X-Git-Url: https://git.proxmox.com/?p=pve-docs.git;a=blobdiff_plain;f=pve-package-repos.adoc;h=3c28a88efc39a97a3981739befd65424afbab119;hp=58d8699d96bdedc42856d5d46a9993304eb89990;hb=43530f6fe44c20926717a95e02aa19400ad2409c;hpb=5f09af76d7282a043be8fa5439349272f506cf02 diff --git a/pve-package-repos.adoc b/pve-package-repos.adoc index 58d8699..3c28a88 100644 --- a/pve-package-repos.adoc +++ b/pve-package-repos.adoc @@ -1,141 +1,260 @@ +[[sysadmin_package_repositories]] Package Repositories -------------------- -include::attributes.txt[] - ifdef::wiki[] :pve-toplevel: endif::wiki[] -All Debian based systems use -http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as package -management tool. The list of repositories is defined in -`/etc/apt/sources.list` and `.list` files found inside -`/etc/apt/sources.d/`. Updates can be installed directly using -`apt-get`, or via the GUI. +{pve} uses http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as its +package management tool like any other Debian-based system. Repositories are +defined in the file `/etc/apt/sources.list` and in `.list` files placed in +`/etc/apt/sources.list.d/`. -Apt `sources.list` files list one package repository per line, with -the most preferred source listed first. Empty lines are ignored, and a -`#` character anywhere on a line marks the remainder of that line as a -comment. The information available from the configured sources is -acquired by `apt-get update`. +Each line defines a package repository. The preferred source must come first. +Empty lines are ignored. A `#` character anywhere on a line marks the remainder +of that line as a comment. The available packages from a repository are acquired +by running `apt-get update`. Updates can be installed directly using `apt-get`, +or via the GUI. .File `/etc/apt/sources.list` ---- -deb http://ftp.debian.org/debian jessie main contrib +deb http://ftp.debian.org/debian buster main contrib +deb http://ftp.debian.org/debian buster-updates main contrib # security updates -deb http://security.debian.org jessie/updates main contrib +deb http://security.debian.org/debian-security buster/updates main contrib ---- +// FIXME for 7.0: change security update suite to bullseye-security -In addition, {pve} provides three different package repositories. +{pve} additionally provides three different package repositories. +[[sysadmin_enterprise_repo]] {pve} Enterprise Repository ~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This is the default, stable and recommended repository, available for -all {pve} subscription users. It contains the most stable packages, -and is suitable for production use. The `pve-enterprise` repository is -enabled by default: +This is the default, stable, and recommended repository, available for all {pve} +subscription users. It contains the most stable packages and is suitable for +production use. The `pve-enterprise` repository is enabled by default: .File `/etc/apt/sources.list.d/pve-enterprise.list` ---- -deb https://enterprise.proxmox.com/debian jessie pve-enterprise +deb https://enterprise.proxmox.com/debian/pve buster pve-enterprise ---- -As soon as updates are available, the `root@pam` user is notified via -email about the available new packages. On the GUI, the change-log of -each package can be viewed (if available), showing all details of the -update. So you will never miss important security fixes. - -Please note that and you need a valid subscription key to access this -repository. We offer different support levels, and you can find further -details at http://www.proxmox.com/en/proxmox-ve/pricing. +The `root@pam` user is notified via email about available updates. Click the +'Changelog' button in the GUI to see more details about the selected update. -NOTE: You can disable this repository by commenting out the above line -using a `#` (at the start of the line). This prevents error messages -if you do not have a subscription key. Please configure the -`pve-no-subscription` repository in that case. +You need a valid subscription key to access the `pve-enterprise` repository. +Different support levels are available. Further details can be found at +https://www.proxmox.com/en/proxmox-ve/pricing. +NOTE: You can disable this repository by commenting out the above line using a +`#` (at the start of the line). This prevents error messages if you do not have +a subscription key. Please configure the `pve-no-subscription` repository in +that case. +[[sysadmin_no_subscription_repo]] {pve} No-Subscription Repository ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -As the name suggests, you do not need a subscription key to access -this repository. It can be used for testing and non-production -use. Its not recommended to run on production servers, as these -packages are not always heavily tested and validated. +This is the recommended repository for testing and non-production use. Its +packages are not as heavily tested and validated. You don't need a subscription key +to access the `pve-no-subscription` repository. We recommend to configure this repository in `/etc/apt/sources.list`. .File `/etc/apt/sources.list` ---- -deb http://ftp.debian.org/debian jessie main contrib +deb http://ftp.debian.org/debian buster main contrib +deb http://ftp.debian.org/debian buster-updates main contrib # PVE pve-no-subscription repository provided by proxmox.com, # NOT recommended for production use -deb http://download.proxmox.com/debian jessie pve-no-subscription +deb http://download.proxmox.com/debian/pve buster pve-no-subscription # security updates -deb http://security.debian.org jessie/updates main contrib +deb http://security.debian.org/debian-security buster/updates main contrib ---- +[[sysadmin_test_repo]] {pve} Test Repository ~~~~~~~~~~~~~~~~~~~~~~ -Finally, there is a repository called `pvetest`. This one contains the -latest packages and is heavily used by developers to test new -features. As usual, you can configure this using -`/etc/apt/sources.list` by adding the following line: +This repository contains the latest packages and is primarily used by developers +to test new features. To configure it, add the following line to +`etc/apt/sources.list`: .sources.list entry for `pvetest` ---- -deb http://download.proxmox.com/debian jessie pvetest +deb http://download.proxmox.com/debian/pve buster pvetest +---- + +WARNING: The `pvetest` repository should (as the name implies) only be used for +testing new features or bug fixes. + +[[sysadmin_package_repositories_ceph]] +Ceph Octopus Repository +~~~~~~~~~~~~~~~~~~~~~~~ + +NOTE: Ceph Octopus (15.2) was declared stable with {pve} 6.3 and is the most +recent Ceph release supported. It will continue to get updates for the +xref:faq-support-table[remaining life time of the 6.x release]. + +This repository holds the main {pve} Ceph Octopus packages. They are suitable +for production. Use this repository if you run the Ceph client or a full Ceph +cluster on {pve}. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-octopus buster main +---- + + +Ceph Octopus Test Repository +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This Ceph repository contains the Ceph packages before they are moved to the +main repository. It is used to test new Ceph releases on {pve}. + +.File `/etc/apt/sources.list.d/ceph.list` ---- +deb http://download.proxmox.com/debian/ceph-octopus buster test +---- + +Ceph Nautilus Repository +~~~~~~~~~~~~~~~~~~~~~~~~ + +NOTE: Ceph Nautlius (14.2) is the older supported Ceph version, introduced with +{pve} 6.0. It will continue to get updates until end of Q2 2021, so you will +eventually need to +https://pve.proxmox.com/wiki/Ceph_Nautilus_to_Octopus[upgrade to Ceph Octopus]. + +This repository holds the main {pve} Ceph Nautilus packages. They are suitable +for production. Use this repository if you run the Ceph client or a full Ceph +cluster on {pve}. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-nautilus buster main +---- + + +Ceph Nautilus Test Repository +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -WARNING: the `pvetest` repository should (as the name implies) only be used -for testing new features or bug fixes. +This Ceph repository contains the Ceph packages before they are moved to the +main repository. It is used to test new Ceph releases on {pve}. +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-nautilus buster test +---- + +{pve} Ceph Luminous Repository For Upgrade +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +If Ceph is deployed this repository is needed for the upgrade from {pve} 5.x to +{pve} 6.0. It provides packages for the older Ceph Luminous release for {pve} +6.0. + +The https://pve.proxmox.com/wiki/Upgrade_from_5.x_to_6.0[Upgrade 5.x to 6.0] +document explains how to use this repository in detail. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-luminous buster main +---- SecureApt ~~~~~~~~~ -We use GnuPG to sign the `Release` files inside those repositories, -and APT uses that signatures to verify that all packages are from a -trusted source. +The 'Release' files in the repositories are signed with GnuPG. APT is using +these signatures to verify that all packages are from a trusted source. -The key used for verification is already installed if you install from -our installation CD. If you install by other means, you can manually -download the key with: +If you install {pve} from an official ISO image, the key for verification is +already installed. - # wget http://download.proxmox.com/debian/key.asc +If you install {pve} on top of Debian, download and install +the key with the following commands: -Please verify the fingerprint afterwards: +---- + # wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- + +Verify the checksum afterwards with: ---- -# gpg --with-fingerprint key.asc -pub 1024D/9887F95A 2008-10-28 Proxmox Release Key - Key fingerprint = BE25 7BAA 5D40 6D01 157D 323E C23A C7F4 9887 F95A -sub 2048g/A87A1B00 2008-10-28 +# sha512sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg ---- -If this shows the exact same fingerprint, you can add the key to the -list of trusted APT keys: +The output should be: - # apt-key add key.asc +---- +acca6f416917e8e11490a08a1e2842d500b3a5d9f322c6319db0927b2901c3eae23cfb5cd5df6facf2b57399d3cfa52ad7769ebdd75d9b204549ca147da52626 /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- + +or: + +---- +# md5sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- +The output should be: + +---- +f3f6c5a3a67baf38ad178e5ff1ee270c /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- ifdef::wiki[] // include note about older releases, but only for wiki + +{pve} 5.x Repositories +~~~~~~~~~~~~~~~~~~~~~~ + +{pve} 5.x is based on Debian 9.x (``stretch''). Please note that this release is +out of date. Existing installations should be updated. Nevertheless access to +these repositories is still provided. + +[width="100%",cols="