On Monday 02 Jan 2012 10:06:39 Alan McKinnon wrote: > On Sun, 01 Jan 2012 19:24:35 -0500 > > Michael Orlitzky <mich...@orlitzky.com> wrote: > > On 01/01/2012 07:09 PM, Neil Bothwick wrote: > > > On Sun, 01 Jan 2012 18:07:45 -0500, Michael Orlitzky wrote: > > >> Usually it's because a world update wants to do both trivial > > >> version bumps and replace major software at the same time. I can't > > >> take a server down for an hour in the middle of the day to update > > >> Apache, but I can bump timezone-data, sure. > > > > > > Why would you need to take it down? All you need to do is restart > > > Apache after the update. > > > > I have to test, like, 200 websites to make sure they still work. > > Something /always/ breaks. > > > > Apache was just an example. PHP is the same way: functions get > > removed, renamed, or just subtly changed. I can't replace Dovecot > > with users logged in. I can't upgrade/restart postgresql while > > clients are hitting it. If I'm working remotely, I don't want to > > update openvpn, iptables, or even openssh. There's a long list of > > packages that I just ain't gonna mess with during the day. > > You have a production machine delivering valuable services to multiple > users. > > Therefore you must only update *anything* on it during planned > maintenance slots. If paying customers are involved then preferably > with a second redundant parallel machine to take over the load during > that slot. You don't have much of an option about this in the real > world, think of it as a constraint that you must simply deal with. > > Or think about it another way, if the machine was running RHEL, you > wouldn't just blindly run yum update in the middle of the working day > and expect it to all be just fine.
+1 Even on binary distros I would be apprehensive to update/upgrade a production machine, unless I have run the updates on the test box first. Even so, because I do not have the luxury of identical hardware some times the odd thing may break, but it is a very rare occurrence. With everything running on VMs these days (although not yet my case) this is becoming less of a problem I would think. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.