Best practices for keeping node operating system up-to-date

#1

Good morning,

I’m curious about best practices or patterns being used to keep the operating system on all the Chef-nodes up-to-date.

One option would be to have a cookbook that ran the update process for the OS, e.g., sudo apt-get update for Ubuntu. And to always create new nodes with the latest and greatest LTS release of the OS.

Another option would seem to be to periodically update the *.box image being used to create new nodes, and then to migrate all the existing nodes to new instances. This seems like a lot of work.

I’m sure there’s another option I’m not seeing.

Thanks,
Mark

mark nichols | @zanshin | zanshin.net

#2

Rolling all the boxes over to a new image with baked in updates is indeed a
lot of work. That said, I currently believe that the march towards getting
to be able to do something like that monthly / quarterly without causing
catastrophe is probably the best thing you can do for your disaster
recovery plan.

On Wed, Apr 9, 2014 at 8:27 AM, Mark H. Nichols chef@zanshin.net wrote:

Good morning,

I’m curious about best practices or patterns being used to keep the
operating system on all the Chef-nodes up-to-date.

One option would be to have a cookbook that ran the update process for the
OS, e.g., sudo apt-get update for Ubuntu. And to always create new nodes
with the latest and greatest LTS release of the OS.

Another option would seem to be to periodically update the *.box image
being used to create new nodes, and then to migrate all the existing nodes
to new instances. This seems like a lot of work.

I’m sure there’s another option I’m not seeing.

Thanks,
Mark

mark nichols | @zanshin | zanshin.net