On 2014-07-30, Jonathan Billings billings@negate.org wrote:
Eventually, you'll be able to use kpatch to avoid reboots for kernel updates, (http://rhelblog.redhat.com/2014/02/26/kpatch/),
This looks very exciting!
however I tend to think that Uptime is overrated.
uptime as a number of days is overrated, but scheduling down time is certainly not.
Newer technologies, such as VMs and containers, allow services to not be tied to single servers anymore.
The container host still needs to be patched and rebooted. For simple services with light storage needs this is fine, but a container with large local storage might not be easy to hot migrate. You're certainly not going to migrate a 30TB storage container, for example.
Anyway, it's hardly Red Hat's fault that it addresses security issues promptly.
No, but the kernel itself has had a number of serious flaws this calendar year, which is what the previous poster was concerned about.
--keith