Hi list, I know that there are automatic update with yum-cron but never tried. In my experiences I never did automatic backup because if update was broken my installation will be broken and I wait some time before apply update. Today seems to be that automatic update are used more than before. What do you think about automatic update? It is a good practice on a server? What is your experiences?
Thanks in advance.
Alessandro
On 03/11/2016 10:41 AM, Alessandro Baggi wrote:
Hi list, I know that there are automatic update with yum-cron but never tried. In my experiences I never did automatic backup because if update was broken my installation will be broken and I wait some time before apply update. Today seems to be that automatic update are used more than before. What do you think about automatic update? It is a good practice on a server? What is your experiences?
Thanks in advance.
Alessandro
For me, yum-cron only downloads the updates and e-mails me to let me know they are ready. It does not actually apply them.
To apply them, I ssh in and run the command "yum update" and they install fast w/o me needing to wait for the download.
That lets me test everything that is critical and make sure it works after the update.
Alessandro Baggi wrote:
Hi list, I know that there are automatic update with yum-cron but never tried. In my experiences I never did automatic backup because if update was broken my installation will be broken and I wait some time before apply update. Today seems to be that automatic update are used more than before. What do you think about automatic update? It is a good practice on a server? What is your experiences?
1. Under *NO* *CIRCUMSTANCES* would I *ever* have that running on a production machine. That's what test boxes are for. 2. If it was my own machine at home, thanks, but I want to wake up, or come home, to a guaranteed working system. I'll update, so I can always undo.
Sorry, <enter> accidentally got hit before I finished.
m.roth@5-cent.us wrote:
Alessandro Baggi wrote:
Hi list, I know that there are automatic update with yum-cron but never tried. In my experiences I never did automatic backup because if update was broken my installation will be broken and I wait some time before apply update. Today seems to be that automatic update are used more than before. What do you think about automatic update? It is a good practice on a server? What is your experiences?
- Under *NO* *CIRCUMSTANCES* would I *ever* have that running on a production machine. That's what test boxes are for.
- If it was my own machine at home, thanks, but I want to wake up, or come home, to a guaranteed working system. I'll update, so
I can always undo.
3. Systems like backup servers, etc, sure. They're not critical. 4. We don't do it on users' systems unless we're *sure* that it won't break something.
Finally, on systems where there is a concern that something might break, like video drivers, we put excludes in /etc/yum.conf, and disable them under controlled conditions (i.e., one of us is sitting there doing it.)
mark
Personally I enable yum-cron on relatively simple configs without much that could break, for example a LAMP server. Especially when they are public-facing and thus have greater exposure to security threats.
But I don't as often on things that are internal-only and/or have a more complex setup such as running software I had to compile from source.
On Mar 11, 2016, at 10:41, Alessandro Baggi alessandro.baggi@gmail.com wrote:
Hi list, I know that there are automatic update with yum-cron but never tried. In my experiences I never did automatic backup because if update was broken my installation will be broken and I wait some time before apply update. Today seems to be that automatic update are used more than before. What do you think about automatic update? It is a good practice on a server? What is your experiences?
Thanks in advance.
Alessandro _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
On 03/11/2016 12:41 PM, Alessandro Baggi wrote:
Hi list, I know that there are automatic update with yum-cron but never tried. In my experiences I never did automatic backup because if update was broken my installation will be broken and I wait some time before apply update. Today seems to be that automatic update are used more than before. What do you think about automatic update? It is a good practice on a server? What is your experiences?
Thanks in advance.
Alessandro
We run an automatic yum update nightly on most of the centos infrastructure servers.
When I managed IT for an engineering firm, for the production machines I would never automate updates though.
I would have a test environment and run my own local mirror and only put things onto the local mirror that passed through my test system and worked.
On 03/14/2016 06:36 AM, Johnny Hughes wrote:
On 03/11/2016 12:41 PM, Alessandro Baggi wrote:
Hi list, I know that there are automatic update with yum-cron but never tried. In my experiences I never did automatic backup because if update was broken my installation will be broken and I wait some time before apply update. Today seems to be that automatic update are used more than before. What do you think about automatic update? It is a good practice on a server? What is your experiences?
Thanks in advance.
Alessandro
We run an automatic yum update nightly on most of the centos infrastructure servers.
When I managed IT for an engineering firm, for the production machines I would never automate updates though.
I would have a test environment and run my own local mirror and only put things onto the local mirror that passed through my test system and worked.
I sort of do that - I have a custom local repo and when something in an update causes breakage (can't remember the last time) I google for the problem online and find a fix and rebuild the src.rpm appending a .1 to the end of release so it looks newer.
So I don't exclude things from CentOS or EPEL, I just add things to it... right now all my custome repo really has in it is solitaire and a texlive fake package that fakes out packages with require texlive (I run vanilla texlive managed by their utility, I don't like texlive as a zillion different RPMs)
Honestly though I haven't personally experienced a breakage as a result of a package update in years, and when it happens it almost always is EPEL where the maintainer did a major version bump.
-
Alessandro Baggi -
Alice Wonder -
David Nelson -
Johnny Hughes -
m.roth@5-cent.us