X-Git-Url: https://git.proxmox.com/?p=pve-docs.git;a=blobdiff_plain;f=pve-package-repos.adoc;h=84141b4defd90438c3810f953ae2cd829c1d561f;hp=ea39891b84e0bf6978a03f1b7ad8d09cc9ab8ffb;hb=66aecccb578bc5ab3e94532f3aebe63adac820c8;hpb=d24baf6d134ef202a82ae98b64dd65ee365b39c9 diff --git a/pve-package-repos.adoc b/pve-package-repos.adoc index ea39891..84141b4 100644 --- a/pve-package-repos.adoc +++ b/pve-package-repos.adoc @@ -5,149 +5,208 @@ ifdef::wiki[] :pve-toplevel: endif::wiki[] -All Debian based systems use -http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as package -management tool. The list of repositories is defined in -`/etc/apt/sources.list` and `.list` files found inside -`/etc/apt/sources.d/`. Updates can be installed directly using -`apt-get`, or via the GUI. - -Apt `sources.list` files list one package repository per line, with -the most preferred source listed first. Empty lines are ignored, and a -`#` character anywhere on a line marks the remainder of that line as a -comment. The information available from the configured sources is -acquired by `apt-get update`. +{pve} uses http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as its +package management tool like any other Debian-based system. + +Repositories in {pve} +~~~~~~~~~~~~~~~~~~~~~ + +Repositories are a collection of software packages, they can be used to install +new software, but are also important to get new updates. + +NOTE: You need valid Debian and Proxmox repositories to get the latest +security updates, bug fixes and new features. + +APT Repositories are defined in the file `/etc/apt/sources.list` and in `.list` +files placed in `/etc/apt/sources.list.d/`. + +Repository Management +^^^^^^^^^^^^^^^^^^^^^ + +[thumbnail="screenshot/gui-node-repositories.png"] + +Since Proxmox VE 7.0 you can check the repository state in the web interface. +The node summary panel shows a high level status overview, while the separate +'Repository' panel shows in-depth status and list of all configured +repositories. + +Basic repository management, for example, activating or deactivating a +repository, is also supported. + +Sources.list +^^^^^^^^^^^^ + +In a `sources.list` file, each line defines a package repository. The preferred +source must come first. Empty lines are ignored. A `#` character anywhere on a +line marks the remainder of that line as a comment. The available packages from +a repository are acquired by running `apt-get update`. Updates can be installed +directly using `apt-get`, or via the GUI (Node -> Updates). .File `/etc/apt/sources.list` ---- -deb http://ftp.debian.org/debian stretch main contrib -deb http://ftp.debian.org/debian stretch-updates main contrib +deb http://ftp.debian.org/debian bullseye main contrib +deb http://ftp.debian.org/debian bullseye-updates main contrib # security updates -deb http://security.debian.org stretch/updates main contrib +deb http://security.debian.org/debian-security bullseye-security main contrib ---- -In addition, {pve} provides three different package repositories. +{pve} provides three different package repositories. +[[sysadmin_enterprise_repo]] {pve} Enterprise Repository ~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This is the default, stable and recommended repository, available for -all {pve} subscription users. It contains the most stable packages, -and is suitable for production use. The `pve-enterprise` repository is -enabled by default: +This is the default, stable, and recommended repository, available for all {pve} +subscription users. It contains the most stable packages and is suitable for +production use. The `pve-enterprise` repository is enabled by default: .File `/etc/apt/sources.list.d/pve-enterprise.list` ---- -deb https://enterprise.proxmox.com/debian/pve stretch pve-enterprise +deb https://enterprise.proxmox.com/debian/pve bullseye pve-enterprise ---- -As soon as updates are available, the `root@pam` user is notified via -email about the available new packages. On the GUI, the change-log of -each package can be viewed (if available), showing all details of the -update. So you will never miss important security fixes. - -Please note that and you need a valid subscription key to access this -repository. We offer different support levels, and you can find further -details at https://www.proxmox.com/en/proxmox-ve/pricing. +The `root@pam` user is notified via email about available updates. Click the +'Changelog' button in the GUI to see more details about the selected update. -NOTE: You can disable this repository by commenting out the above line -using a `#` (at the start of the line). This prevents error messages -if you do not have a subscription key. Please configure the -`pve-no-subscription` repository in that case. +You need a valid subscription key to access the `pve-enterprise` repository. +Different support levels are available. Further details can be found at +https://www.proxmox.com/en/proxmox-ve/pricing. +NOTE: You can disable this repository by commenting out the above line using a +`#` (at the start of the line). This prevents error messages if you do not have +a subscription key. Please configure the `pve-no-subscription` repository in +that case. +[[sysadmin_no_subscription_repo]] {pve} No-Subscription Repository ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -As the name suggests, you do not need a subscription key to access -this repository. It can be used for testing and non-production -use. Its not recommended to run on production servers, as these -packages are not always heavily tested and validated. +This is the recommended repository for testing and non-production use. Its +packages are not as heavily tested and validated. You don't need a subscription key +to access the `pve-no-subscription` repository. We recommend to configure this repository in `/etc/apt/sources.list`. .File `/etc/apt/sources.list` ---- -deb http://ftp.debian.org/debian stretch main contrib -deb http://ftp.debian.org/debian stretch-updates main contrib +deb http://ftp.debian.org/debian bullseye main contrib +deb http://ftp.debian.org/debian bullseye-updates main contrib # PVE pve-no-subscription repository provided by proxmox.com, # NOT recommended for production use -deb http://download.proxmox.com/debian/pve stretch pve-no-subscription +deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription # security updates -deb http://security.debian.org stretch/updates main contrib +deb http://security.debian.org/debian-security bullseye-security main contrib ---- +[[sysadmin_test_repo]] {pve} Test Repository ~~~~~~~~~~~~~~~~~~~~~~ -Finally, there is a repository called `pvetest`. This one contains the -latest packages and is heavily used by developers to test new -features. As usual, you can configure this using -`/etc/apt/sources.list` by adding the following line: +This repository contains the latest packages and is primarily used by developers +to test new features. To configure it, add the following line to +`etc/apt/sources.list`: .sources.list entry for `pvetest` ---- -deb http://download.proxmox.com/debian/pve stretch pvetest +deb http://download.proxmox.com/debian/pve bullseye pvetest ---- -WARNING: the `pvetest` repository should (as the name implies) only be used -for testing new features or bug fixes. +WARNING: The `pvetest` repository should (as the name implies) only be used for +testing new features or bug fixes. [[sysadmin_package_repositories_ceph]] -{pve} Ceph Repository -~~~~~~~~~~~~~~~~~~~~~ +Ceph Pacific Repository +~~~~~~~~~~~~~~~~~~~~~~~ + +NOTE: Ceph Pacific (16.2) was declared stable with {pve} 7.0. + +This repository holds the main {pve} Ceph Pacific packages. They are suitable +for production. Use this repository if you run the Ceph client or a full Ceph +cluster on {pve}. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-pacific bullseye main +---- + + +Ceph Pacific Test Repository +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This Ceph repository contains the Ceph Pacific packages before they are moved +to the main repository. It is used to test new Ceph releases on {pve}. + +.File `/etc/apt/sources.list.d/ceph.list` +---- +deb http://download.proxmox.com/debian/ceph-pacific bullseye test +---- + +[[sysadmin_package_repositories_ceph_octopus]] +Ceph Octopus Repository +~~~~~~~~~~~~~~~~~~~~~~~ -This is {pve}'s main Ceph repository and holds the Ceph packages for -production use. You can also use this repository to update only the Ceph -client. +NOTE: Ceph Octopus (15.2) was declared stable with {pve} 6.3 it will continue +to get updates for the xref:faq-support-table[remaining life time of the 6.x release] +and also for {pve} 7.x until Ceph Octopus upstream EOL (~ 2022-07). + +This repository holds the main {pve} Ceph Octopus packages. They are suitable +for production. Use this repository if you run the Ceph client or a full Ceph +cluster on {pve}. .File `/etc/apt/sources.list.d/ceph.list` ---- -deb http://download.proxmox.com/debian/ceph-luminous stretch main +deb http://download.proxmox.com/debian/ceph-octopus bullseye main ---- +Note that on an older {pve} 6.x you need to change `bullseye` to `buster` in +the repository specification above. + -{pve} Ceph Testing Repository -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Ceph Octopus Test Repository +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This Ceph repository contains the Ceph packages before they are moved into the -main repository and is used to test new Ceph release on {pve}. +This Ceph repository contains the Ceph packages before they are moved to the +main repository. It is used to test new Ceph releases on {pve}. .File `/etc/apt/sources.list.d/ceph.list` ---- -deb http://download.proxmox.com/debian/ceph-luminous stretch test +deb http://download.proxmox.com/debian/ceph-octopus bullseye test ---- +[[repos_secure_apt]] SecureApt ~~~~~~~~~ -We use GnuPG to sign the `Release` files inside those repositories, -and APT uses that signatures to verify that all packages are from a -trusted source. +The 'Release' files in the repositories are signed with GnuPG. APT is using +these signatures to verify that all packages are from a trusted source. -The key used for verification is already installed if you install from -our installation CD. If you install by other means, you can manually -download the key with: +If you install {pve} from an official ISO image, the key for verification is +already installed. - # wget http://download.proxmox.com/debian/proxmox-ve-release-5.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg +If you install {pve} on top of Debian, download and install +the key with the following commands: + +---- + # wget https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg +---- -Please verify the checksum afterwards: +Verify the checksum afterwards with the `sha512sum` CLI tool: ---- -# sha512sum /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg -ffb95f0f4be68d2e753c8875ea2f8465864a58431d5361e88789568673551501ae574283a4e0492f17d79dc67edfb173a56a6304dea39e01f249ebdabc9f074a /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg +# sha512sum /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg +7fb03ec8a1675723d2853b84aa4fdb49a46a3bb72b9951361488bfd19b29aab0a789a4f8c7406e71a69aabbc727c936d3549731c4659ffa1a08f44db8fdcebfa /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg ---- -or +or the `md5sum` CLI tool: ---- -# md5sum /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg -511d36d0f1350c01c42a3dc9f3c27939 /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg +# md5sum /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg +bcc35c7173e0845c0d6ad6470b70f50e /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg ---- @@ -156,52 +215,88 @@ ifdef::wiki[] // include note about older releases, but only for wiki +{pve} 6.x Repositories +~~~~~~~~~~~~~~~~~~~~~~ + +{pve} 6.x is based on Debian 10.x (``buster''). Please note that this release is +out of date. Existing installations should be updated. Nevertheless access to +these repositories is still provided. + +[width="100%",cols="