This guide assumes you have Proxmox Virtual Enviroment 5.1 setup and running.
Obtaining LXC Template on Proxmox
LXC templates for Proxmox are able to be searched and downloaded directly from the pve shell with the pveam
utility. After updating, we can print the list of available templates, and this list can be shortened by piping the output to grep
. I will be installing the Ubuntu 16.04 LTS template.
From your pve shell:
1 2 3 |
root@pve:~$ pveam update root@pve:~$ pveam available | grep ubuntu root@pve:~$ pveam download local ubuntu-16.04-standard_16.04-1_amd64.tar.gz |
Creating the Linux Container (LXC)
In the upper right hand corner of your pve web interface, click the Create CT button. Because we are using an LXC, very few system resources need to be allocated. Step through the tabs in the popup window and set the following items:
General
- Hostname: Linux-Management
- Password & Confirm Password
Template
- Template: ubuntu-16.04-standard_16.04-1_amd64.tar.gz
Root Disk
- Disk size (GB): 2
CPU
- Cores: 2
Memory
- Memory (MB): 512
- Swap (MB): 0
Network
- Unique for network setup
- Ensure correct Bridge, VLAN Tag (if applicable) are selected
- Set IPv4 to DHCP and add a static IP with the LXC’s MAC address to your router’s configuration
DNS
- Unique for network setup
Confirm
- Finish
Upgrade newly created LXC
Start your LXC and enter the console. If you are met with a blank screen, hit ENTER to display the login prompt.
Login with the username root and the password created during the setup dialouge. We will first create a non-root user, and add it the the sudoers group. Follow the on screen prompts to create a password and add optional extra information for the user. Then exit back to login prompt.
1 2 3 |
root@Linux-Management:~$ adduser sean root@Linux-Management:~$ usermod -aG sudo sean root@Linux-Management:~$ exit |
Login as your new user and upgrade the container:
1 2 3 4 |
sean@Linux-Management:~$ sudo apt update sean@Linux-Management:~$ sudo apt upgrade sean@Linux-Management:~$ sudo apt full-upgrade sean@Linux-Management:~$ sudo reboot |
Mount CIFS Share inside LXC
In order to mount a network share in our LXC, we need to first attach it to the pve host. Enter the pve shell, and create the directory for the mount location:
1 |
root@pve:~$ mkdir /mnt/Linux-Management |
Next, add the network share to the end of the host’s /etc/fstab
file:
1 |
//10.0.xxx.xxx/<Network-Share> /mnt/Linux-Management cifs username=<Share_Username>,password=<Share_Password>,gid=<Share_Group_ID>,dir_mode=0770,file_mode=0770,users,rw,noauto 0 0 |
Please note that you may need to adjust the options to accommodate how your network share is configured. Mount the network share with the following:
1 |
root@pve:~$ mount /mnt/Linux-Management |
Next, we need to edit the LXC configuration file at /etc/pve/lxc/<CTID>.conf
to mount the network share. Add the following to the end of the configuration:
1 |
lxc.mount.entry: /mnt/Linux-Management Linux-Management none bind,create=dir,optional 0 0 |
The container needs to be rebooted in order to load the changes to the configuration file.
1 |
sean@Linux-Management:~$ sudo reboot |
Setup apt-cacher-ng
From the LXC console, install the apt-cacher-ng
package:
1 |
sean@Linux-Management:~$ apt install apt-cacher-ng |
Check the permissions of the folder with:
1 |
sean@Linux-Management:~$ ls -la /Linux-Management/ |
We will want to create a new group that matches the GID
of the folder. The name of the group on my NAS is freenas
, so I will be using that name here as well. We will then add our account user and the apt-cacher-ng
user to this group.
1 2 3 |
sean@Linux-Management:~$ sudo groupadd -g 1001 freenas sean@Linux-Management:~$ sudo usermod -aG freenas sean sean@Linux-Management:~$ sudo usermod -aG freenas apt-cacher-ng |
Setup the cache folder within the mounted network share:
1 |
sean@Linux-Management:~$ mkdir /Linux-Management/apt-cacher-ng/ |
Edit /etc/apt-cacher-ng/acng.conf
as the superuser (aka sudo
) with the editor of your choice. Set the cache storage location as follows:
1 |
CacheDir: /Linux-Management/apt-cacher-ng |
Under the commented out BindAddress
line, add the following:
1 |
BindAddress: 0.0.0.0 |
Comment out distributions that you do not use on your network. For my configuration, I am keeping Ubuntu and Debian only.
Lastly, uncomment the PidFile line. Save the file and restart the apt-cacher-ng
service by executing:
1 |
root@Linux-Management:~$ sudo /etc/init.d/apt-cacher-ng restart |
You should now be able to visit the Apt-Cacher NG maintenance page by visiting:
http://10.0.xxx.xxx:3142/acng-report.html
where 10.0.xxx.xxx
is the IP address of your LXC.
Fixing CacheDir Bug
As of writing this, changing the location of the cache directory in the configuration has no effect. A fix for this until an upsteam solution can be applied is to move all cached packages to a temporary location, link your preferred directory to the hard coded default directory, and move the cache to the new linked location. This can be done as follows:
1 2 |
root@Linux-Management:~$ sudo rm -r /var/cache/apt-cacher-ng root@Linux-Management:~$ sudo ln -s /Linux-Management/apt-cacher-ng/ /var/cache/ |
The bug report can be found here: CacheDir setting ignored
Setup Clients
In order for your Debian based installations to take advantage of the newly created cache, they need to be directed to the server location. On each client (including the LXC hosting the cache), create the file /etc/apt/apt.conf.d/02proxy
and add the following:
1 |
Acquire::http { Proxy "http://10.0.xxx.xxx:3142"; }; |
From this point on, all update requests are directed to our LXC. The LXC will then serve a cached version of a package or download and cache any new packages needed by your Debian systems.