X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=pve-package-repos.adoc;h=3c28a88efc39a97a3981739befd65424afbab119;hb=60ed554faca57ba18f1b199a4f90c5578f88d91c;hp=61bfbecedb76c60ebe245d2dbc8de1d19367873a;hpb=65647b07977927ade109e116322cc1dc00e6445a;p=pve-docs.git diff --git a/pve-package-repos.adoc b/pve-package-repos.adoc index 61bfbec..3c28a88 100644 --- a/pve-package-repos.adoc +++ b/pve-package-repos.adoc @@ -1,86 +1,319 @@ +[[sysadmin_package_repositories]] Package Repositories -------------------- +ifdef::wiki[] +:pve-toplevel: +endif::wiki[] -All Debian based systems use -http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as package -management tool. The list of repositories is defined in -'/etc/apt/sources.list' and '.list' files found inside -'/etc/apt/sources.d/'. Updates can be installed directly using -'apt-get', or via the GUI. +{pve} uses http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as its +package management tool like any other Debian-based system. Repositories are +defined in the file `/etc/apt/sources.list` and in `.list` files placed in +`/etc/apt/sources.list.d/`. -Apt 'sources.list' files list one package repository per line, with -the most preferred source listed first. Empty lines are ignored, and a -'#' character anywhere on a line marks the remainder of that line as a -comment. The information available from the configured sources is -acquired by 'apt-get update'. +Each line defines a package repository. The preferred source must come first. +Empty lines are ignored. A `#` character anywhere on a line marks the remainder +of that line as a comment. The available packages from a repository are acquired +by running `apt-get update`. Updates can be installed directly using `apt-get`, +or via the GUI. -.File '/etc/apt/sources.list' +.File `/etc/apt/sources.list` ---- -deb http://ftp.debian.org/debian jessie main contrib +deb http://ftp.debian.org/debian buster main contrib +deb http://ftp.debian.org/debian buster-updates main contrib # security updates -deb http://security.debian.org jessie/updates main contrib +deb http://security.debian.org/debian-security buster/updates main contrib ---- +// FIXME for 7.0: change security update suite to bullseye-security -In addition, {pve} provides three different package repositories. +{pve} additionally provides three different package repositories. +[[sysadmin_enterprise_repo]] {pve} Enterprise Repository ~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This is the default, stable and recommended repository, available for -all {pve} subscription users. It contains the most stable packages, -and is suitable for production use. You need a valid subscription key -to access this repository. The `pve-enterprise` repository is enabled -by default: +This is the default, stable, and recommended repository, available for all {pve} +subscription users. It contains the most stable packages and is suitable for +production use. The `pve-enterprise` repository is enabled by default: -.File '/etc/apt/sources.list.d/pve-enterprise.list' +.File `/etc/apt/sources.list.d/pve-enterprise.list` ---- -deb https://enterprise.proxmox.com/debian jessie pve-enterprise +deb https://enterprise.proxmox.com/debian/pve buster pve-enterprise ---- -NOTE: You can disable this repository by commenting out the above line -using a '#' (at the start of the line). This prevents error messages -if you do not have a subscription key. Please configure the -`pve-no-subscription` repository in that case. +The `root@pam` user is notified via email about available updates. Click the +'Changelog' button in the GUI to see more details about the selected update. + +You need a valid subscription key to access the `pve-enterprise` repository. +Different support levels are available. Further details can be found at +https://www.proxmox.com/en/proxmox-ve/pricing. -As soon as updates are available, the `root@pam` user is notified via -email about the available new packages. On the GUI, the change-log of -each package can be viewed (if available), showing all details of the -update. So you will never miss important security fixes. +NOTE: You can disable this repository by commenting out the above line using a +`#` (at the start of the line). This prevents error messages if you do not have +a subscription key. Please configure the `pve-no-subscription` repository in +that case. +[[sysadmin_no_subscription_repo]] {pve} No-Subscription Repository ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -As the name suggests, you do not need a subscription key to access -this repository. It can be used for testing and non-production -use. Its not recommended to run on production servers, as these -packages are not always heavily tested and validated. +This is the recommended repository for testing and non-production use. Its +packages are not as heavily tested and validated. You don't need a subscription key +to access the `pve-no-subscription` repository. -We recommend to configure this repository in '/etc/apt/sources.list'. +We recommend to configure this repository in `/etc/apt/sources.list`. -.File '/etc/apt/sources.list' +.File `/etc/apt/sources.list` ---- -deb http://ftp.debian.org/debian jessie main contrib +deb http://ftp.debian.org/debian buster main contrib +deb http://ftp.debian.org/debian buster-updates main contrib # PVE pve-no-subscription repository provided by proxmox.com, # NOT recommended for production use -deb http://download.proxmox.com/debian jessie pve-no-subscription +deb http://download.proxmox.com/debian/pve buster pve-no-subscription # security updates -deb http://security.debian.org jessie/updates main contrib +deb http://security.debian.org/debian-security buster/updates main contrib ---- - + +[[sysadmin_test_repo]] {pve} Test Repository ~~~~~~~~~~~~~~~~~~~~~~ -Finally, there is a repository called `pvetest`. This one contains the -latest packages and is heavily used by developers to test new -features. As usual, you can configure this using -'/etc/apt/sources.list' by adding the following line: +This repository contains the latest packages and is primarily used by developers +to test new features. To configure it, add the following line to +`etc/apt/sources.list`: .sources.list entry for `pvetest` ---- +deb http://download.proxmox.com/debian/pve buster pvetest +---- + +WARNING: The `pvetest` repository should (as the name implies) only be used for +testing new features or bug fixes. + +[[sysadmin_package_repositories_ceph]] +Ceph Octopus Repository +~~~~~~~~~~~~~~~~~~~~~~~ + +NOTE: Ceph Octopus (15.2) was declared stable with {pve} 6.3 and is the most +recent Ceph release supported. It will continue to get updates for the +xref:faq-support-table[remaining life time of the 6.x release]. + +This repository holds the main {pve} Ceph Octopus packages. They are suitable +for production. Use this repository if you run the Ceph client or a full Ceph +cluster on {pve}. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-octopus buster main +---- + + +Ceph Octopus Test Repository +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This Ceph repository contains the Ceph packages before they are moved to the +main repository. It is used to test new Ceph releases on {pve}. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-octopus buster test +---- + +Ceph Nautilus Repository +~~~~~~~~~~~~~~~~~~~~~~~~ + +NOTE: Ceph Nautlius (14.2) is the older supported Ceph version, introduced with +{pve} 6.0. It will continue to get updates until end of Q2 2021, so you will +eventually need to +https://pve.proxmox.com/wiki/Ceph_Nautilus_to_Octopus[upgrade to Ceph Octopus]. + +This repository holds the main {pve} Ceph Nautilus packages. They are suitable +for production. Use this repository if you run the Ceph client or a full Ceph +cluster on {pve}. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-nautilus buster main +---- + + +Ceph Nautilus Test Repository +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This Ceph repository contains the Ceph packages before they are moved to the +main repository. It is used to test new Ceph releases on {pve}. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-nautilus buster test +---- + +{pve} Ceph Luminous Repository For Upgrade +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +If Ceph is deployed this repository is needed for the upgrade from {pve} 5.x to +{pve} 6.0. It provides packages for the older Ceph Luminous release for {pve} +6.0. + +The https://pve.proxmox.com/wiki/Upgrade_from_5.x_to_6.0[Upgrade 5.x to 6.0] +document explains how to use this repository in detail. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-luminous buster main +---- + +SecureApt +~~~~~~~~~ + +The 'Release' files in the repositories are signed with GnuPG. APT is using +these signatures to verify that all packages are from a trusted source. + +If you install {pve} from an official ISO image, the key for verification is +already installed. + +If you install {pve} on top of Debian, download and install +the key with the following commands: + +---- + # wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- + +Verify the checksum afterwards with: + +---- +# sha512sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- + +The output should be: + +---- +acca6f416917e8e11490a08a1e2842d500b3a5d9f322c6319db0927b2901c3eae23cfb5cd5df6facf2b57399d3cfa52ad7769ebdd75d9b204549ca147da52626 /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- + +or: + +---- +# md5sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- +The output should be: + +---- +f3f6c5a3a67baf38ad178e5ff1ee270c /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- + + +ifdef::wiki[] + +// include note about older releases, but only for wiki + + +{pve} 5.x Repositories +~~~~~~~~~~~~~~~~~~~~~~ + +{pve} 5.x is based on Debian 9.x (``stretch''). Please note that this release is +out of date. Existing installations should be updated. Nevertheless access to +these repositories is still provided. + +[width="100%",cols="