cacher/apt-cacher.conf

As a quick test, set http_proxy env value and try to use apt. Everything should go throught the cache (check the logs).

jesred installation

# apt-get install jesred

jesred configuration

Edit /etc/jesred.acl to authorize your network (just add you lan at the end of the file).

Edit /etc/jesred.rules and add:
regex ^http://((.*)archive.ubuntu.com/ubuntu/(dists|pool)/.*)$    http://localhost:3142/\1
regex ^http://(security.ubuntu.com/ubuntu/(dists|pool)/.*)$    http://localhost:3142/\1

I have also added two aborts in order to use upgrade-manager:
abort .gpg
abort ReleaseAnnouncement

Last but not least, the glue between all the elements:

Edit /etc/squid.conf and add:
redirect_program /usr/lib/squid/jesred

Finished ! Now your squid redirect all requests to *archive.ubuntu.com and security.ubuntu.com to apt-cacher. Happy installation / upgrades!

• Leave a comment...

I guess everybody has already read it, but Ubuntu has released a new release : 8.04 (8 for 2008, 4 for april). Note that this release is a LTS release (Ubuntu and Ubuntu Server only, Kubuntu and orther derivates are not ong term surpport release). As a result, you can upgrade from Ubuntu 7.10 (aka Gutsy) and 6.06.2 (aka Dapper).

I run 8.04 on my laptop and on my personal servers for several months now, and it run quite well. This bug on Ubuntu Kernel made my life at work a bit more difficult, but it should hopefully be fixed in 8.04.1 (due july 3rd).

Now, it’s time to be intrepid!

• Leave a comment...

Yesterday I was talking about Ubuntu advertisings on youtube, today, there is an Ubuntu Server advertising on slashdot :

Canonical is pushing hard Ubuntu Server those days (a lot of cool specs have been written for hardy), and that’s a very good thing for the server platform!

• Leave a comment...

Gerry Carr (Canonical marketing manager) just announced on the Ubuntu marketing mailing list two advertisings for the Ubuntu Server edition. Some US business and IT-related websites show the videos. Here are the videos on youtube:

http://www.youtube.com/watch?v=vkMlCeDu-0c&feature=related
http://www.youtube.com/watch?v=F6L51uZjaZU&feature=related

See the complete announce.

• Leave a comment...

One of the thing I should have done on the 18th of october, is blogging about the new Ubuntu release : 7.10, codename Gutsy Gibbon. No need to make another list of new (great) features included in the release, I would like to talk about the server team.

During gutsy cycle, Canonical have hired a bunch of people for taking care of the server platform. The team has been growing (thanks to the community), and we are now 78 members. This team is working hard to make Ubuntu Server rocks (well, it’s already rocks, but rocks more). First results have reached gutsy, there will be more for hardy, the next Ubuntu release (due in April) which will be a LTS (Long Term Support, which for the server team means 5 years).

Lot of people have been asking “Why I should use Ubuntu as a server, Ubuntu is a desktop distro?”. I remember Adam Conrad saying about differences between Debian and Ubuntu as a server : “Release schedule, LTS releases, commercial support from Canonical, and a different logo”. From my experience, I think it is an excellent summary of the advantages of Ubuntu.

If you’re looking into contributing or if you want to help us, reporting bug is a good starting point!

• Leave a comment...

Yes, I know I should have blog more frequently during the past months. I have been really busy at work (do to company growing and growing). Well, I have migrated to the latest and greatest Wordpress release, updated my theme (the old one was broken during the upgrade), and better configured my blog : it is now host on the root of my website, permalinks are more understandable (thanks JB for his help).

• Leave a comment...

During Ubuntu Live in Portland, Canonical (the Ubuntu main sponsor) announced the availability of Landscape a tool for Canonical support customers.
This tool was designed to manage your IT infrastructure: all your servers/desktops/laptops are configurable through a web interface. The web interface also permit to get an inventory (hardware and software), to monitor them, etc. For a complete (and better) description visit the presentation page on Canonical website.
This tool appears to be the dreamed tool for the sysadmin I am. I have to confess that we have started a super-secret project for a similar tool. Well, that’s said, I also have to confess that landscape looks better than our tool right now…

• Leave a comment...

I have just discovered during the last days that MSN was filtering the content of the messages we sent. On his blog, Nion explains in details what’s going on. To make it brief, we can’t send anymore URL/mail addresses that ends with “.info”. Sadly, my domaines ends with… “.info”. I don’t use too much MSN, but that’s annoying…
For people who still use MSN, it’s time to move to a better alternative. Who said Jabber?

• Leave a comment...

Cendio has recently released in OpenSource a component called “seamlessrdp”. The difference with opening a session with rdesktop on a Windows server it that individual application is integrated in your environement.

You need two components : a component on the server side, another on the client side. On the client side, rdesktop superior to 1.5 get it.

For the server side, you will get details intructions on Cendio seammlessrdp webpage. It just consists in unzipping a zip somewhere on your Windows machine.

Here is the command line I use to launch Internet Explorer on a remote machine :

$ rdesktop -a 24 -A -s "c:\seamlessrdp\seamlessrdpshell.exe c:\program files\internet explorer\iexplore.exe" windows_server -u lionel -p -


Here is the result on my desktop :

• Leave a comment...