docs/139095: new article on creating an internal FreeBSD Update Server
Jason
jhelfman at e-e.com
Thu Oct 15 19:10:02 UTC 2009
The following reply was made to PR docs/139095; it has been noted by GNATS.
From: Jason <jhelfman at e-e.com>
To: bug-followup at FreeBSD.org, jhelfman at e-e.com
Cc:
Subject: Re: docs/139095: new article on creating an internal FreeBSD
Update Server
Date: Thu, 15 Oct 2009 11:19:26 -0700
--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
Submitting a patch to my original PR.
--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=patch
*** article.sgml.orig Thu Oct 15 10:48:39 2009
--- article.sgml Thu Oct 15 11:07:31 2009
***************
*** 1,5 ****
--- 1,6 ----
+ <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
<!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
%articles.ent;
<!ENTITY fbus.ap "<application>FreeBSD Update Server</application>">
]>
***************
*** 62,72 ****
<listitem>
<para>An ssh account on a remote machine to upload the distributed updates, &man.ssh.1;.</para>
</listitem>
<listitem>
! <para>A web server, with over half of the the space required for the build.
For instance, my builds total 4G, and the webserver space needed to
distribute updates is 2.6G.
</para>
</listitem>
--- 63,73 ----
<listitem>
<para>An ssh account on a remote machine to upload the distributed updates, &man.ssh.1;.</para>
</listitem>
<listitem>
! <para>An <ulink url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-apache.html">Apache</ulink> web server, with over half of the the space required for the build.
For instance, my builds total 4G, and the webserver space needed to
distribute updates is 2.6G.
</para>
</listitem>
***************
*** 78,88 ****
</itemizedlist>
<sect1 id="Configuration">
<title>Configuration: Installation & Setup</title>
! <para>Download the <ulink url="http://www.freebsd.org/cgi/cvsweb.cgi/projects/freebsd-update-server/">freebsd-update-server software</ulink>. There is a tarball that can be downloaded, or you can csup projects-all, &man.csup.1;.</para>
<para>Update
<filename>scripts/build.conf</filename> appropriately for your
environment. It is sourced during build and push operations.</para>
--- 79,89 ----
</itemizedlist>
<sect1 id="Configuration">
<title>Configuration: Installation & Setup</title>
! <para>Download the <ulink url="http://www.freebsd.org/cgi/cvsweb.cgi/projects/freebsd-update-server/">freebsd-update-server</ulink> software. There is a tarball that can be downloaded, or you can csup projects-all, &man.csup.1;.</para>
<para>Update
<filename>scripts/build.conf</filename> appropriately for your
environment. It is sourced during build and push operations.</para>
***************
*** 173,184 ****
cc -O2 -fno-strict-aliasing -pipe unstamp.c -o unstamp
install findstamps ../bin
install unstamp ../bin
rm -f findstamps unstamp
Generating RSA private key, 4096 bit long modulus
! ...............................................................................++
! ..................++
e is 65537 (0x10001)
Public key fingerprint:
27ef53e48dc869eea6c3136091cc6ab8589f967559824779e855d58a2294de9e
--- 174,185 ----
cc -O2 -fno-strict-aliasing -pipe unstamp.c -o unstamp
install findstamps ../bin
install unstamp ../bin
rm -f findstamps unstamp
Generating RSA private key, 4096 bit long modulus
! ................................................................................++
! ...................++
e is 65537 (0x10001)
Public key fingerprint:
27ef53e48dc869eea6c3136091cc6ab8589f967559824779e855d58a2294de9e
***************
*** 1188,1198 ****
<note>
<para>Updates for the current release of the &os; system you are updating, and what you want to upgrade to need to be built in order for your internal &os; Update Server to properly work. This is necessary for merging of files between the releases.</para>
</note>
! <para>You are not ready to test the updates you've uploaded.</para>
<para>Update client's <keycap>KeyPrint</keycap> and <keycap>ServerName</keycap> in <filename>/etc/freebsd-update.conf</filename>, and perform updates as instructed in the <ulink url="http://www.freebsd.org/doc/en/books/handbook/updating-freebsdupdate.html"> &os; Update </ulink> instructions in the handbook.
<sect1 id="patch">
<title>Building a Patch</title>
--- 1189,1199 ----
<note>
<para>Updates for the current release of the &os; system you are updating, and what you want to upgrade to need to be built in order for your internal &os; Update Server to properly work. This is necessary for merging of files between the releases.</para>
</note>
! <para>You are now ready to test the updates you've uploaded.</para>
<para>Update client's <keycap>KeyPrint</keycap> and <keycap>ServerName</keycap> in <filename>/etc/freebsd-update.conf</filename>, and perform updates as instructed in the <ulink url="http://www.freebsd.org/doc/en/books/handbook/updating-freebsdupdate.html"> &os; Update </ulink> instructions in the handbook.
<sect1 id="patch">
<title>Building a Patch</title>
***************
*** 1983,1997 ****
<listitem>
<para>Add <command>make -j <replaceable>NUMBER</replaceable> </command> to <filename>scripts/build.subr</filename> to speed up your processing. I have found that adding flags to anything other than <command>make buildworld</command> and <command>make obj</command> can be unreliable.</para>
</listitem>
<listitem>
! <para>Create a firewall rule to block outgoing RST packets. Due to a bug noted <ulink url="http://unix.derkeiler.com/Mailing-Lists/FreeBSD/stable/2009-04/msg00365.html"> in this posting </ulink> by the the author of freebsd-update-server, you will have many many time-outs and fail to update a system without many pains along the way. I have found that the bug still exists in my adventures with this software.</para>
</listitem>
<listitem>
! <para>I haven't experimented with this just yet, however if you create an SRV record for your update server, and put others behind it with variable weights, that would be the equivalent of creating mirrors.</para>
</listitem>
<listitem>
<para>Please read the source documentation, as well, as I have not experimented with all features of the software.</para>
</listitem>
--- 1984,2001 ----
<listitem>
<para>Add <command>make -j <replaceable>NUMBER</replaceable> </command> to <filename>scripts/build.subr</filename> to speed up your processing. I have found that adding flags to anything other than <command>make buildworld</command> and <command>make obj</command> can be unreliable.</para>
</listitem>
<listitem>
! <para>Create a firewall rule to block outgoing RST packets. Due to a bug noted <ulink url="http://unix.derkeiler.com/Mailing-Lists/FreeBSD/stable/2009-04/msg00365.html"> in this posting </ulink> by the author of freebsd-update-server, you will have many time-outs and fail to update a system.</para>
</listitem>
<listitem>
! <para>If you create an appropriate <ulink url="http://www.freebsd.org/doc/en/books/handbook/network-dns.html">DNS</ulink> server SRV record for your update server, and put others behind it with variable weights, that would be the equivalent of creating mirrors.</para>
! <screen> _http._tcp.update.myserver.com. IN SRV 0 2 80 host1.myserver.com.
! SRV 0 1 80 host2.myserver.com.
! SRV 0 0 80 host3.myserver.com.</screen>
</listitem>
<listitem>
<para>Please read the source documentation, as well, as I have not experimented with all features of the software.</para>
</listitem>
--VS++wcV0S1rZb1Fb--
More information about the freebsd-doc
mailing list