perfsonar-user - [perfsonar-user] Are automatic middleware updates for perfsonar safe?
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Winnie Lacesso <>
- To:
- Subject: [perfsonar-user] Are automatic middleware updates for perfsonar safe?
- Date: Wed, 22 Oct 2014 14:05:20 +0100 (BST)
Good afternoon,
Jason Zurawski recommended these questions be asked on the perfsonar-user
list (instead of to him). This was written yesterday.
I notice that in the perfsonar install we have (someone else did it, but I
assume it's fairly standard) that
1. the middleware repos are all left enabled (but not working due to #3)
2. the CentOS repos are NOT enabled /* make that were */
3. nightly yum updates (via yum-cron) are shut off /* make that were */
Normally for security we want nightly yum updates ON with the source OS
(we usually use SL, these are the only CentOS) repos left enabled so
security updates can happen.
(The recent openssl update has not auto-yum-installed on these; it has on
all our securely configured SL)
/* Note: openssl updated last night since the CentOS repos were enabled
yesterday */
Normally for stability we DON'T want the middleware repos left enabled
since, as
https://twiki.cern.ch/twiki/bin/view/EMI/GenericInstallationConfigurationEMI3#Important_note_on_automatic_upda
says: "Sometimes middleware updates require non-trivial configuration
changes or a reconfiguration of the service. This could involve service
restarts, new configuration files, etc, which makes it difficult to ensure
that automatic updates will not break a service. Thus
WE STRONGLY RECOMMEND NOT TO USE AUTOMATIC UPDATE PROCEDURE OF ANY KIND "
It seems the perfsonar install as I inherited it is upside down from that.
yum-cron is now turned on so that automatic security updates like
openssl should get installed. (Will check tomorrow.) /* Confirmed */
The CentOS repos are enabled (I hope; there was neither enabled=0 nor
enabled=1 in the repos which I've never seen before; I added enabled=1)
There is a cassandra middleware update pending. Is it safe to leave the
middleware repos all enabled & nothing related to perfsonar will break?
/* Hope so - it did update last night! */
We have 2 perfsonar servers so would like to ensure BOTH are set for
nightly security updates & not set for nightly middleware updates - unless
the perfsonar Experts say that is perfectly safe.
Grateful for your advice!
Winnie Lacesso / Bristol University Particle Physics Computing Systems
HH Wills Physics Laboratory, Tyndall Avenue, Bristol, BS8 1TL, UK
- [perfsonar-user] Are automatic middleware updates for perfsonar safe?, Winnie Lacesso, 10/22/2014
- Re: [perfsonar-user] Are automatic middleware updates for perfsonar safe?, Andrew Lake, 10/22/2014
Archive powered by MHonArc 2.6.16.