[CentOS] broken GFS
John R Pierce
pierce at hogranch.com
Wed May 14 20:50:50 UTC 2008
Linux wrote:
> People who prepare and maintain a distro have (and should have) many
> concerns in mind. Security is one of them and integrity is another.
> But in this situation, integrity is simply ignored (on the behalf of
> GFS situation because I backed down from my XFS related complains)
>
> Disabling kernel upgrades simply solves the situation but raises some
> other questions about "What else can be broken with security
> apprehensions?"
>
> I do not know which one to choose:
> - Absolutely not-working server because of missing updates
> - Maybe will be attacked server because of missing security updates.
>
specific to GFS... GFS is a clustered file system. You do NOT run
automatic updates willy-nilly on a production cluster, there's just far
too many ways it can go bad. You test them on a staging environment
before approving their deployment, then you have to have a specific
process for applying the patches to the cluster, and if they are major
patches, this usually involves bringing the cluster down, applying the
tested and approved patches to all cluster members, then bringing the
cluster back up one node at a time, then going back live for
production. If the patches are minor, you may be able to do a
rolling upgrade, where you bring down one cluster member, patch it, put
it back online, then bring down the next, etc... The cluster
administrator have to determine the appropriate maintenance process,
then follow it religiously.
btw, what is WITH all these lame gmail addresses? linuxlist ?
centoslist ?? Do I call you Mr Linux, or Mr List ?
More information about the CentOS
mailing list