I'm deploying many many clusters on AWS. In order to ensure uninterrupted deployment of new instances, I'd like to maintain a local apt proxy that keeps a cache of packages.
Is there a simple way to set up something like this?
Simple is relative, but most web proxies offer caching functionality either by default or with minimal configuration. Simply install a web proxy of some kind and point your proxy configuration to this system.
We're generally asked to avoid naming specific products, but Squid can work in this instance. With squid specifically the configuration directive you will want to research is cache_dir. The name and method to enable this is obviously going to vary greatly with the many web proxies available. Squid typically ships with a default config file that has a line commented out. Brief explanation of the configuration values: directive | filesystem | directory for cache | cache size in MB | first-level subdirectories | "#cache_dir ufs /var/spool/squid 100 16 256".
If you are not interested in restricting traffic then you're done. I typically implement a caching web proxy to have a whitelist and to drop all other connection attempts. This way I can ensure that my servers only connect to IPs or DNS names that I specify. This can greatly reduce an attacker's ability to exfiltrate data or otherwise break free of your security controls. It's outside the scope of this question but may be a useful thing for you to consider at some point.
Similar to @theterribletrivium answer but even simpler why not use apt-proxy which was designed specifically for this - and may even be available as an official package depending on your distro ?
