Hi, Due to CVE on openssl and on kernel, I did upgrade various piece of the infrastructure ( foreman, lists, stats, monitoring ), which implied a few reboots ( due to kernel lagging behind, which is not that great with local root exploit ). As this is friday and I assumed most of the Tel Aviv office was not working, i hope this kept the disruption to a minimum. However, if something is broken, please tell it so we can fix.
This also got me thinking. In order to bring a bit more order, what about having a fixed schedule for upgrade ? In my previous position, we were doing that once per month ( except during end of quarter freeze ), with mandatory reboot ( cause if something do not boot, you want to know it when you have a planned outage, not when everyone is running around updating stuff ). Fedora has a rather complex procedure to decide what to upgrade, hilighted on http://infrastructure.fedoraproject.org/infra/docs/massupgrade.txt So we could adopt a schedule ( once per month, unless there is something critical, in which case we do it ASAP, with warning on the list and irc ). The schedule should of course take in account "business need", which is "release schedule of ovirt". So what about "first friday of the month, unless exception" ? And by update, i mean "yum upgrade -y". Cleaning the list of repo on various servers is also IMHO another task to discuss, to make sure the task can be safely executed. ( having something like mcollective/ansible/func is also needed, but that's more a convenience than a requirement at this stage ). -- Michael Scherer Open Source and Standards, Sysadmin
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Infra mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/infra
