Aptly

From Wikitech
Jump to: navigation, search

Aptly is a simple debian repository management tool. It can be used for maintaining a simple, per-project debian repository.

Setting up

You need a packages server that'll host your packages, and then apply a role to all the instances in your project.

Server

Just apply the role role::aptly::server to any Debian Jessie (or Ubuntu Trusty, although that is not recommended) instance in your project. Since the server doesn't need much resources, it's ok to put this on a multi-purpose machine.

Client

You now need to point all the instances in your project to the aptly server instance. You can do this by editing your Hiera config (https://wikitech.wikimedia.org/wiki/Hiera:<projectname>to include:

classes:  
  - role::aptly::client

By default, they look for an instance named $projectname-packages (eg. tools-packages, ores-packages, etc). You can point his to any instance by setting:

role::aptly::client::servername to the name of the instance with role::aptly::server applied.

Adding Packages

Adding packages is fairly easy, once you've built them.

  1. ssh on to the aptly server instance
  2. Build your package
  3. do sudo aptly repo add <repo-name> <path-to-package>
  4. do sudo aptly publish --skip-signing update <repo-name>
  5. Tada!

<repo-name> is <distribution>-<projectname>, where distribution is the Debian distribution you are publishing packages for (jessie, trusty and precise are currently supported), and <projectname> is just the name of your project!

The full functionality documented at aptly.info is available. By default aptly is restricted to users with root only.

FAQ

What happens when the instance hosting the package dies?

Packages become unavailable. There's no failover mechanism for this at the moment. You can backup your /srv/aptly directory to NFS / other means if you wish. We do this for Tools (backup at /data/project/.system/aptly/).

In general, we do not have a backup solution for labs that does not involve NFS (yet). This should change in the near future.

Oops, I added two different builds of a universal package

The key to noticing this is file already exists and is different when trying to publish. Just remove one of the debs and then add the remaining one back for the other dist target.

$ sudo aptly publish --skip-signing update precise-tools
Loading packages...
Generating metadata files and linking package files...
ERROR: unable to publish: unable to process packages: error linking file to /srv/packages/public/pool/main/t/toollabs/jobutils_1.13_all.deb: file already exists and is different
$ sudo aptly repo remove precise-tools 'jobutils (1.13)'
Loading packages...
[-] jobutils_1.13_all removed
$ sudo aptly repo add precise-tools /srv/packages/pool/5d/da/jobutils_1.13_all.deb
Loading packages...
[+] jobutils_1.13_all added
$ sudo aptly publish --skip-signing update precise-tools
Loading packages...
Generating metadata files and linking package files...
Finalizing metadata files...
Cleaning up prefix "." components main...

Publish for local repo ./precise-tools [all, amd64] publishes {main: [precise-tools]} has been successfully updated.

Oops, I rm'd a file in the pool

Got trigger happy while trying to fix the different universal builds problem? Remove the metadata pointing the now removed file from the index.

$ sudo aptly publish --skip-signing update precise-tools
Loading packages...
Generating metadata files and linking package files...
ERROR: unable to publish: unable to process packages: stat /srv/packages/pool/90/5c/tools-manifest_0.6_all.deb: no such file or directory
$ sudo aptly repo remove precise-tools 'tools-manifest (0.6)'
Loading packages...
[-] tools-manifest_0.6_all removed
[-] tools-manifest_0.6_source removed
$ sudo aptly publish --skip-signing update precise-tools
Loading packages...
Generating metadata files and linking package files...
Finalizing metadata files...
Cleaning up prefix "." components main...

Publish for local repo ./precise-tools [all, amd64] publishes {main: [precise-tools]} has been successfully updated.