Written by Torstein Krause Johansen updated: Wednesday November 29 2017 12:55
For quite some time now, we've provided DEB and RPM packages for our software. Using these packages, Escenic's software becomes an integrated part of the operating system and eases both installation and upgrade (and even downgrade!) of one or more components.
For RedHat based systems, there's one way of using these packages:
# rpm -Uvh https://rpm.escenic.com/path/to/escenic-content-engine-6.3.rpm
or
# rpm -Uvh /path/to/local/escenic-content-engine-6.3.rpm
Debian & Ubuntu based systems on the other hand have a few more options. I will go through some of these options below and explain how they fit various scenarios.
There's some confusion on the difference between deb, dpkg and APT, so we'll explain these concepts first.
deb
is the package file format.
dpkg
is the low level tool to install these (the equivalent of the rpm
command). dpkg
doesn't know how to resolve dependencies, doesn't have a concept of repositories and doesn't know anything about upgrading or downgrading. It will happily install version 2
of foo
even though you have version 3
installed and if you install escenic-video
which depends on escenic-content-engine
, it will fail if escenic-content-engine
isn't already installed.
APT is the front end to dpkg
. It
provides dependency resolution, upgrade/downgrade-ability, GPG
management and has a concept of code names
with an optional suite
concept being a symlink to a given code name
.
By design, given a code name
, APT can only deliver one
version of any given package. E.g. there's only one version of
apache2
in Debian jessie
, another version in Debian stretch
and
so on. The same goes for apt.escenic.com. There can only be one
version of escenic-content-engine-6.3
for a given code name
.
Using APT, you can keep your Escenic software updated with the same commands as you'd use to update the rest of your system:
# apt-get update && apt-get upgrade
If you wish to install whatever is the latest, stable 6.3
release of
Escenic Content Engine, you can add our signing key and our stable
suite
to your APT configuration, e.g.:
# apt-get update
# apt-get install curl apt-transport-https vim
# curl --silent https://apt.escenic.com/repo.key | apt-key add -
# echo "deb https://user:pass@apt.escenic.com stable main non-free" \
>> /etc/apt/sources.list.d/escenic.list
# apt-get update
The user
and pass
can be obtained from Escenic support. You can now
search for all Escenic and CUE software with:
$ apt-cache search escenic
$ apt-cache search cue
And install the latest stable 6.3 release with:
# apt-get install escenic-content-engine-6.3
The above will only update the binaries available on your system, you
can also automatically apply these to your running ECE and publication
webapps by using the escenic-content-engine-updater-6.3
package,
see this
article
for more information on this.
All versions of all DEBs are available through HTTP(s). You just need to know the URL of one to get the others. You can browse all versions of all packages on here (you login using the same credentials you've gotten from Escenic support).
Let's install version 6.3.0-11
of Content Engine: The package name is escenic-content-engine-6.3
(we include <major>.<minor>
version in the package name itself to make it possible to have multiple versions installed at the same time) and the version
of that package is 6.3.0-11
. The architecture is all
(since it's
Java it should run on all CPU architectures that you may have) so the
URL becomes
https://apt.escenic.com/pool/non-free/e/escenic-content-engine-6.3/escenic-content-engine-6.3_6.3.0-11_all.deb
(you could also just copy the URL when browsing the repository). It can be installed with dpkg
:
$ cd /tmp
$ wget \
--http-user foo \
--http-password \
https://apt.escenic.com/pool/non-free/e/escenic-content-engine-6.3/escenic-content-engine-6.3_6.3.0-11_all.deb
$ su -
# dpkg -i escenic-content-engine-6.3_6.3.0-11_all.deb
The above is the Debian/Ubuntu equivalent of rpm -Uvh http://path/to/file.rpm
on RedHat/CentOS/Fedora.
If you want to follow your own QA process for a new version of ECE or
another component, you have two choices: either use deb
files
directly as described below (option #2) or use your own APT repository
with code names corresponding to your environments:
development
)testing
)staging
)As you have QAed a given version of a given Escenic component, put that version in the more stable code name pool.
Setting up your own APT repo is much easier than it sounds. Here's an
example using apache2
or nginx
and the reprepro
command to
do the dirty work.
# apt-get install nginx
nginx
and apache2
both serve files from /var/www/html
by
default. You might want to add a DNS name for apt.mycompany.com
, in
which case a server
is what you want:
# vi /etc/nginx/sites-available/apt.mycompany.com
server {
server_name apt.mycompany.com;
root /var/www/html/apt.mycompany.com;
autoindex on;
}
Enable it with:
# mkdir -p /var/www/html/apt.mycompany.com
# cd /etc/nginx/sites-enabled
# ln -s /etc/nginx/sites-available/apt.mycompany.com
# systemctl restart nginx
If the systemctl
fails with a message it cannot connect to D-Bus or if you're not using systemd
, use /etc/init.d/nginx restart
instead (or if nginx was already running, you could use reload
instead of restart
).
You should now get a reply from your new apt.mycompany.com web server definition:
$ curl -v -H "Host: apt.mycompany.com" http://localhost/
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.38.0
> Accept: */*
> Host: apt.mycompany.com
>
< HTTP/1.1 200 OK
* Server nginx/1.6.2 is not blacklisted
< Server: nginx/1.6.2
< Date: Wed, 29 Nov 2017 15:01:17 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
If that gets you a 200 OK
from apt.mycompany.com
you're home
free. Add IP of the machine running the web server to you company DNS
so that other machines can reach it under that name.
Lastly, if apt.mycompany.com
is reachable from outside your company
network, you should add HTTPS/TLS
encryption
and password
protection
(entries in /etc/apt/sources.list
both accepts
https://<user>:<pass>@
and ssh://
style URLs).
# mkdir -p /var/www/html/apt.mycompany.com/conf
# vi /var/www/html/apt.mycompany.com/conf/distributions
And one stanza per code name you want. The development
and
production
code name
s also has an alias (a suite
in Debian
lingo), the others don't have one:
Origin: My Company
Label: My company APT repository
Suite: unstable
Codename: development
Architectures: i386 amd64 source
Components: main non-free
Origin: My Company
Label: My company APT repository
Codename: testing
Architectures: i386 amd64 source
Components: main non-free
Origin: My Company
Label: My company APT repository
Codename: staging
Architectures: i386 amd64 source
Components: main non-free
Origin: My Company
Label: My company APT repository
Suite: stable
Codename: production
Architectures: i386 amd64 source
Components: main non-free
Additionally, you can create your own signing key, which you sign the packages with and make your machines put in their APT key ring. See this article for instructions on how to do this.
An easy way to get a hold of all the DEB packages from Escenic, is to have one machine that pulls them down (but doesn't necessarily install them):
# apt-get install \
--download-only \
escenic-content-engine-6.3 escenic-sse-proxy-1.0
The files are then available in /var/cache/apt/archives
. You can
then populate the development
code name pool of your own APT
repository using reprepro:
# apt-get install reprepro
# reprepro \
--keepunreferencedfiles \
-Vb /var/www/html/apt.mycompany.com \
--component non-free \
includedeb \
development \
/var/cache/apt/archives/escenic-content-engine-6.3_6.3.0-11_all.deb
All your development environments can then add this line to their
/etc/apt/sources.list.d/mycompany.list
:
# echo deb http://apt.mycompany.com development main non-free \
>> /etc/apt/sources.list.d/mycompany.list
# apt-get update
And install escenic-content-enginge-6.3
from there:
# apt-get install -t development escenic-content-engine-6.3
Once 6.3.0-11
has passed your internal QA and you want to roll it
out in say staging
, you'll add the deb
file to this code name as well. You can now use the file already inside your APT pool directory:
# reprepro \
--keepunreferencedfiles \
-Vb /var/www/html/apt.mycompany.com \
--component non-free \
includedeb \
staging \
/var/www/html/apt.mycompany.com/pool/non-free/e/escenic-content-engine-6.3/escenic-content-engine-6.3_6.3.0-11_all.deb
If you want to add an additional security measure as to which version
of the ECE packages you have installed on a machine, you may add
pinning to your APT setup. That way you will not get an accidental
upgrade of a package that you absolutely want to keep at a certain
version, add this to your /etc/apt/preferences.d/pinning
:
Package: escenic-content-engine-6.3
Pin: version 6.3.0-11
Pin-Priority: 900
You can also have your package code names in all sources list and higher priority to the production than staging and so on. That way, machines must explicitly ask for pulling the version for another environment by passing -t <code name>
to the apt-get install
command.
See APT Preferences for more information.
Using packages over zip archives have many advantages including simplified installation and easier upgrade. RedHat, CentOS & Fedora users are catered for through the RPM packages available from yum.escenic.com whereas Debian and Ubuntu users have at least 3 different paths they can follow: using the apt.escenic.com directly, setting up their own APT repo or downloading the DEB files manually and installing them with dpkg
.