* Re: [gentoo-user] Updating our live servers. I'm scared!
@ 2013-03-28 16:48 99% ` Michael Orlitzky
0 siblings, 0 replies; 1+ results
From: Michael Orlitzky @ 2013-03-28 16:48 UTC (permalink / raw
To: gentoo-user
On 03/28/2013 11:38 AM, Nick Khamis wrote:
> Hello Everyone,
>
> Just got a ticket assigned to me where we need to update our production servers.
>
> uname -a
> Linux noun 3.4.9-gentoo #2 SMP Sat Oct 13 09:35:07 EDT 2012 x86_64
> Intel(R) Xeon(TM) CPU 3.60GHz GenuineIntel GNU/Linux
>
> eselect
> [18] hardened/linux/amd64 *
>
> I don't think they have been updated since the initial install and
> wanted to get a little feedback on some safe practices and methods
> that should be performed before and while doing so.
This isn't that old, you'll be fine. First run an emerge --sync to
update the tree. Then list everything it wants to upgrade:
emerge -puDN1 world
Once you have that list, go through a few at a time, updating
non-essential packages. For example,
emerge -u1 timezone-data man-pages ...
Every once in a while, run a revdep-rebuild. If you have service
monitoring (e.g. Nagios), great, it'll alert you if something breaks. If
not, you'll have to test the services yourself every few packages. And
don't forget to open a counter-ticket for someone to implement a
monitoring solution, already.
After a while, only important packages (apache, mysql, postfix...) will
be left. Do those one at a time, and restart the services afterwards.
Read the release notes first. Run revdep-rebuild. Check that the
services work.
Finally, you'll be left with the guaranteed-to-break updates like grub2
(50/50) and udev (100% you're fucked prepare for downtime). Grub2 can of
course be skipped until the hardware dies. Best of luck to you with udev =)
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2013-03-28 15:38 [gentoo-user] Updating our live servers. I'm scared! Nick Khamis
2013-03-28 16:48 99% ` Michael Orlitzky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox