On 09/21/2011 10:13 PM, Aleksey Tsalolikhin wrote: > Hello, > > Let's say your operating policy is "no patch updates without testing > first in the test environment". Let's say it takes you 3 weeks to > test. Over the course of the 3 weeks, the repo changes (new > packages added, old removed). > > Is there a way to "freeze" a set of packages so that when I > run "yum update" on a Prod server it'll get the same package > and patch set as the Test server did 3 weeks ago? > > It's been suggested to maintain a local mirror, and take rsync > snapshots of it daily, so then you can point the end node to a > particular repository. > > What other solutions are there? There is no solution to do updates that are different than the mainline tree, except to maintain your own repo. You have to publish the tree of tested RPMS, then you need to make sure that those packages all work together (run a repoclosure), then you run createrepo and update from your repo (that only contains tested packages which are verified by you). You could do some kind of find command with time in it to populate your test repo ... but I personally populate mine with RPMs after I test them. Of course, this puts the burden of testing and maintaining that repo on you ... but you are the only one who can decide how much testing is enough and what needs to be tested before you move a new RPM (or set of RPMS) into production. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20110923/bd52fdc4/attachment-0004.sig>