Updating with yum
In general you will keep your host up-to-date with the operating system’s package manager (e.g.
yum or apt), but in some special cases things may be more involved.
The following rule of thumb from Fedora may be useful when considering whether to enable this feature: It is also important to note that automatic updates do not perform all required system reboots or service restarts.
Also, auto-updates happen nightly so there may be a period of up to 24 hours where you do not receive a patch.
Just like any other host on your network, it is critical to stay up-to-date with the latest packages on your perf SONAR Toolkit.
You will want to make sure you have the latest security fixes as well as the ability to take advantage of the great new features constantly being added to the tools.
By mirroring all of the repositories that are used to build systems at your organization, you control when the get updated and you have direct access to a ‘frozen’ version of those repositories. In order to maintain the control of your systems, you have to control the updates.
In the example below, the updates will run on the 6th of every month between am and am It probably makes more sense to create a script which does all of the date/time comparison and override functionality for you, manage that script through puppet, and reference that script here in the “command” line above. Updating a system is important to maintaining its security, but it is a careful balance to maintain your system’s availability and integrity for your end users & customers. Understand, though, that it also makes your puppet server that much more critical, and making a mistake here can have a much wider impact.